an effective attack method based on information exposed
play

An Effective Attack Method Based on Information Exposed by Search - PowerPoint PPT Presentation

Aug 02, 2023 •146 likes •285 views

An Effective Attack Method Based on Information Exposed by Search Engines Antonios Gouglidis, University of Macedonia IT Security for the Next Generation European Cup, Prague 17-19 February, 2012 Motivation Extensive usage of Web 2.0

  1. An Effective Attack Method Based on Information Exposed by Search Engines Antonios Gouglidis, University of Macedonia “IT Security for the Next Generation” European Cup, Prague 17-19 February, 2012

  2. Motivation Extensive usage of Web 2.0 technologies • Mostly interested in WS provided by major search engines How WS can be used in a malicious way? PAGE 2 | "IT Security for the Next Generation", European Cup | 17-19 February, 2012

  3. Anatomy of an Attack Initial Steps Footprinting Scanning Enumeration Gaining access Determination of reachable Probe identified hosts and running Attempt to access the Objective Information gathering systems services for known weaknesses target system •Open source search •TCP/UDP port scan •Buffer overflows •Identify applications Technique •Whois •OS detection •Password •List file shares •DNS zone transfer •Ping sweep eavesdropping •Search engines •nmap •Banner grabbing •Bind, ISS Tools •UNIX/LINUX clients •fping •showmount •tcpdump •nslookup PAGE 3 | "IT Security for the Next Generation", European Cup | 17-19 February, 2012

  4. The Proposed Attack Method A 3-step Methodology PAGE 4 | "IT Security for the Next Generation", European Cup | 17-19 February, 2012

  5. How to Deploy the Attack The attack cannot be identified, until its deployment !!! Vulnerable Systems HTTP Proxy Create a query using advanced search operators Return URLs Create a valid HTTP Post Request Deploy the exploit PAGE 5 | "IT Security for the Next Generation", European Cup | 17-19 February, 2012

  6. Implementation Prerequisites Register to get an APPID for either Google or Bing The proposed methodology utilizes: • The “Google Hacking” technique • Web 2.0 technologies – REST approach – JSON PAGE 6 | "IT Security for the Next Generation", European Cup | 17-19 February, 2012

  7. Implementation JBossHacker.py Implemented in the Python scripting language • Approximately 50 lines of code Supported search engines • Google • Microsoft Bing What it can do? • Find servers having their JBoss JMX-Console open • Deploys an exploit • Gain command line access via a Web browser PAGE 7 | "IT Security for the Next Generation", European Cup | 17-19 February, 2012

  8. Hands-on JBossHacker.py - Results Summary Possible Vulnerable Systems PAGE 8 | "IT Security for the Next Generation", European Cup | 17-19 February, 2012

  9. Hands-on JBoss Deployment Scanner PAGE 9 | "IT Security for the Next Generation", European Cup | 17-19 February, 2012

  10. Hands-on Gaining Command Line Access PAGE 10 | "IT Security for the Next Generation", European Cup | 17-19 February, 2012

  11. How to defend yourself? Existing Solutions Google Hack Yourself Rely on Policy and Legal Restrictions Google Diggity Project • Provides an Intrusion Detection System – Alert RSS Feeds – Alert RSS Monitoring Tools PAGE 11 | "IT Security for the Next Generation", European Cup | 17-19 February, 2012

  12. Conclusions The Proposed Attack Methodology What it can do? • Targets online Web Applications on the Internet – Not bounded to a single application • Deploy massive attacks, in an automated way • Undetectable until the time of deploying the exploit • High probability of a successful attack, if target satisfies ALL the criteria What it cannot do? • Discover new vulnerabilities – Prior knowledge of the vulnerability/exploit is required • No guarantees of a successful attack, if criterias are not met by the target PAGE 12 | "IT Security for the Next Generation", European Cup | 17-19 February, 2012

  13. Thank You Antonios Gouglidis, University of Macedonia “IT Security for the Next Generation” European Cup, Prague 17-19 February, 2012

Recommend

Effective Security Going Back To The Basics M e r i k e K a e o , C T O m e r i k e @ f s i .

Effective Security Going Back To The Basics M e r i k e K a e o , C T O m e r i k e @ f s i .

Effective Security Going Back To The Basics M e r i k e K a e o , C T O m e r i k e @ f s i . i o FARSIGHT SECURITY DISCUSSION POINTS Attack Trends A Historical View Attack Vectors in Recent Years Evolution of Mitigation

634 views • 29 slides
Effective Treatment of Trauma New Concept, Ancient Method. Different, Effective, Proven .

Effective Treatment of Trauma New Concept, Ancient Method. Different, Effective, Proven .

