EH3_Contents_ch2-١.pdf

Full Transcript

Applied College Shaqra Ethical Hacking (3) SYS 2004 Dr. Majid H. Alsulami [email protected] 2024 Copyright 2024 - All Rights Reserved Applied College Shaqra No part of this presentation may be reproduced or transmitted in any form whatsoever, electronic, or mechanical, including photocopying, recording, or by any informational storage or retrieval system without express written, dated and signed permission from the creator. Applied College Shaqra Course Main Objective(s): Basics of the ethical hacking Foot printing and scanning Techniques for system hacking Malware and their attacks and detect and prevent them Signature of different attacks and prevent them Detect and prevent the security attacks in different environments Applied College Shaqra Course Content No 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 List of Topics Basics of the ethical hacking Foot printing and scanning Foot printing and scanning Foot printing and scanning Techniques for system hacking Techniques for system hacking Techniques for system hacking Malware and their attacks and detect and prevent them Malware and their attacks and detect and prevent them Signature of different attacks and prevent them Signature of different attacks and prevent them Signature of different attacks and prevent them Detect and prevent the security attacks in different environments Detect and prevent the security attacks in different environments Detect and prevent the security attacks in different environments Review Total Contact Hours 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 64 Applied College Shaqra Students Assessment Activities No 1 2 3 4 5 6 Assessment Activities * Midterm 1 Midterm 1 Quizzes Participation labs Final written Examination Assessment timing Percentage of Total Assessment Score (in week no) 7-8 14-15 4-11 weekly 16 End of semester 15% 15% 10% 10% 10% 40% *Assessment Activities (i.e., Written test, oral test, oral presentation, group project, essay, etc.) Applied College Shaqra References and Learning Resources Essential References 1. Gray Hat Hacking the Ethical Hackers Handbook, 3rd Edition by Shon Harris, Gideon Lenkey, Allen Harper, Jonathan Ness and Chris Eagle (2011, Trade Paperback). 2. The Basics of Hacking and Penetration Testing: Ethical Hacking and Penetration Testing Made Easy by Patrick Engebretson, Syngress; 2 edition. 3..Hands-On Ethical Hacking & Network Defense - By James Corley, Kent Backman, & Michael Simpson. Supportive References Codecademy – Python - https://www.codecademy.com/tracks/python List of Open Source Software/learning website: ∙ https://hackaday.com/ Electronic Materials ∙ https://breakthesecurity.cysecurity.org/ ∙ https://www.eccouncil.org/programs/certified-ethical-hacker-ceh/ ∙ https://www.hackthissite.org Other Learning Materials PowerPoint, Videos Applied College Shaqra Chapter 2 Foot printing and scanning Applied College Shaqra What is Ethical Hacking? Ethical Hacking is identifying weakness in computer systems and/or computer networks and coming with countermeasures that protect the weaknesses. Ethical hackers must abide by the following rules: Get written permission from the owner of the computer system and/or computer network before hacking. Protect the privacy of the organization been hacked. Transparently report all the identified weaknesses in the computer system to the organization. Inform hardware and software vendors of the identified weaknesses. Applied College Shaqra Applied College Shaqra Phases in Hacking Hacking is usually not a one-step activity. But a process consisting of several phases. There are five phases in hacking: Phase 1: Reconnaissance Reconnaissance or foot printing involves gathering preliminary data or intelligence on the target organization to enable a hacker plan for the attack. Phase 2: Scanning The phase uses technical tools to gather more detailed intelligence on the systems and applications on the target organisation’s network. An example is the use of a vulnerability scanner to collect information on the weaknesses inherent in the target network. Applied College Shaqra Phases in Hacking Phase 3: Gaining Access in this phase An attacker gains control of one or more network devices which he uses to obtain data from the target system or network. He may also use the device he controls to launch further attacks on other systems and networks. Phase 4: Maintaining Access An attacker uses this phase to maintain his presence on the target network to gather as much information as possible. The attacker must remain stealthy to avoid detection. Phase 5: Covering Tracks The final phase requires the attacker to take the necessary steps to remove all traces of his activities. The attacker uses this phase to return the system to its previous state to avoid detection by the administrators of the host network. Applied College Shaqra Phases in Hacking 1- Reconnaissance Reconnaissance or foot printing involves gathering preliminary data or intelligence on the target organization to enable a hacker plan for the attack. 