SlideShare a Scribd company logo

Edinburgh

Download as PPT, PDF
Colin McLean
Colin McLean

E-Crime Scotland slides for Hacking demos

Technology
1 of 26
Colin McLean Lecturer in Ethical Hacking
 This is a stand-alone environment.  Seeing attacks makes a difference!  Please don’t try any of this at home!  PS Adam is a 4th year Ethical Hacking student at Abertay.
Installed On my PC. Adam will try to hack it.. Installed On my PC. Adam will try to hack it..
And generally not as well defended.
Web server Web app Web app Web app Web app transport DB DB App server (optional) Web client: IE, Firefox, Opera, etc. HTTP response (HTML, JavaScript, VBScript, etc.) HTTP request Clear- text or SSL • Apache • IIS • Netscape • etc. • ColdFusion • Oracle 9iAS • GlassFish • etc. • Perl • C++ • CGI • Java • ASP • PHP • etc. • ADO • ODBC • JDBC • etc. • Oracle • SQL Server • etc. • AJP • IIOP • etc.
Web server Web app Web app Web app Web app transport DB DB App server (optional)
 Entering Colin and test gives a SQL query similar to the following: - $query = "SELECT * FROM accounts WHERE username=‘Colin' AND password=‘test’;  PROBLEM: - Often there is no filtering of input meaning that a hacker can inject CODE. Typical Code $username = $_REQUEST["username"]; $password = $_REQUEST["password"]; $query = "SELECT * FROM accounts WHERE username='$username' AND password='$password';
 Entering blah ‘OR 1=1#  In MYSQL, “#” is a comment. $query = SELECT * FROM accounts WHERE username= '$username' AND password= '$password';  Gives $query = SELECT * FROM accounts WHERE username= ‘blah' OR 1=1# password= ''  Effectively $query = SELECT * FROM accounts WHERE username= ‘blah' OR 1=1
 HacmeBank has an SQL injection flaw.  Adam is currently trying to do as much as damage as he can by exploiting this flaw....  “SQLMAP” tool as used by hacking groups.
login_id password user_name JV JV789 Joe Vilella JM jm789 John Mathew JC jc789 Jane Chris
Abertay Ethical Hacking Group user_id branch curren cy account_no account_type creation_date balance_amount 1 Texas-Remington Circle USD 5204320422040000 Platinum Jun 14 2005 1:29AM 16779 1 Texas-Remington Circle USD 5204320422040000 Silver Jun 14 2005 1:29AM 8145 2 Mahnattan - New york USD 5204320422040000 Silver Sep 14 2005 1:29AM 8555 2 Mahnattan - New York USD 5204320422040000 Platinum Sep 12 2005 1:23AM 91000 3L A-Hoston Road USD 5204320422040000 Platinum Jun 14 2005 1:29AM 4800 3L A-Hoston Road USD 5204320422040000 Silver Jun 14 2005 1:29AM 5100 3 Buston-Richadson Avenue USD 5204320422040000 Platinum Jun 14 2005 1:29AM 7600 3 Buston-Richadson Avenue USD 5204320422040000 Silver Jun 14 2005 1:29AM 1200 2 Mahnattan - New York USD 5204320422040000 Gold Oct 12 2005 1:23AM 850 Transactions tableTransactions table
 Gain a “shell” on the victims PC.  Stop firewall  Deface Web site  Could also publish database on the Internet.
 Reputation?  Compensation?  Could be devastating for the company.
 Approximately 3 lines of code..  AWARENESS.  Only one of many Web flaws.  A1-Injection  A2-Broken Authentication and Session Management  A3-Cross-Site Scripting (XSS)  A4- Insecure Direct Object References  A5-Security Misconfiguration  A6-Sensitive Data Exposure  A7-Missing Function Level Access Control  A8-Cross-Site Request Forgery (CSRF)  A9-Using Components with Known Vulnerabilities  A10-Unvalidated Redirects and Forwards .  ..etc
We are all vulnerable. No such thing as a “dumb user”.
 Relies on victim clicking on a link (e.g. E-Mail, Google search .....etc).  Hackers success against a company can be greatly increased using targeting users.  E.g. Might not be easy to get an accountant to click on any old link....but...
 Get user to visit a page...  Issue commands from the menu.
This is many users view of what a trojan is... This is many users view of what a trojan is...
 Install... ◦ Visit the wrong web page/install the wrong software/Someone gets on your PC.  Anti-virus can be evaded relatively easily.  The ultimate hack.
Unpatched / Downloaded.. How dangerous? Unpatched / Downloaded.. How dangerous? • This demo applies to “out of date” software or packages downloaded from the Internet. • If a flaw isn’t fixed then this is what can happen.
 Technical controls can help greatly but  Developers/Networking staff/IT Staff/User awareness is a major mitigation.  Most modern hacking attacks require user “help”.
 Awareness training @ Abertay Uni... ◦ Pen Testing & Vulnerability Assessment (2 days) ◦ Security awareness for users (1/2 day) ◦ Web Security testing (2 days) ◦ Security Awareness for Managers (1/2 day) ◦ Secure Coding (1 day) ◦ Wireless security (1 day) ◦ Intro to Digital Forensics (2 days) ◦ Network Forensics (2 days).  In our Ethical Hacking lab or in your company.
Any questions? Abertay Ethical Hacking Group