Effective Treatment of Trauma New Concept, Ancient Method. Different, Effective, Proven . David Waite, Southwest Manchester EnjoyLifeCounselling@outlook.com. No website- I have all the work I want. e-slides available. I will talk

378 views • 26 slides
Slide 2 Caching is both the most effective AND the most cost-effective method for schools to

Slide 2 Caching is both the most effective AND the most cost-effective method for schools to

Slide 2 Caching is both the most effective AND the most cost-effective method for schools to optimise internet connections. ApplianSys caching appliance CACHE BOX is the most widely selected caching solution by far in the E-Rate program since

600 views • 30 slides
Slide 2 Caching is both the most effective AND the most cost-effective method for schools to

Slide 2 Caching is both the most effective AND the most cost-effective method for schools to

Slide 2 Caching is both the most effective AND the most cost-effective method for schools to optimise internet connections. ApplianSys caching appliance CACHE BOX is the most widely selected caching solution by far in the E-Rate program since

655 views • 29 slides
Detecting a Biological Attack The attack will not be obvious; it may take hours or days to know.

Detecting a Biological Attack The attack will not be obvious; it may take hours or days to know.

Detecting a Biological Attack The attack will not be obvious; it may take hours or days to know. Current biological diagnostics are very effective at identifying agents, but theyre slow. We already have an infrastruc- ture in place to

233 views • 8 slides
Clean Coffee Team 17 Introduction Context Client Problem Progress Initial Method of Attack

Clean Coffee Team 17 Introduction Context Client Problem Progress Initial Method of Attack

Kirk Brink Chris Greaves Erik Karlson Paul Bootsma Clean Coffee Team 17 Introduction Context Client Problem Progress Initial Method of Attack Obstacles Overcome Final Plan of attack Sensitivity Studies Optimization Sustainability

426 views • 26 slides
ISE331: Snowden Attack 1 Ou Outline of f Topics Covered Snowdens background and how he

ISE331: Snowden Attack 1 Ou Outline of f Topics Covered Snowdens background and how he

ISE331: Snowden Attack 1 Ou Outline of f Topics Covered Snowdens background and how he got to the position of being able to leak confidential information from the CIA How Snowden planned and performed the attack The method used

264 views • 24 slides
Attack Graph Based Metrics for Identifying Critical Cyber Assets in Electric Grid Infrastructure

Attack Graph Based Metrics for Identifying Critical Cyber Assets in Electric Grid Infrastructure

Attack Graph Based Metrics for Identifying Critical Cyber Assets in Electric Grid Infrastructure Chen Huo Panini Sai Patapanchala Dr. Rakesh B. Bobba Dr. Eduardo Cotilla-Sanchez 1 Our Goal Short-term : Developing a method that takes

378 views • 20 slides
PDF Mirage: Content Masking Attack Against Information-Based Online Services Ian Markwood*, Dakun

PDF Mirage: Content Masking Attack Against Information-Based Online Services Ian Markwood*, Dakun

PDF Mirage: Content Masking Attack Against Information-Based Online Services Ian Markwood*, Dakun Shen*, Yao Liu, and Zhuo Lu University of South Florida *Co-first authors Presented by Ian Markwood Outline Motivation Background

681 views • 52 slides
Attack- based Domain Transition Analysis Susan Hinrichs shinrich@ uiuc.edu Prasad Naldurg

Attack- based Domain Transition Analysis Susan Hinrichs shinrich@ uiuc.edu Prasad Naldurg

Attack- based Domain Transition Analysis Susan Hinrichs shinrich@ uiuc.edu Prasad Naldurg prasadn@ microsoft.com SE Linux Symposium Attack- based DTA 1 06 Outline Motivation Review of type enforcement transitions Attack

471 views • 18 slides
RFC 3706 A Traffic-Based Method of Detecting Dead Internet Key Exchange (IKE) Peers (Czerny

RFC 3706 A Traffic-Based Method of Detecting Dead Internet Key Exchange (IKE) Peers (Czerny

RFC 3706 A Traffic-Based Method of Detecting Dead Internet Key Exchange (IKE) Peers (Czerny Andeas) Summery 1. Introduction 2. Keepalives and Heartbeats 3. DPD Protocol 4. Resistance to Replay Attack and False Proof of Liveliness Situation

890 views • 20 slides
How to mask S-Boxes of a block cipher against side channel attacks. Focus on the AES. Micha el

How to mask S-Boxes of a block cipher against side channel attacks. Focus on the AES. Micha el

Introduction Masking based on Look-up tables How to mask (additively) basic operations? Method based on multiplicative masking Method based on Square and Multiply and addition chains Method based on the tower field representation

824 views • 54 slides
Thermodynamics of 2+1 flavor QCD with the SF t X method based on the gradient flow SF t X method :

Thermodynamics of 2+1 flavor QCD with the SF t X method based on the gradient flow SF t X method :

2020/5/20 @ R-CCS Thermodynamics of 2+1 flavor QCD with the SF t X method based on the gradient flow SF t X method : small flow-time expansion method WHOT-QCD Collaboration: K. Kanaya, Y. Taniguchi, A. Baba, A. Suzuki (Univ. Tsukuba) S.

