1 / 39

Exploits

Exploits. Dalia Solomon. Categories. Trojan Horse Attacks Smurf Attack Port Scan Buffer Overflow FTP Exploits Ethereal Exploit Worm Virus Password Cracker DNS Spoofing. Trojan Horse attacks.

parry
Download Presentation

Exploits

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Exploits Dalia Solomon

  2. Categories • Trojan Horse Attacks • Smurf Attack • Port Scan • Buffer Overflow • FTP Exploits • Ethereal Exploit • Worm • Virus • Password Cracker • DNS Spoofing

  3. Trojan Horse attacks • A computer becomes vulnerable to this attack when the user downloads and installs a file onto their system. • This opens a port without the knowledge of the user. The open port gives the remote user access to ones computer

  4. Trojan Horse - NetBus • NetBus is a tool that allows a remote user to gain administrative privileges • NetBus consists of two programs a server and a client.

  5. NetBus Server • To infect a computer, NetBus disguises itself as an ICQ executable file that a naive user install on their computer.

  6. NetBus Server • NetBus server – This application will open a backdoor on the target computer. This application can be configured to be either invisible or visible to the user.

  7. NetBus Client • NetBus - This application will connect to a computer that is running NetBus server. It allows the hacker to spy and take control of the infected computer.

  8. Smurf Attack • A Smurf Attack occurs when a packet such as an ICMP echo frame (in this application) is sent to a group of machines. • The packet sent has the source address replaced by the target computer or network IP address. This causes a flurry of echo responses to be sent to the target machine, which can overflow the target computer.

  9. Smurf Attack • Here we are attacking our computer

  10. Port Scan • This program allows the hacker to scan a target computer to detect open ports. • This is primarily used to detect vulnerable applications using certain ports on the target computer.

  11. Port Scan

  12. Buffer Overflow • Buffer Overflow • Most common form of exploits • Occurs when you put more data in the buffer than what it can hold • Occurs if bounds are not checked by program • Purpose of buffer overflow is to execute codes and gain special privileges

  13. Buffer Overflow

  14. Buffer Overflow

  15. Buffer Overflow

  16. FTP Exploits • This exploit shows how it is possible for somebody to get a shell (command prompt) from Serv-U FTP server. • This exploit causes a buffer overflow condition to occur in Serv-U FTP when it parses the MDTM command.

  17. FTP Exploits • The exploit required that the user have login access to a server.

  18. FTP Exploits • This shows how the hacker gains shell access to the target machine.

  19. FTP Exploits

  20. FTP Exploits • Here is a segment of the code that causes the buffer overflow.

  21. Ethereal Exploit • Vulnerability exist in Ethereal. By sending carefully crafted packets to the sniffed wire or by convincing someone to load a malicious packet capture file into Ethereal a user can overflow a buffer and execute malicious code • The vulnerability exist in the following packets: BGP, EIGRP, IGAP, IRDA, ISUP, NetFlow, PGM, TCAP and UCP.

  22. Ethereal - example • Ethereal IGAP message • This exploits a vulnerability in Ethereal when handling IGAP messages • Works on Ethereal 0.10.0 to Ethereal 0.10.2. • Will either crash Ethereal or open a port that allows a user to gain root privileges

  23. Ethereal - example • This code will create a malformed IGAP header that when sent, causes the Ethereal application to crash because of its vulnerability in handling IGAP packets.

  24. Worm • A worm is a program that makes copies of itself and causes major damage to the files, software, and data • Method of replication include • Email • File sharing

  25. Worm - example • W32/Bugbear-A • Is a network worm that spreads by emailing attachments of itself • It creates a thread which attempts to terminate anti-virus and security programs • The worm will log keystrokes and send this information when the user is connected online • The worm will open port 80 on the infected computer

  26. Worm - example http://www.sophos.com/virusinfo/analyses/w32bugbeara.html

  27. Worm - Example • W32/MyDoom-A is a worm which spreads by email. • When the infected attachment is launched, the worm harvests email addresses from address books and from files with the following extensions: WAB, TXT, HTM, SHT, PHP, ASP, DBX, TBB, ADB and PL.

  28. Worm – Example (continue…) • Attached files will have an extension of BAT, CMD, EXE, PIF, SCR or ZIP.

  29. Worm – Example (continue…) • the worm will attempt a denial-of-service attack to www.sco.com, sending numerous GET requests to the web server. • Drops a file named shimgapi.dll to the temp or system folder. This is a backdoor program loaded by the worm that allows outsiders to connect to TCP port 3127. http://www.sophos.com/virusinfo/analyses/w32mydooma.html

  30. Virus • A virus is program that infect operating system and applications. • Replication methods • Application File (Word doc.) • Hard drive or Boot record (boot disk) • Scripts (batch file)

  31. Virus - example • W97M/Marker Virus is a Word macro virus • It collects user information from Word and sends the information through FTP • It adds a log at the end of the virus body for every infected user. • This log contains information for system time, date, users name and address

  32. Virus - example • When you open a document file it will display a message • Depending on the user’s response the user will get one of these messages

  33. Password Cracker • Some applications and web pages are vulnerable to remote password cracker tools. • Application such as HTTP, FTP and telnet that don’t handle login properly and have small size password are vulnerable to brute force password cracker tools.

  34. Password - cracker • Brutus is a remote password cracker tool, on an older Serv-U v 2.5 application it can crack a password by sequentially sending in all possible password combination

  35. Password - cracker

  36. DNS spoofing • A DNS attack that involves intercepting and sending a fake DNS response to a user. • This attack forwards the user to a different address than where he wants to be.

  37. DNS spoofing • WinDNSSpoof • spoof DNS packets • http://www.securesphere.net/download/papers/dnsspoof.htm

  38. DNS Exploitation Tool • Zodiac is a robust DNS protocol monitoring and spoofing program • Features: • Captures and decodes DNS packets • DNS local spoofing • DNS ID spoofing, exploiting a weakness within the DNS protocol itself. • Etc… http://teso.scene.at/projects/zodiac/

  39. Questions?

More Related