ADVANCED PENETRATION TESTING MIS 5212 001 Week 9

Tonight's Plan � � � In the news Last Presentations Web. Goat Issues Ettercap

In The News � Submitted � http: //krebsonsecurity. com/2016/03/seagate-phish- exposes-all-employee-w-2 s/ � http: //www.

In The News � Submitted � http: //www. homelandsecuritynewswire. com/dr 20160204 - vulnerability-found-in-in-twofactorauthentication? page=0,

In The News � What I noted � http: //www. latimes. com/business/technology/la-fi-tn- snapchat-phishing-attack-20160228 -story.

Web. Goat Exercises � Access Control Flaws � Stage 1 � Stage 3 �

Web. Goat Exercises � Injection Flaws: � Command Injection: " & netstat -ant &

Man In The Middle � Intercepting traffic Source: http: //www. valencynetworks. com/articles/cyber-attacks-explainedman-in-the-middle-attack. html MIS

Ettercap Attacks � � Ettercap supports active and passive dissection of many protocols (including

Ettercap � Other Features: Character injection SSH 1 support: the sniffing of a username

Ettercap � � A tool for performing man in the middle attacks Pre-installed in

� Click “Unified Sniffing” MIS 5212. 001 15

� Select Your Network Connection (May not be same) MIS 5212. 001 16

� Now we will see who is out there: MIS 5212. 001 17

� Available Hosts, I’m going after the last one! MIS 5212. 001 18

Problem � Doesn’t Work in a VM You will need real machines on a

Next Week � � In the news Intro to Wireless MIS 5212. 001 21

Slides: 22

Download presentation

ADVANCED PENETRATION TESTING MIS 5212. 001 Week 9 Site: http: //community. mis. temple. edu/mis 5212 sec 001 s 16/

Tonight's Plan � � � In the news Last Presentations Web. Goat Issues Ettercap Next Week MIS 5212. 001 2

MIS 5212. 001 3

In The News � Submitted � http: //krebsonsecurity. com/2016/03/seagate-phish- exposes-all-employee-w-2 s/ � http: //www. cnet. com/news/not-in-my-house-amazonsunencrypted-devices-a-sitting-target-cybersecurityexperts-say/ � http: //thehackernews. com/2016/03/subgraph-secureoperating-system. html � http: //www. bbc. com/news/technology-31042477 (Chips under skin) � http: //www. philly. com/philly/news/20160226_Apple_fights _FBI_s_i. Phone_demand_as__oppressive_. html � http: //www. bbc. com/news/uk-35750127 (GCHQ on Apple) MIS 5212. 001 4

In The News � Submitted � http: //www. homelandsecuritynewswire. com/dr 20160204 - vulnerability-found-in-in-twofactorauthentication? page=0, 1 � http: //www. afr. com/technology/web/security/pwc-createscyber-security-game-to-let-board-members-play-ashackers-20160229 -gn 713 x � http: //n 4 bb. com/amazon-shocks-cybersecurity-expertsdisables-fire-os-5 -encryption-update-promises-reverse/ � http: //thehackernews. com/2016/03/mac-os-xransomware. html � http: //techcrunch. com/2016/03/07/apple-has-shut-downthe-first-fully-functional-mac-os-x-ransomware/ MIS 5212. 001 5

In The News � What I noted � http: //www. latimes. com/business/technology/la-fi-tn- snapchat-phishing-attack-20160228 -story. html � http: //www. cnbc. com/2016/03/06/reuters-americaapple-users-targeted-in-first-known-mac-ransomware -campaign. html � http: //www. pcworld. com/article/3041115/security/mits -new-5 -atom-quantum-computer-could-transformencryption. html#tk. rss_all � http: //datagenetics. com/blog/september 32012/index. html (Pin Guessing) MIS 5212. 001 6

Presentations MIS 5212. 001 7

Web. Goat Exercises � Access Control Flaws � Stage 1 � Stage 3 � � Authentication Flaws Cross-Site Scripting � Phishing � Stage 1 � Stage 5 � Reflected XSS Attacks � Improper Error Handling � Fail Open Authentication Scheme MIS 5212. 001 8

Web. Goat Exercises � Injection Flaws: � Command Injection: " & netstat -ant & ifconfig“ � Numerical SQL Injection: or 1=1 � Log Spoofing � XPATH Injection � String SQL Injection � Modifying Data with SQL Injection � Adding Data with SQL Injection � Blind Numeric SQL Injection � Blind String SQL Injection MIS 5212. 001 9

Man In The Middle � Intercepting traffic Source: http: //www. valencynetworks. com/articles/cyber-attacks-explainedman-in-the-middle-attack. html MIS 5212. 001 10

Ettercap Attacks � � Ettercap supports active and passive dissection of many protocols (including ciphered ones). Ettercap offers four modes of operation: � IP-based: packets are filtered based on IP source and destination. � MAC-based: packets are filtered based on MAC address, useful for sniffing connections through a gateway. � ARP-based: uses ARP poisoning to sniff on a switched LAN between two hosts (full-duplex). � Public. ARP-based: uses ARP poisoning to sniff on a switched LAN from a victim host to all other hosts (halfduplex). MIS 5212. 001 11

Ettercap � Other Features: Character injection SSH 1 support: the sniffing of a username and password HTTPS support: the sniffing of HTTP SSL secured data—even Remote traffic through a GRE tunnel Plug-in support Password collectors for: TELNET, FTP, POP, IMAP, rlogin, SSH 1, ICQ, SMB, My. SQL, HTTP, NNTP, X 11, Napster, IRC, RIP, BGP, SOCKS 5, IMAP 4, VNC, LDAP, NFS, SNMP, Half. Life, Quake 3, MSN, YMSG � Packet filtering/dropping � OS fingerprinting � Kill a connection � Passive scanning of the LAN � Hijacking of DNS requests � � � MIS 5212. 001 12

Ettercap � � A tool for performing man in the middle attacks Pre-installed in Kali MIS 5212. 001 13

� After Launch: MIS 5212. 001 14

� Click “Unified Sniffing” MIS 5212. 001 15

� Select Your Network Connection (May not be same) MIS 5212. 001 16

� Now we will see who is out there: MIS 5212. 001 17

� Available Hosts, I’m going after the last one! MIS 5212. 001 18

� Setup to ARP Poison MIS 5212. 001 19

Problem � Doesn’t Work in a VM You will need real machines on a switch to get this fully functioning � A good walkthrough is � � http: //www. thegeekstuff. com/2012/05/ettercap- tutorial/ MIS 5212. 001 20

Next Week � � In the news Intro to Wireless MIS 5212. 001 21

Questions ? MIS 5212. 001 22