926 views • 50 slides
Replica method: a statistical mechanics approach to probability-based information processing

Replica method: a statistical mechanics approach to probability-based information processing

bg=black!2 Introduction Limiting eigenvalue distribution of random matrices Digital communication Bibliography Replica method: a statistical mechanics approach to probability-based information processing Toshiyuki Tanaka tt@i.kyoto-u.ac.jp

1.14k views • 41 slides
Privileged Attack Vectors: Building Effective Defense Strategies Morey J. Haber Chief

Privileged Attack Vectors: Building Effective Defense Strategies Morey J. Haber Chief

Privileged Attack Vectors: Building Effective Defense Strategies Morey J. Haber Chief Technology Officer mhaber@beyondtrust.com Agenda The Threat Landscape Sample Cases What is Privileged Access Management? Twelve

751 views • 31 slides
Identifying Attack Vectors Professor Larry Heimann Web Application Security Information Systems

Identifying Attack Vectors Professor Larry Heimann Web Application Security Information Systems

Identifying Attack Vectors Professor Larry Heimann Web Application Security Information Systems Nothing is in isolation Attack surface An attack surface is the total number of possible attack vectors Think of a house, with the

309 views • 15 slides
Attack on Traffic Systems These attack examples have happened in the past. We will take an

Attack on Traffic Systems These attack examples have happened in the past. We will take an

From start to finish how a cyber attack would be performed on traffic system, we will go over first day >> exploitation of the device >> the real-world aftermath. Mission Secure, Inc. Attack on Traffic Systems These attack examples

556 views • 18 slides
UNIT-4 CIVIL DEPARTMENT Presentation Presentation is a method of effective

UNIT-4 CIVIL DEPARTMENT Presentation Presentation is a method of effective

UNIT-4 CIVIL DEPARTMENT Presentation Presentation is a method of effective communication, either oral or written, which is given to achieve a specific business/ organizational goals . Syllabus Defining purpose,

690 views • 41 slides
Secure Programming Skoudis, Tom Liston, Prentice Hall Hacking Exposed 7: Network Security

Secure Programming Skoudis, Tom Liston, Prentice Hall Hacking Exposed 7: Network Security

17.2.2016 Course material 2 Counter Hack Reloaded:A Step by Step Guide to Computer Attacks and Effective Defenses, Edward Secure Programming Skoudis, Tom Liston, Prentice Hall Hacking Exposed 7: Network Security Secrets &

410 views • 4 slides
A Reaction Attack against Cryptosystems based on LRPC Codes Gustavo Banegas joint work with

A Reaction Attack against Cryptosystems based on LRPC Codes Gustavo Banegas joint work with

A Reaction Attack against Cryptosystems based on LRPC Codes Gustavo Banegas joint work with Simona Samardjiska, Paolo Santini and Edoardo Persichetti Latincrypt 2019 October 3rd, 2019 A Reaction Attack against Cryptosystems based on LRPC

590 views • 33 slides
Id Identify fy a Phishing Attack CWU Information Security Services Id Identify fy a Phishing

Id Identify fy a Phishing Attack CWU Information Security Services Id Identify fy a Phishing

Id Identify fy a Phishing Attack CWU Information Security Services Id Identify fy a Phishing Attack An email address that tries to disguise itself as legitimate Outlook Team <msOutlook@outlook.com> Confirm Acount Details Hello

108 views • 7 slides
Agendas Information Control and Terrorism: Tracking the Mumbai Terrorist Attack through Twitter

Agendas Information Control and Terrorism: Tracking the Mumbai Terrorist Attack through Twitter

Agendas Information Control and Terrorism: Tracking the Mumbai Terrorist Attack through Twitter Analysis of terrorists decision making cycle during the Mumbai terrorist attack Onook Oh*, Manish Agrawal^ , H. Raghav Rao* Situation

297 views • 6 slides
A New Side-Channel Attack on RSA Prime Generation Thomas Finke, Max Gebhardt, Werner Schindler

A New Side-Channel Attack on RSA Prime Generation Thomas Finke, Max Gebhardt, Werner Schindler

A New Side-Channel Attack on RSA Prime Generation Thomas Finke, Max Gebhardt, Werner Schindler Federal Office for Information Security (BSI), Germany Lausanne, September 7, 2009 Outline r Introduction and Motivation r The Attack r Basic attack

514 views • 25 slides
Total Sport Approach What is TSA ? TSA is an effective integral method including appertaining

Total Sport Approach What is TSA ? TSA is an effective integral method including appertaining

Total Sport Approach What is TSA ? TSA is an effective integral method including appertaining hardware and software components for use of improving management of sport programs Items: - Contains a specific TSA manual - Assessment parameters,

966 views • 10 slides

More recommend