Recommended

Accessible Websites With Lotus Notes/Domino, presented at the BLUG day event,...
Accessible Websites With Lotus Notes/Domino, presented at the BLUG day event,...Accessible Websites With Lotus Notes/Domino, presented at the BLUG day event,...
Accessible Websites With Lotus Notes/Domino, presented at the BLUG day event,...Martin Leyrer
 
Firefox for Android Nightly (Fennec) Testing
Firefox for Android Nightly (Fennec) TestingFirefox for Android Nightly (Fennec) Testing
Firefox for Android Nightly (Fennec) TestingAshish Namdev
 
Foundations of Security
Foundations of SecurityFoundations of Security
Foundations of SecurityJoe Robb
 
Automating Accessibility: WordCamp Minneapolis 2015
Automating Accessibility: WordCamp Minneapolis 2015Automating Accessibility: WordCamp Minneapolis 2015
Automating Accessibility: WordCamp Minneapolis 2015Joseph Dolson
 
FOWA Miami 2009 - Y!OS
FOWA Miami 2009 - Y!OSFOWA Miami 2009 - Y!OS
FOWA Miami 2009 - Y!OSJonathan LeBlanc
 
Fix The Future - Accessibility Testing Using Wave
Fix The Future - Accessibility Testing Using WaveFix The Future - Accessibility Testing Using Wave
Fix The Future - Accessibility Testing Using WaveKaraMichelleHarkins
 
Mozilla Labs Meeti
Mozilla Labs MeetiMozilla Labs Meeti
Mozilla Labs MeetiJonathan LeBlanc
 
Browser MVC with YQL and YUI
Browser MVC with YQL and YUIBrowser MVC with YQL and YUI
Browser MVC with YQL and YUIJonathan LeBlanc
 

Recommended

Accessible Websites With Lotus Notes/Domino, presented at the BLUG day event,...
Accessible Websites With Lotus Notes/Domino, presented at the BLUG day event,...Accessible Websites With Lotus Notes/Domino, presented at the BLUG day event,...
Accessible Websites With Lotus Notes/Domino, presented at the BLUG day event,...Martin Leyrer
 
Firefox for Android Nightly (Fennec) Testing
Firefox for Android Nightly (Fennec) TestingFirefox for Android Nightly (Fennec) Testing
Firefox for Android Nightly (Fennec) TestingAshish Namdev
 
Foundations of Security
Foundations of SecurityFoundations of Security
Foundations of SecurityJoe Robb
 
Automating Accessibility: WordCamp Minneapolis 2015
Automating Accessibility: WordCamp Minneapolis 2015Automating Accessibility: WordCamp Minneapolis 2015
Automating Accessibility: WordCamp Minneapolis 2015Joseph Dolson
 
FOWA Miami 2009 - Y!OS
FOWA Miami 2009 - Y!OSFOWA Miami 2009 - Y!OS
FOWA Miami 2009 - Y!OSJonathan LeBlanc
 
Fix The Future - Accessibility Testing Using Wave
Fix The Future - Accessibility Testing Using WaveFix The Future - Accessibility Testing Using Wave
Fix The Future - Accessibility Testing Using WaveKaraMichelleHarkins
 
Mozilla Labs Meeti
Mozilla Labs MeetiMozilla Labs Meeti
Mozilla Labs MeetiJonathan LeBlanc
 
Browser MVC with YQL and YUI
Browser MVC with YQL and YUIBrowser MVC with YQL and YUI
Browser MVC with YQL and YUIJonathan LeBlanc
 
Dear son dear_daughter
Dear son dear_daughterDear son dear_daughter
Dear son dear_daughtervinod kumar
 
Potrzeby współczesnego prosumenta jako determinanta rozwoju nowych narzędzi k...
Potrzeby współczesnego prosumenta jako determinanta rozwoju nowych narzędzi k...Potrzeby współczesnego prosumenta jako determinanta rozwoju nowych narzędzi k...
Potrzeby współczesnego prosumenta jako determinanta rozwoju nowych narzędzi k...Magdalena Kachniewska
 
