Network Architectures and Services, Georg Carle Faculty of Informatics Technische Universität München, Germany Attack Frameworks and Tools Pranav Jagdish Betreuer: Nadine Herold Seminar Innovative Internet Technologies and Mobile Communication WS2014 Lehrstuhl Netzarchitekturen und Netzdienste Fakultät für Informatik, Technische Universität München
Overview Introduction Overview of Tools Password Crackers Network Poisoners Network Security Tools Denial of Service Tools Concluding remarks Titel Attack Frameworks and Tools 2
Introduction Network Security – perhaps the most important aspect of communications in todays world How easy it is to attack a target system or network today? Tools automate most of the work From fingerprinting your target to attacking Knowledge requirements decrease day by day Titel Attack Frameworks and Tools 3
Introduction The CIA Triangle Confidentiality Integrity Availability Titel Attack Frameworks and Tools 4
Overview of the Tools Password Crackers Cain and Abel John the Ripper Hashcat • Free • Free • Free • Windows • Various • Linux, Only GUI Platforms OSX and Windows Titel Attack Frameworks and Tools 5
Overview of the Tools Network Poisoners ZARP Ettercap • Free • Free • Python • Various Script Platforms Titel Attack Frameworks and Tools 6
Overview of the Tools Network Security Tools Nmap Metasploit Sqlmap • Free • Free • Free • Various (Signup • Python Required) Platforms Script • Windows and Linux Titel Attack Frameworks and Tools 7
Overview of the Tools Denial of Service Tools LOIC HULK • Free • Free • Windows • Python Only GUI Script Titel Attack Frameworks and Tools 8
Password Crackers Attack: Confidentiality Crack passwords or keys Crack various kind of hashes Initially used to crack local system passwords like for Windows and Linux Have extended to include numerous kinds of hashes New versions are faster and use different kind of cracking methods GPU based password cracking also possible and is faster than CPU based Primarily: Brute forcing or Dictionary based attacks Titel Attack Frameworks and Tools 9
Password Crackers Cain and Abel Windows based Widely used to crack Windows Passwords (LM Hashes and NTLM Hashes) Has built-in sniffer • Can sniff web session passwords • Can analyse SSH-1 or HTTPS traffic Needs: • Rainbow tables for effective hash cracking • Size of table – impediment! – However, this is an issue with all password crackers and related to password lengths and reverse hash lookups Titel Attack Frameworks and Tools 10
Password Crackers John the Ripper Like Cain and Abel - Dictionary based and Brute force methods available Comes with various character sets Can crack numerous kinds of hashes Brute force can for obvious reasons take a huge amount of time • Dictionaries could go up to petabytes • Cracking time could be in excess of decades for even a 8 character password • Normal machines: Impossible – Solution: Good dictionaries? Titel Attack Frameworks and Tools 11
Password Crackers Hashcat Like the previous tools – However claims to be “fastest password cracker” with proprietary cracking algorithms Vs. Cain and Abel & John the Ripper - Offers various kinds of attacks • 8 kinds of attacks • Example: Combinator attack – combine each word in dictionary to every other word in it • Example: Hybrid attack – Half of password from dictionary and rest from brute force • HENCE, INCREASES EFFECTIVENESS OF A DICTIONARY A GPU Based cracker – “ oclHashcat ” available - faster Titel Attack Frameworks and Tools 12
Network Poisoners Attack: Integrity of the Network Can lead to loss of confidentiality and availability too Prime goal : ARP Poisoning Pose as another machine on the Network Titel Attack Frameworks and Tools 13
Network Poisoners Once done: Pose as DNS Server Pose as DHCP Server Pose as the default gateway Perform Data Sniffing Man in the Middle Attacks (MITM) and a lot more… Even HTTPS traffic is not safe (tool called SSLStrip) – yet another tool that can be used without much insights. Titel Attack Frameworks and Tools 14
Network Poisoners ZARP Suite of Poisoners Includes Sniffers Plans to be a central network poisoning/administration tool Can manage active sessions of poisoning/sniffing Still being developed Titel Attack Frameworks and Tools 15
Network Poisoners Ettercap GUI available too! Plugins offer support for further complex attacks like: • DNS Poisoning • DHCP Poisoning Titel Attack Frameworks and Tools 16
Network Security Tools Covers wide array of tools Most were created for vulnerability testing and easing the job of network administrators Today are used to test how secure a system is But are also infamous for their misuse by hackers Titel Attack Frameworks and Tools 17
Network Security Tools Nmap Network Scanner A powerful tool to scan networks Used for (not exclusive list): • OS fingerprinting • Host Discovery • Port Scanning Titel Attack Frameworks and Tools 18
Network Security Tools Metasploit Framework A database of exploits Provides information about security vulnerabilities Goal: Aid in penetration testing and IDS signature development In the wrong hands: • Can be used to exploit those same vulnerabilities with relative ease Exploits for almost every kind of system – from Mac OSX to Windows to Linux to Android phones Has a GUI available too – Armitage Titel Attack Frameworks and Tools 19
Network Security Tools Metasploit Framework How easy it is? • Select an exploit from the database • Select a payload • Decide upon an obfuscation or encoding scheme • ANY EXPLOIT CAN BE ATTACHED WITH ANY PAYLOAD Types of exploits: • Passive – wait for targets to connect in and then try to exploit their systems • Active – target system attacked directly “ Autopwn ” feature – tries to automatically exploit and inject itself into target system • Makes life easy for an attacker! Titel Attack Frameworks and Tools 20
Network Security Tools Metasploit Framework Problems? • Exploits caught by anti-virus software (primarily of E-Mail providers) if not local systems anti-virus – SPREADING THE PAYLOAD BECOMES DIFFICULT! • Many exploits released after the vulnerabilities have been patched in software updates Titel Attack Frameworks and Tools 21
Network Security Tools Where the SQLMap vulnerability exists SQL Injection Vulnerabilities • Script checks possible SQL injection inputs on the Web Control Data application Channel Channel • Vulnerability scanning Many such scanners exist like, JoomScan – Joomla CMS Scanner WPScan – Wordpress Scanner Titel Attack Frameworks and Tools 22
Denial Of Service Tools Attacks : Availability Bandwidth Server Server Bandwidth Titel Attack Frameworks and Tools 23
Denial Of Service Tools Attacks : Availability Other scenarios exist too Example: IPv6 DOS Attack Effects on Organziations: Loss of revenues in recent years Loss of user trust on organisations Recently: Christmas Day 2014 DOS Attacks on Playstation Networks and XBOX Live Titel Attack Frameworks and Tools 24
Denial Of Service Tools LOIC – “Low Orbit Ion Cannon” “ Hivemind ” feature – Distributed Denial Of Service Favourite of “Hacktivists” Minimal knowledge of networks required Flood Multiple requests to the Server Titel Attack Frameworks and Tools 25
Titel Attack Frameworks and Tools 26
Denial Of Service Tools HULK – “HTTP Unbearable Load King” Generate unique requests every single time • Additional random page names added • Random Query Strings appended • Source Client information changed Titel Attack Frameworks and Tools 27
Conclusions Is it that easy to hack? Probably not • Password crackers – Require massive computing power • Metasploit Payloads – Detected by anti-virus software – Patches before vulnerabilities published (usually) • Nmap Fingerprinting – Can be blocked by active monitoring • SQL Injection becoming less common as developers become more aware • Denial of Service – still can occur – Difficult to mitigate – Used extensively by “ hactivist ” groups Unpatched systems and old websites may still be vulnerable Titel Attack Frameworks and Tools 28
Recommend
More recommend