2- Scanning The phase uses technical tools to gather more detailed intelligence on the systems and applications on the target organisation’s network. An example is the use of a vulnerability scanner to collect information on the weaknesses inherent in the target network. Applied College Shaqra Foot printing is the process used to gather information about the target network in order to find the weaknesses that may be used to exploit the system. Foot printing involves profiling an organisation to collect information about the systems, network and people associated with to the organisation. An ethical hacker spends a lot of time gathering information about the target organisation’s computer systems and uses this information to penetrate the network. Foot printing enables an ethical hacker to know as much as possible about a system, its ports and services, security capabilities and whether it supports remote access. Applied College Shaqra Why businesses use foot printing to identify vulnerabilities so they can address them and make changes to the business policy. Applied College Shaqra Foot printing enables an ethical hacker to achieve the following purposes: Know Security Posture: Hackers use data gathered during foot printing to know the security posture of the company such as the presence of a firewall, IDS/IPS, security configurations of applications etc. Reduce Attack Surface: This enables hackers to identify and focus on a specific range of systems. This will significantly reduce the time and effort required for penetration testing. Identify vulnerabilities: Foot printing enables hackers and security professionals to gain additional knowledge about the vulnerabilities and threats in the target network and the kinds of exploits that may be launched against it. Draw Network map: It helps to map the networks in the target environment, including the topology, trusted routers, firewalls, and servers. Applied College Shaqra What Information Is Collected in Foot printing? The goal of foot printing is to gather as much information about the target as possible in order to increase the likelihood of success when actually planning and executing an attack. This includes identifying any security weaknesses and gathering contact information for system administrators and other users who may access sensitive data. During foot printing, various types of information may be collected. Applied College Shaqra Network topology: Collecting this type of information involves identifying the IP addresses and hostnames of all systems on the network and mapping out the connections among them. Operating systems and applications: Information about the target’s operating system and applications can be used to identify potential security vulnerabilities. For example, if a company uses an outdated version of Windows, it may be vulnerable to specific attacks that are not possible against newer versions. User accounts: Foot printing can reveal usernames and passwords for user accounts on the target system, which can be helpful in the later stages of an attack. Web servers: This includes the servers’ software versions, installed modules, and enabled features. Applied College Shaqra Other information can be collected such as: Details about an organisation, employees and email addresses. Relationship with other companies. Projects involving other companies. Legal documents of the company. News relating company website. Patents and Trademarks. Important dates about new projects. Applied College Shaqra Types of foot printing Active foot printing Passive foot printing Applied College Shaqra Types of foot printing Active foot printing Active foot printing describes the process of using tools and techniques, like using the traceroute commands or a ping sweep -Internet Control Message Protocol sweep -- to collect data about a specific target. This often triggers the target's intrusion detection system (IDS). It takes a certain level of stealth and creativity to evade detection successfully. Applied College Shaqra Types of foot printing Passive foot printing As the name implies, passive foot printing involves collecting data about a specific target using innocuous methods, like performing a Google search, looking through Archive.org, using NeoTrace, browsing through employees' social media profiles, looking at job sites and using Whois, a website that provides the domain names and associated networks fora specific organization. It is a stealthier approach to foot printing because it does not trigger the target's IDS. Passive foot printing is a way of collecting information about a system remotely. This involves a situation where an attacker does not engage a target computer on the network directly. Applied College Shaqra How to Identify and Mitigate Gaps in Your Security Program https://www.youtube.com/watch?v=ESr5vu4W1iA Applied College Shaqra How do you start foot printing? Reconnaissance is similar to foot printing and is a crucial part of the initial hacking exercise. It is a passive foot printing exercise where one collects data about the target's potential vulnerabilities and flaws to exploit while penetration testing. Foot printing processes start with: determining the location and objective of an intrusion. Once ethical hackers identify a specific target, they gather information about the organization using nonintrusive methods, such as accessing the organization's own webpage, personnel directory or employee bios. Applied College Shaqra Steps in Foot printing Several steps need to be followed during foot printing to collect all relevant information: 1. Identifying Targets: The first step is to identify which systems or organizations to footprint by scanning networks for open ports or performing reconnaissance using Google searches and tools like Shodan. 