La nuova società italiana trasforma i lavoratori in schiavi.
La nuova società italiana trasforma i lavoratori in schiavi.La nuova società italiana trasforma i lavoratori in schiavi.
La nuova società italiana trasforma i lavoratori in schiavi.Cagliostro Puntodue
 
Curricularesprimerainf
CurricularesprimerainfCurricularesprimerainf
CurricularesprimerainfCarlos Soto
 
Failing to learn from Australia’s most successful defence project
Failing to learn from Australia’s most successful defence projectFailing to learn from Australia’s most successful defence project
Failing to learn from Australia’s most successful defence projectWilliam Hall
 
Yorkshire Presentation
Yorkshire PresentationYorkshire Presentation
Yorkshire Presentationsebasquinteros
 
Critical issues-in-disaster-science-and-management a dialogue between researc...
Critical issues-in-disaster-science-and-management a dialogue between researc...Critical issues-in-disaster-science-and-management a dialogue between researc...
Critical issues-in-disaster-science-and-management a dialogue between researc...JD Hamilton
 
Application Holy Wars theme and why the book was written
Application Holy Wars theme and why the book was writtenApplication Holy Wars theme and why the book was written
Application Holy Wars theme and why the book was writtenWilliam Hall
 
Homeschooling Children with Down Syndrome
Homeschooling Children with Down SyndromeHomeschooling Children with Down Syndrome
Homeschooling Children with Down Syndromeamongtheblessed
 
Voorleeskwartierklasjecircus
VoorleeskwartierklasjecircusVoorleeskwartierklasjecircus
VoorleeskwartierklasjecircusWebredactie_Zwijsen
 
Soil experiment
Soil experimentSoil experiment
Soil experimentnewham5-6
 
Aug presentation to nyp phyisotherapy jun 2011 distribution
Aug presentation to nyp phyisotherapy jun 2011 distributionAug presentation to nyp phyisotherapy jun 2011 distribution
Aug presentation to nyp phyisotherapy jun 2011 distributionspastudent
 
40th TOP500 List and Awarding Session
40th TOP500 List and Awarding Session40th TOP500 List and Awarding Session
40th TOP500 List and Awarding Sessiontop500
 
Girisimciler icin PR
Girisimciler icin PRGirisimciler icin PR
Girisimciler icin PRMerve Guner
 
Seafield Resources Ltd (TSX-V: SFF) - November 2011
Seafield Resources Ltd (TSX-V: SFF) - November 2011Seafield Resources Ltd (TSX-V: SFF) - November 2011
Seafield Resources Ltd (TSX-V: SFF) - November 2011sffresources
 
Top500 Slides for June 2014
Top500 Slides for June 2014Top500 Slides for June 2014
Top500 Slides for June 2014top500
 
Rivero claudia mabel 3 con video
Rivero claudia mabel 3 con videoRivero claudia mabel 3 con video
Rivero claudia mabel 3 con videoclaudiariveroisg
 
13 decomposição de um número em fatores primos
13 decomposição de um número em fatores primos13 decomposição de um número em fatores primos
13 decomposição de um número em fatores primosCarla Gomes
 
Greg Klassen - Annual Public Meeting - Oct. 3, 2011 - EN
Greg Klassen - Annual Public Meeting - Oct. 3, 2011 - ENGreg Klassen - Annual Public Meeting - Oct. 3, 2011 - EN
Greg Klassen - Annual Public Meeting - Oct. 3, 2011 - ENctc-cct
 
M. Kachniewska: Wisła – wspólna sprawa
M. Kachniewska: Wisła – wspólna sprawaM. Kachniewska: Wisła – wspólna sprawa
M. Kachniewska: Wisła – wspólna sprawaMagdalena Kachniewska
 
They need either one Manually easy or Hard1. Go to dnschecker..docx
They need either one Manually easy or Hard1. Go to dnschecker..docxThey need either one Manually easy or Hard1. Go to dnschecker..docx
They need either one Manually easy or Hard1. Go to dnschecker..docxrandymartin91030
 
7 Things People Do To Endanger Their Networks
7 Things People Do To Endanger Their Networks7 Things People Do To Endanger Their Networks
7 Things People Do To Endanger Their Networksjaymemcree
 

More Related Content

Viewers also liked

Dear son dear_daughter
Dear son dear_daughterDear son dear_daughter
Dear son dear_daughtervinod kumar
 
Potrzeby współczesnego prosumenta jako determinanta rozwoju nowych narzędzi k...
Potrzeby współczesnego prosumenta jako determinanta rozwoju nowych narzędzi k...Potrzeby współczesnego prosumenta jako determinanta rozwoju nowych narzędzi k...
Potrzeby współczesnego prosumenta jako determinanta rozwoju nowych narzędzi k...Magdalena Kachniewska
 
