Temple University

Ruslan Yakush

Week 13 – In the News

Finally, FBI was able to UNLOCK the iPhone without help of Apple.

FBI has been so eager to unlock the iPhone by all means, and luckily they found a third-party company in Israel who was able to assist in decrypting iPhone. This means that now only FBI and Israeli company know about critical vulnerability that will not be shared with Apple. Moreover, FBI has no legal obligation to reveal such a secret.

Therefore, this puts Apple into a very bad situation since FBI has been begging Apple to help unlock the iPhones. Now, Apple has to figure out a critical vulnerability on their own without help of FBI.

Details at: http://thehackernews.com/2016/03/fbi-ublock-iphone.html

Week 12 – Summary

Readings:

Aircrack-ng tool set is very powerful when it comes to wireless transmissions Monitoring, Attacking, Testing and Cracking. It is available in different suite options, such as: VM, Live CD and installer for linux OS. While LiveCD and VM versions are simpler to use, these packages have limitations and vulnerabilities. So, the best option is to use Suite for Linux OS, run suite within Linux environment to take full advantage of all functions; however, it would require deep knowledge of Linux. Aircrack can be used to crack WEP passcode using basic approach of capturing Initialization Vectors and then injecting collected IVs into packets via ARP Replay mode.

Question to the Class:

Is it worth it to write your own DLL for Windows in order to manually link drivers for aircrack to work? Would it not be more beneficial and easier to learn Linux, thus gaining more useful and broad experience?

In the News:

Mac OS X Zero-Day Exploit Can Bypass Apple’s Latest Protection Feature

A critical zero-day vulnerability has been discovered in all versions of Apple’s OS X operating system that allows hackers to exploit the company’s newest protection feature and steal sensitive data from affected devices.

http://thehackernews.com/2016/03/system-integrity-protection.html

P.S. After reading this news, I updated my Apple products right away!

Week 11 Summary

Readings:

IEEE 802.11 family standard is a set of Layer 1 and Layer 2 specifications of OSI model for implementing WLANs. Developed by IEEE committee in 1997, 802.11 standard was the first wireless networking standard while 802.11b being accepted more widely, followed by next generations of standards 802.11/g/n/ac. Each standard defines various wireless characteristics and functions, including frequency channels, speed, bandwidth, signal modulation. Architecture of Wireless networking is very complex and requires deep understanding of all logical and physical components of its nature such as components: STA, IBSS, ESS, DS; operation modes, Infrastructure vs. Ad-Hoc, and others. Protocols include EAP, WEP, WPA2 and 802.11x for port-based security. The Wireless technology evolves rapidly given its wire-equivalent capabilities and most likely in the future will replace cabling in most areas. However, security will have to advance in order to provide great protection against malicious attacks.

Question to the Class:

Given Wireless deployment in public areas, such as recent New York wide setup of Wireless Stations for public access, should it be considered as a luxurious opportunity for Hackers to attack more?

In the News:

Malvertising Campaign Hits Top Websites to Spread Ransomware

Once clicked, the malicious Ad redirects the user to a malicious website that hosts Angler Exploit Kit (AEK) to infect visitors by installing malware and ransomware on their computer.
Angler Exploit Kit includes many malicious hacking tools and zero-day exploits that let hackers execute drive-by attacks on visitors’ computers.
In this case, the Angler kit scans for the vulnerable PCs and loads Bedep Trojan and TeslaCrypt Ransomware, opening doors for hackers to further install a variety of malicious programs.

http://thehackernews.com/2016/03/what-is-malvertising.html

Week 10 – In The News

ISPs Sell Your Data to Advertisers, But FCC has a Plan to Protect Privacy

The Federal Communication Commission (FCC) has put forward a proposal that aims to protect Internet user’s privacy.
The proposal [pdf] will regulate the amount of customers’ online data the Internet Service Providers (ISPs) are able to collect and sell to the advertising companies.
Currently, there is no particular rule by law covering broadband providers and customer privacy, and if adopted, this would be the first privacy rule for ISPs.

Read more at: http://thehackernews.com/2016/03/isp-sells-data-to-advertisers.html

 

Week 9 – Summary

Readings:

Wireshark was developed in 2006 (originally called Ethereal as was developed by Gerald Combs back in 1998) and so far is the best free Open Source tool that is used for deep network data packet analysis, in which comprehensive information is extracted from captured network transmissions. Wireshark provides analysis of all 7 layers of the OSI model, which helps to troubleshoot network communications issues, discover security flaws, debug and learn network protocols. Wireshark is compatible with various OS flavors and customizable for development purposes.

Question to the Class: Would BurpSuite be a good fit as competitor for packet analysis of Layer 7 of OSI model?

 

In the News: Subgraph OS — Secure Linux Operating System for Non-Technical Users

Subgraph OS was designed from the ground-up to reduce the risks in endpoint systems so that individuals and organizations around the world can communicate, share, and collaborate without fear of surveillance or interference by sophisticated adversaries through network borne attacks.

Subgraph OS is designed to be difficult to attack. This is accomplished through system hardening and a proactive, ongoing focus on security and attack resistance. Subgraph OS also places emphasis on the integrity of installable software packages.