2. Gathering Information: After the target has been identified, the next step is to gather as much information about it as possible using tools like Nmap, Netcat, and Whois to identify open ports and services, usernames and passwords, web server information, and more. Applied College Shaqra Steps in Foot printing 3. Analyzing Results After all relevant data has been collected, it needs to be analyzed to determine the most vulnerable points. This is done by identifying common weaknesses across multiple systems or comparing results against known exploits. 4. Planning Attacks The final step is to use the information gathered during foot printing to plan a successful attack against the target’s systems, networks, and devices. This may involve developing custom exploits or choosing a suitable attack vector based on the data collected. Applied College Shaqra Sources of Information Gathering Social Media: Many people post personal information online. Some of this information is sensitive, and hackers can use it to launch attacks against unsuspecting social media users online. For example, hackers may create a fake account using stolen details of genuine individuals. These accounts may be used to defraud or obtain personal information from other social media users. Job Websites: Job postings give details of available positions as well as personal and technical requirements. The technical requirements may 8 contain information about the operating systems, network devices and hardware the organisation uses. It may also give a hacker an idea of the systems and network configuration of the organisation. Hackers can use this information to determine the vulnerabilities in the hardware and software which the organisation uses. They can also create a list of possible attacks that may be used to take advantage of the vulnerabilities. Applied College Shaqra Sources of Information Gathering Search Engines: Hackers use search engines such as Google to carry out detailed searches on an individual or devices. An attacker can use the right keywords on Google search to find relevant personal information such as an address, phone number, net worth, etc. about a target. A hacker can also use an approach known as Google hacking to combine basic search techniques with advanced operators such as “inurl:”,”allinurl:”,”filetype:”, etc. to carry out devastating attacks. This method can be used to find internet enabled devices By typing a search string such as inurl:”ViewerFrame?Mode=” will help an attacker find public web cameras. “The “link:” search operator in Google can be used to obtain results only from specified sites. Google’s advanced search features enable a hacker to find websites that are affiliated to the target. Affiliate websites belong to vendors, suppliers and clients and contain back-links to the victim’s website. Applied College Shaqra Sources of Information Gathering Google Groups: Google Groups contain a wide array of publicly available personal information, such as domain names, IP addresses and usernames. Members share a lot of information on Google Groups, and some of this information may relate to a system and network security. Social Engineering: This approach uses various forms of human interaction to obtain information from targets of attack. Organisation’s Website: Organisations use their websites to share information with clients, customers, or the general public. This is the best place to begin for an attacker who wants to gain access to know about products and service offerings as well as personal details of names, ranks, email addresses and telephone numbers of key personnel. Applied College Shaqra Sources of Information Gathering Web Crawling: Web crawling involves mirroring a website and downloading all the publicly accessible files from the website. This allows a hacker to scan the target website offline. An attacker can use the saved website to uncover information about the configuration and layout of the website, files and directories, the source code for the web pages, names and addresses of IT employees and comments about the workings of code. Using NeoTrace: NeoTrace is a powerful tool that provides path information between a source and a remote site. The tool can produce a graphical display of the route between an attacker and the remote site. The tool also uses a GUI to display information on all intermediate nodes, including IP address, contact information, and location. Applied College Shaqra Sources of Information Gathering Who is: Hackers use the Whois website to obtain information about the domain name, emailid and domain owner. It is a tool for Website Foot printing; that is, it enables a hacker to trace a website. Applied College Shaqra Advantages of Foot printing  Hackers use foot printing to know the basic security configurations of a target machine or network. It also provides information about network route and data flow.  It simplifies the hacking process. A hacker who finds vulnerabilities can focus on specific attacks that can be launched against the target machine.  It reduces the attacks surface. It allows the hacker to identify which machines are most vulnerable and can be attacked easily. Applied College Shaqra References: https://www.techtarget.com/searchsecurity/definition/footprinting https://www.linkedin.com/pulse/footprinting-scanning-cybersecurity-unveiling-secrets-willy-tchuilenqx7zc/ https://www.eccouncil.org/cybersecurity-exchange/penetration-testing/footprinting-steps-penetrationtesting/