La nuova società italiana trasforma i lavoratori in schiavi.
La nuova società italiana trasforma i lavoratori in schiavi.La nuova società italiana trasforma i lavoratori in schiavi.
La nuova società italiana trasforma i lavoratori in schiavi.Cagliostro Puntodue
 
Curricularesprimerainf
CurricularesprimerainfCurricularesprimerainf
CurricularesprimerainfCarlos Soto
 
Failing to learn from Australia’s most successful defence project
Failing to learn from Australia’s most successful defence projectFailing to learn from Australia’s most successful defence project
Failing to learn from Australia’s most successful defence projectWilliam Hall
 
Yorkshire Presentation
Yorkshire PresentationYorkshire Presentation
Yorkshire Presentationsebasquinteros
 
Critical issues-in-disaster-science-and-management a dialogue between researc...
Critical issues-in-disaster-science-and-management a dialogue between researc...Critical issues-in-disaster-science-and-management a dialogue between researc...
Critical issues-in-disaster-science-and-management a dialogue between researc...JD Hamilton
 
Application Holy Wars theme and why the book was written
Application Holy Wars theme and why the book was writtenApplication Holy Wars theme and why the book was written
Application Holy Wars theme and why the book was writtenWilliam Hall
 
Homeschooling Children with Down Syndrome
Homeschooling Children with Down SyndromeHomeschooling Children with Down Syndrome
Homeschooling Children with Down Syndromeamongtheblessed
 
Soil experiment
Soil experimentSoil experiment
Soil experimentnewham5-6
 
Aug presentation to nyp phyisotherapy jun 2011 distribution
Aug presentation to nyp phyisotherapy jun 2011 distributionAug presentation to nyp phyisotherapy jun 2011 distribution
Aug presentation to nyp phyisotherapy jun 2011 distributionspastudent
 
40th TOP500 List and Awarding Session
40th TOP500 List and Awarding Session40th TOP500 List and Awarding Session
40th TOP500 List and Awarding Sessiontop500
 
Girisimciler icin PR
Girisimciler icin PRGirisimciler icin PR
Girisimciler icin PRMerve Guner
 
Seafield Resources Ltd (TSX-V: SFF) - November 2011
Seafield Resources Ltd (TSX-V: SFF) - November 2011Seafield Resources Ltd (TSX-V: SFF) - November 2011
Seafield Resources Ltd (TSX-V: SFF) - November 2011sffresources
 
Top500 Slides for June 2014
Top500 Slides for June 2014Top500 Slides for June 2014
Top500 Slides for June 2014top500
 
Rivero claudia mabel 3 con video
Rivero claudia mabel 3 con videoRivero claudia mabel 3 con video
Rivero claudia mabel 3 con videoclaudiariveroisg
 
13 decomposição de um número em fatores primos
13 decomposição de um número em fatores primos13 decomposição de um número em fatores primos
13 decomposição de um número em fatores primosCarla Gomes
 
Greg Klassen - Annual Public Meeting - Oct. 3, 2011 - EN
Greg Klassen - Annual Public Meeting - Oct. 3, 2011 - ENGreg Klassen - Annual Public Meeting - Oct. 3, 2011 - EN
Greg Klassen - Annual Public Meeting - Oct. 3, 2011 - ENctc-cct
 
M. Kachniewska: Wisła – wspólna sprawa
M. Kachniewska: Wisła – wspólna sprawaM. Kachniewska: Wisła – wspólna sprawa
M. Kachniewska: Wisła – wspólna sprawaMagdalena Kachniewska
 

Viewers also liked (20)

Dear son dear_daughter
Dear son dear_daughterDear son dear_daughter
Dear son dear_daughter
 
Potrzeby współczesnego prosumenta jako determinanta rozwoju nowych narzędzi k...
Potrzeby współczesnego prosumenta jako determinanta rozwoju nowych narzędzi k...Potrzeby współczesnego prosumenta jako determinanta rozwoju nowych narzędzi k...
Potrzeby współczesnego prosumenta jako determinanta rozwoju nowych narzędzi k...
 
La nuova società italiana trasforma i lavoratori in schiavi.
La nuova società italiana trasforma i lavoratori in schiavi.La nuova società italiana trasforma i lavoratori in schiavi.
La nuova società italiana trasforma i lavoratori in schiavi.
 