Special Features:

  • Oz is a system for isolating programs so that if an attacker exploits an application security vulnerability, the rest of your machine and your network will remain largely unaffected.
  • Mandatory Full Disk Encryption (FDE)

  • Online Anonymity — Everything through Tor

  • Advanced Proxy Setting

  • System and Kernel Security

  • Secure Mail Services

  • Package Integrity

Read more @: http://thehackernews.com/2016/03/subgraph-secure-operating-system.html

 

 

Weeks 6 & 7 – Summary

Readings:

Web based attacks are most dangerous environments with numerous ways to compromise Confidentiality, Integrity and Availability. Various methods exist to break into web services, servers and sites components, such as: Phishing XSS, Injections Flaws, Unsecured storage,  Broken Authentication and access controls, Unvalidated data inputs, etc. Especially, SQL Injection is very powerful in hands of hackers since SQL databases are all over the globe in every web site. The best security practices to avoid being a victim of such attacks is to make sure industry standards are followed when designing web based applications.

Question to the Class: Would WebGoat be considered the best up-to-date tool to practice attacks?

In the News:

If you are using a SimpliSafe wireless home alarm system to improve your home security smartly, just throw it up and buy a new one. It is useless.

Read more here:

http://thehackernews.com/2016/02/hack-home-security-alarm.html

Week 5 – In the News

*/ No Reading for this week.

 

In the News:

National Security Agency merging offensive, defensive hacking operations

The U.S. National Security Agency on Monday outlined a reorganization that will consolidate its spying and domestic cyber-security operations, despite recommendations by a presidential panel that the agency focus solely on espionage.

Read more at: http://www.reuters.com/article/us-usa-cyber-nsa-idUSKCN0VH21H

 

 

Week 4 Summary

Readings: MSF Extended Usage and Metasploit GUIs

In addition to general features of Metasploitable environment, MSF extended allows to go beyond of standard and include powerful tools such as Karmetasploit, Mimikatz and others that can be customized as well. Moreover, GUI versions such as Armitage or Community edition of Metasploitable allow to simply execute codes by clicking mouse buttons.

Questions to the Class: 

Since MAC OS X is based on Unix core, how deep can it be exploited with Metasploitable tools?

In the News:

Danske bank fixes several vulnerabilities that could allow hackers to get into bank accounts – See more at: http://www.ehackingnews.com/2015/10/danske-bank-fixes-several.html#sthash.eGxqbDJG.dpuf

Week 2 & 3 Summary

Readings Summary: 

After reading materials about Metasploit Fundamentals, Information Gathering, Vulnerability Scanning, Exploit Development, Web App Exploit Development, Client Side Attacks and Auxiliary Module Reference, MSF Post Exploitation, Meterpreter Scripting, and Maintaining Access, I concluded how powerful Metasploit Framework is given its customization capabilities and number of exploits in database. Moreover, I found that there is VM version of Metasploitable-2 machine that is designed to be Intentionally Vulnerable Metasploitable Lab Environment. In addition, NeXpose can be embedded into MSFConsole itself and ran from within MSF to perform advanced scans. Also, it is important to note that both attacking machine (Kali Linux) and a victim machine (metasploitable 2) must be setup in secured isolated VM environment to avoid exposure to internal network. While Metaspolit has its own prebuilt scripts, it is possible to write your own scripts with Meterpreter.

Questions to the Class:

  1. When comparing NeXpose, Nessus and Metasploit, which tool is better in terms of Security Audit Reporting and scan capabilities?

2.  When installing NeXpose on KALI 2.0, received the installation failure reason below. Has anyone received the same error?

“[Fail] – An unsupported kernel version 4.0.0-kali1-amd64 was detected.”

In the News:

Azerbaijani Hackers have hacked NATO-Armenia and embassy websites in 40 countries giving a powerful reply to the Armenian hackers.

Read more here: https://www.hackread.com/azerbaijani-hackers-defac-nato-armenia-embassy-sites/

 

Setup Instructions for ALPHA WIRELESS CARD

Hello Everyone,

I would like to share with you some useful information so that you guys will not need to deal with setup difficulties and diving into google search trying to find answers.

Basically, I experienced some issues when installing Alpha Wireless Card (AWUS036ACH) on KALI LINUX since it would not install automatically once plugged into USB port. Further, I discovered that certain drivers would need to be downloaded and installed manually using certain commands in Terminal. While you may have a different Alpha Card Model, you may still want to apply setup process below in case if you have any setup issues.

After complete research, testing and verification, I wrote a Step-By-Step setup instructions below to make life easier for all of us.

Setup procedure for installing drivers for Alfa Wireless Adapter:

Note: Adapter must be plugged into USB port only after installaing the drivers as outlined below.

Setup Steps:

1. Download driver here:

https://github.com/abperiasamy/rtl8812AU_8821AU_linux.

2. In KALI Linux, navigate to /etc/apt folder and edit sources.list with the following sources:

deb http://http.kali.org/kali sana main non-free contrib
deb http://security.kali.org/kali-security sana/updates main contrib non-free
deb-src http://http.kali.org/kali sana main non-free contrib
deb-src http://security.kali.org/kali-security sana/updates main contrib non-free

3. Open Terminal and run commands below:

apt-get update
apt-get upgrade
apt-get install -y linux-headers-$(uname -r)

4. back into Terminal, extact the drivers and navigate to extraced driver’s folder

5. Run command below

make

6. After that completes type:

make install

7. Plug in the Alfa adapter to USB port and restart Kali

8. Open terminal and run IFCONFIG, where you should see WLAN0 adapter.
If no IP Address exists, navigate to System Settings Wireless Connection and connect Alfa Adapter to desired SSID……..now, IFCONFIG should show IP Address for WLAN0 adapter
— THE END —-