Curricularesprimerainf
CurricularesprimerainfCurricularesprimerainf
Curricularesprimerainf
 
Failing to learn from Australia’s most successful defence project
Failing to learn from Australia’s most successful defence projectFailing to learn from Australia’s most successful defence project
Failing to learn from Australia’s most successful defence project
 
Yorkshire Presentation
Yorkshire PresentationYorkshire Presentation
Yorkshire Presentation
 
Critical issues-in-disaster-science-and-management a dialogue between researc...
Critical issues-in-disaster-science-and-management a dialogue between researc...Critical issues-in-disaster-science-and-management a dialogue between researc...
Critical issues-in-disaster-science-and-management a dialogue between researc...
 
Application Holy Wars theme and why the book was written
Application Holy Wars theme and why the book was writtenApplication Holy Wars theme and why the book was written
Application Holy Wars theme and why the book was written
 
Homeschooling Children with Down Syndrome
Homeschooling Children with Down SyndromeHomeschooling Children with Down Syndrome
Homeschooling Children with Down Syndrome
 
Voorleeskwartierklasjecircus
VoorleeskwartierklasjecircusVoorleeskwartierklasjecircus
Voorleeskwartierklasjecircus
 
Soil experiment
Soil experimentSoil experiment
Soil experiment
 
Aug presentation to nyp phyisotherapy jun 2011 distribution
Aug presentation to nyp phyisotherapy jun 2011 distributionAug presentation to nyp phyisotherapy jun 2011 distribution
Aug presentation to nyp phyisotherapy jun 2011 distribution
 
40th TOP500 List and Awarding Session
40th TOP500 List and Awarding Session40th TOP500 List and Awarding Session
40th TOP500 List and Awarding Session
 
Girisimciler icin PR
Girisimciler icin PRGirisimciler icin PR
Girisimciler icin PR
 
Seafield Resources Ltd (TSX-V: SFF) - November 2011
Seafield Resources Ltd (TSX-V: SFF) - November 2011Seafield Resources Ltd (TSX-V: SFF) - November 2011
Seafield Resources Ltd (TSX-V: SFF) - November 2011
 
Top500 Slides for June 2014
Top500 Slides for June 2014Top500 Slides for June 2014
Top500 Slides for June 2014
 
Rivero claudia mabel 3 con video
Rivero claudia mabel 3 con videoRivero claudia mabel 3 con video
Rivero claudia mabel 3 con video
 
13 decomposição de um número em fatores primos
13 decomposição de um número em fatores primos13 decomposição de um número em fatores primos
13 decomposição de um número em fatores primos
 
Greg Klassen - Annual Public Meeting - Oct. 3, 2011 - EN
Greg Klassen - Annual Public Meeting - Oct. 3, 2011 - ENGreg Klassen - Annual Public Meeting - Oct. 3, 2011 - EN
Greg Klassen - Annual Public Meeting - Oct. 3, 2011 - EN
 
M. Kachniewska: Wisła – wspólna sprawa
M. Kachniewska: Wisła – wspólna sprawaM. Kachniewska: Wisła – wspólna sprawa
M. Kachniewska: Wisła – wspólna sprawa
 

Similar to Edinburgh

They need either one Manually easy or Hard1. Go to dnschecker..docx
They need either one Manually easy or Hard1. Go to dnschecker..docxThey need either one Manually easy or Hard1. Go to dnschecker..docx
They need either one Manually easy or Hard1. Go to dnschecker..docxrandymartin91030
 
7 Things People Do To Endanger Their Networks
7 Things People Do To Endanger Their Networks7 Things People Do To Endanger Their Networks
7 Things People Do To Endanger Their Networksjaymemcree
 
Fast and Good: Alternate Approaches to Quality at Etsy - STPCon fall 2011
Fast and Good: Alternate Approaches to Quality at Etsy - STPCon fall 2011Fast and Good: Alternate Approaches to Quality at Etsy - STPCon fall 2011
Fast and Good: Alternate Approaches to Quality at Etsy - STPCon fall 2011Noah Sussman
 
Ajax to the Moon
Ajax to the MoonAjax to the Moon
Ajax to the Moondavejohnson
 
Fix me if you can - DrupalCon prague
Fix me if you can - DrupalCon pragueFix me if you can - DrupalCon prague
Fix me if you can - DrupalCon praguehernanibf
 
Java application security the hard way - a workshop for the serious developer
Java application security the hard way - a workshop for the serious developerJava application security the hard way - a workshop for the serious developer
Java application security the hard way - a workshop for the serious developerSteve Poole
 
Abusing "Accepted Risk" With 3rd Party C2 - HackMiamiCon5
Abusing "Accepted Risk" With 3rd Party C2 - HackMiamiCon5Abusing "Accepted Risk" With 3rd Party C2 - HackMiamiCon5
Abusing "Accepted Risk" With 3rd Party C2 - HackMiamiCon5sixdub
 
Recent Trends in Cyber Security
Recent Trends in Cyber SecurityRecent Trends in Cyber Security
Recent Trends in Cyber SecurityAyoma Wijethunga
 
2012.09 A Million Mousetraps: Using Big Data and Little Loops to Build Better...
2012.09 A Million Mousetraps: Using Big Data and Little Loops to Build Better...2012.09 A Million Mousetraps: Using Big Data and Little Loops to Build Better...
2012.09 A Million Mousetraps: Using Big Data and Little Loops to Build Better...Allison Miller
 
LogLogic SQL Server Hacking DBs April09
LogLogic SQL Server Hacking DBs April09LogLogic SQL Server Hacking DBs April09
LogLogic SQL Server Hacking DBs April09Mark Ginnebaugh
 
Beyond Ethical Hacking By Nipun Jaswal , CSA HCF Infosec Pvt. Ltd
Beyond Ethical Hacking By Nipun Jaswal , CSA HCF Infosec Pvt. LtdBeyond Ethical Hacking By Nipun Jaswal , CSA HCF Infosec Pvt. Ltd
Beyond Ethical Hacking By Nipun Jaswal , CSA HCF Infosec Pvt. LtdNipun Jaswal
 
Things that go bump on the web - Web Application Security
Things that go bump on the web - Web Application SecurityThings that go bump on the web - Web Application Security
Things that go bump on the web - Web Application SecurityChristian Heilmann
 
Cheapass.in — presented at JSFoo 2016
Cheapass.in — presented at JSFoo 2016Cheapass.in — presented at JSFoo 2016
Cheapass.in — presented at JSFoo 2016Aakash Goel
 
Owasp top 10 web application security hazards - Part 1
Owasp top 10 web application security hazards - Part 1Owasp top 10 web application security hazards - Part 1
Owasp top 10 web application security hazards - Part 1Abhinav Sejpal
 
Webstock Workshop: Creating Simple
Webstock Workshop: Creating SimpleWebstock Workshop: Creating Simple
Webstock Workshop: Creating SimpleDaniel Burka
 
So you want to be a red teamer
So you want to be a red teamerSo you want to be a red teamer
So you want to be a red teamerJorge Orchilles
 
Oracle database threats - LAOUC Webinar
Oracle database threats - LAOUC WebinarOracle database threats - LAOUC Webinar
Oracle database threats - LAOUC WebinarOsama Mustafa
 
Intro to Php Security
Intro to Php SecurityIntro to Php Security
Intro to Php SecurityDave Ross
 

Similar to Edinburgh (20)

They need either one Manually easy or Hard1. Go to dnschecker..docx
They need either one Manually easy or Hard1. Go to dnschecker..docxThey need either one Manually easy or Hard1. Go to dnschecker..docx
They need either one Manually easy or Hard1. Go to dnschecker..docx
 
7 Things People Do To Endanger Their Networks
7 Things People Do To Endanger Their Networks7 Things People Do To Endanger Their Networks
7 Things People Do To Endanger Their Networks
 
Fast and Good: Alternate Approaches to Quality at Etsy - STPCon fall 2011
Fast and Good: Alternate Approaches to Quality at Etsy - STPCon fall 2011Fast and Good: Alternate Approaches to Quality at Etsy - STPCon fall 2011
Fast and Good: Alternate Approaches to Quality at Etsy - STPCon fall 2011
 
Ajax to the Moon
Ajax to the MoonAjax to the Moon
Ajax to the Moon
 
Fix me if you can - DrupalCon prague
Fix me if you can - DrupalCon pragueFix me if you can - DrupalCon prague
Fix me if you can - DrupalCon prague
 
Java application security the hard way - a workshop for the serious developer
Java application security the hard way - a workshop for the serious developerJava application security the hard way - a workshop for the serious developer
Java application security the hard way - a workshop for the serious developer
 
Ntxissacsc5 red 1 & 2 basic hacking tools ncc group
Ntxissacsc5 red 1 & 2 basic hacking tools ncc groupNtxissacsc5 red 1 & 2 basic hacking tools ncc group
Ntxissacsc5 red 1 & 2 basic hacking tools ncc group
 
Secure pl-sql-coding
Secure pl-sql-codingSecure pl-sql-coding
Secure pl-sql-coding
 
Abusing "Accepted Risk" With 3rd Party C2 - HackMiamiCon5
Abusing "Accepted Risk" With 3rd Party C2 - HackMiamiCon5Abusing "Accepted Risk" With 3rd Party C2 - HackMiamiCon5
Abusing "Accepted Risk" With 3rd Party C2 - HackMiamiCon5
 
Recent Trends in Cyber Security
Recent Trends in Cyber SecurityRecent Trends in Cyber Security
Recent Trends in Cyber Security
 
2012.09 A Million Mousetraps: Using Big Data and Little Loops to Build Better...
2012.09 A Million Mousetraps: Using Big Data and Little Loops to Build Better...2012.09 A Million Mousetraps: Using Big Data and Little Loops to Build Better...
2012.09 A Million Mousetraps: Using Big Data and Little Loops to Build Better...
 
LogLogic SQL Server Hacking DBs April09
LogLogic SQL Server Hacking DBs April09LogLogic SQL Server Hacking DBs April09
LogLogic SQL Server Hacking DBs April09
 
Beyond Ethical Hacking By Nipun Jaswal , CSA HCF Infosec Pvt. Ltd
Beyond Ethical Hacking By Nipun Jaswal , CSA HCF Infosec Pvt. LtdBeyond Ethical Hacking By Nipun Jaswal , CSA HCF Infosec Pvt. Ltd
Beyond Ethical Hacking By Nipun Jaswal , CSA HCF Infosec Pvt. Ltd
 
Things that go bump on the web - Web Application Security
Things that go bump on the web - Web Application SecurityThings that go bump on the web - Web Application Security
Things that go bump on the web - Web Application Security
 
Cheapass.in — presented at JSFoo 2016
Cheapass.in — presented at JSFoo 2016Cheapass.in — presented at JSFoo 2016
Cheapass.in — presented at JSFoo 2016
 
Owasp top 10 web application security hazards - Part 1
Owasp top 10 web application security hazards - Part 1Owasp top 10 web application security hazards - Part 1
Owasp top 10 web application security hazards - Part 1
 
Webstock Workshop: Creating Simple
Webstock Workshop: Creating SimpleWebstock Workshop: Creating Simple
Webstock Workshop: Creating Simple
 
So you want to be a red teamer
So you want to be a red teamerSo you want to be a red teamer
So you want to be a red teamer
 
Oracle database threats - LAOUC Webinar
Oracle database threats - LAOUC WebinarOracle database threats - LAOUC Webinar
Oracle database threats - LAOUC Webinar
 
Intro to Php Security
Intro to Php SecurityIntro to Php Security
Intro to Php Security
 

Recently uploaded

2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...Martijn de Jong
 
Ransomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdfRansomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdfOverkill Security
 
FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024The Digital Insurer
 
[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdfSandro Moreira
 
MS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsMS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsNanddeep Nachan
 
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfRising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfOrbitshub
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMESafe Software
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherRemote DBA Services
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAndrey Devyatkin
 
Exploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with MilvusExploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with MilvusZilliz
 
DBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDropbox
 
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamDEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamUiPathCommunity
 
Corporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxCorporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxRustici Software
 
Spring Boot vs Quarkus the ultimate battle - DevoxxUK
Spring Boot vs Quarkus the ultimate battle - DevoxxUKSpring Boot vs Quarkus the ultimate battle - DevoxxUK
Spring Boot vs Quarkus the ultimate battle - DevoxxUKJago de Vreede
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...DianaGray10
 
CNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In PakistanCNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In Pakistandanishmna97
 
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...apidays
 
ICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesrafiqahmad00786416
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoffsammart93
 
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ..."I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...Zilliz
 

Recently uploaded (20)

2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
Ransomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdfRansomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdf
 
FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024
 
[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf
 
MS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsMS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectors
 
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfRising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of Terraform
 
Exploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with MilvusExploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with Milvus
 
DBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor Presentation
 
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamDEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
 
Corporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxCorporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptx
 
Spring Boot vs Quarkus the ultimate battle - DevoxxUK
Spring Boot vs Quarkus the ultimate battle - DevoxxUKSpring Boot vs Quarkus the ultimate battle - DevoxxUK
Spring Boot vs Quarkus the ultimate battle - DevoxxUK
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
 
CNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In PakistanCNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In Pakistan
 
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
 
ICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesICT role in 21st century education and its challenges
ICT role in 21st century education and its challenges
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ..."I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
 

Edinburgh

  • 1. Colin McLean Lecturer in Ethical Hacking
  • 2.  This is a stand-alone environment.  Seeing attacks makes a difference!  Please don’t try any of this at home!  PS Adam is a 4th year Ethical Hacking student at Abertay.
  • 3. Installed On my PC. Adam will try to hack it.. Installed On my PC. Adam will try to hack it..
  • 4. And generally not as well defended.
  • 5. Web server Web app Web app Web app Web app transport DB DB App server (optional) Web client: IE, Firefox, Opera, etc. HTTP response (HTML, JavaScript, VBScript, etc.) HTTP request Clear- text or SSL • Apache • IIS • Netscape • etc. • ColdFusion • Oracle 9iAS • GlassFish • etc. • Perl • C++ • CGI • Java • ASP • PHP • etc. • ADO • ODBC • JDBC • etc. • Oracle • SQL Server • etc. • AJP • IIOP • etc.
  • 6. Web server Web app Web app Web app Web app transport DB DB App server (optional)
  • 7.  Entering Colin and test gives a SQL query similar to the following: - $query = "SELECT * FROM accounts WHERE username=‘Colin' AND password=‘test’;  PROBLEM: - Often there is no filtering of input meaning that a hacker can inject CODE. Typical Code $username = $_REQUEST["username"]; $password = $_REQUEST["password"]; $query = "SELECT * FROM accounts WHERE username='$username' AND password='$password';
  • 8.  Entering blah ‘OR 1=1#  In MYSQL, “#” is a comment. $query = SELECT * FROM accounts WHERE username= '$username' AND password= '$password';  Gives $query = SELECT * FROM accounts WHERE username= ‘blah' OR 1=1# password= ''  Effectively $query = SELECT * FROM accounts WHERE username= ‘blah' OR 1=1
  • 9.  HacmeBank has an SQL injection flaw.  Adam is currently trying to do as much as damage as he can by exploiting this flaw....  “SQLMAP” tool as used by hacking groups.
  • 10. login_id password user_name JV JV789 Joe Vilella JM jm789 John Mathew JC jc789 Jane Chris
  • 11. Abertay Ethical Hacking Group user_id branch curren cy account_no account_type creation_date balance_amount 1 Texas-Remington Circle USD 5204320422040000 Platinum Jun 14 2005 1:29AM 16779 1 Texas-Remington Circle USD 5204320422040000 Silver Jun 14 2005 1:29AM 8145 2 Mahnattan - New york USD 5204320422040000 Silver Sep 14 2005 1:29AM 8555 2 Mahnattan - New York USD 5204320422040000 Platinum Sep 12 2005 1:23AM 91000 3L A-Hoston Road USD 5204320422040000 Platinum Jun 14 2005 1:29AM 4800 3L A-Hoston Road USD 5204320422040000 Silver Jun 14 2005 1:29AM 5100 3 Buston-Richadson Avenue USD 5204320422040000 Platinum Jun 14 2005 1:29AM 7600 3 Buston-Richadson Avenue USD 5204320422040000 Silver Jun 14 2005 1:29AM 1200 2 Mahnattan - New York USD 5204320422040000 Gold Oct 12 2005 1:23AM 850 Transactions tableTransactions table
  • 12.  Gain a “shell” on the victims PC.  Stop firewall  Deface Web site  Could also publish database on the Internet.
  • 13.  Reputation?  Compensation?  Could be devastating for the company.
  • 14.
  • 15.  Approximately 3 lines of code..  AWARENESS.  Only one of many Web flaws.  A1-Injection  A2-Broken Authentication and Session Management  A3-Cross-Site Scripting (XSS)  A4- Insecure Direct Object References  A5-Security Misconfiguration  A6-Sensitive Data Exposure  A7-Missing Function Level Access Control  A8-Cross-Site Request Forgery (CSRF)  A9-Using Components with Known Vulnerabilities  A10-Unvalidated Redirects and Forwards .  ..etc
  • 16. We are all vulnerable. No such thing as a “dumb user”.
  • 17.  Relies on victim clicking on a link (e.g. E-Mail, Google search .....etc).  Hackers success against a company can be greatly increased using targeting users.  E.g. Might not be easy to get an accountant to click on any old link....but...
  • 18.
  • 19.  Get user to visit a page...  Issue commands from the menu.
  • 20. This is many users view of what a trojan is... This is many users view of what a trojan is...
  • 21.  Install... ◦ Visit the wrong web page/install the wrong software/Someone gets on your PC.  Anti-virus can be evaded relatively easily.  The ultimate hack.
  • 22.
  • 23. Unpatched / Downloaded.. How dangerous? Unpatched / Downloaded.. How dangerous? • This demo applies to “out of date” software or packages downloaded from the Internet. • If a flaw isn’t fixed then this is what can happen.
  • 24.  Technical controls can help greatly but  Developers/Networking staff/IT Staff/User awareness is a major mitigation.  Most modern hacking attacks require user “help”.
  • 25.  Awareness training @ Abertay Uni... ◦ Pen Testing & Vulnerability Assessment (2 days) ◦ Security awareness for users (1/2 day) ◦ Web Security testing (2 days) ◦ Security Awareness for Managers (1/2 day) ◦ Secure Coding (1 day) ◦ Wireless security (1 day) ◦ Intro to Digital Forensics (2 days) ◦ Network Forensics (2 days).  In our Ethical Hacking lab or in your company.