Ethical Hacking

Wade Mackey

Ethical Hacking

MIS 5211.702 ■ Fall 2020 ■ Wade Mackey

Brian Schneider

Netcat: New Attack lets hackers remotely steal data

by Leave a Comment

This article, from 2019, shows a major flaw in the intel CPU’s that allow them to be exploited remotely overt the networks without requiring the attacker to have physical access or any malware installed on the target computer. The attacker works by using Netcat to sniff out sensitive data from intels cpu cache. It works by sending specially crafted network packets to a target computer that has the remote direct memory access feature enabled. RDMA allows attackers to spy on remote peripherals such as network cards in order to observe the timing difference between a network packet that is served from the remote processor cache versus a packet served from memory. By measuring the inter-arrival timing of packets, Netcat is able to use keystroke timing attack to leak what you type. The keystroke attack is correct about 85% of the time as of the writing of this article.

 

“NetCAT: New Attack Lets Hackers Remotely Steal Data From Intel CPUs.” The Hacker News, 11 Sept. 2019, thehackernews.com/2019/09/netcat-intel-side-channel.html?m=1.

Reading Week 5 Netcat

by 1 Comment

Netcat is an extremely powerful tool that security professionals use to do many things s when it comes to targeting networks and client machines. Some of the potential uses of Netcat is to scan all ports and connect to ones that are widely used to hide itself. Conduct file transfers back and forth across the network. Another important use for the tool is that it allows individuals to test their servers and firewalls. Also it can be used to test network performance. Sending commands back and forth using Netcat allows individuals to send commands back and forth across the network to client machines.

 

1. What ways can Netcat be used to transfer information back and forth across the network?

2. How does Netcat sneak into well known and used ports without being detected?

In the news-Week 4

by Leave a Comment

Zenscrape: A simple web scraping solution for penetration testers

This article is all about a software named zenscape. The basics of this software is web scraping. This tool has the crawler and the scraper combined into one tool. This is an important tool for penetration testers (according to the article) because web scraping is a crucial part of a successful business. During a pen test, it is important to test the computer systems, web applications, and networks to determine vulnerabilities. There are many tools for pen testing but this is an all in one tool that uses artificial intelligence tools to troubleshoot all security issues.

 

“Zenscrape: A Simple Web Scraping Solution for Penetration Testers.” The Hacker News, 17 Sept. 2020, thehackernews.com/2020/09/zenscrape-simple-web-scraping-solution.html?m=1.

Reading Summary-Nessus

by Leave a Comment

Nessus is an in house freeware utility that allows companies to scan for vulnerabilities automatically. The software tells them not only the vulnerabilities but also how to fix them. It is a proactive vulnerability scan that can identify vulnerabilities that may become dangerous. This software gives an idea of how an intruder would try to get in which allows the company to better protect itself. There is a downside however; if a vulnerability exists without a corresponding plug-in, the scanner will not find it. The overall goal of Nessus is to discover as many vulnerabilities as possible, decide how risky they are to your environment, and then reduce the risk that they pose.

 

Question

While this software is excellent to have a continually running automatic vulnerability, are there other processes that can pick up what Nessus misses?

Uber ex-security boss accused of covering up hack attack

by Leave a Comment

I found a very interesting article on the former chief security officer of Uber, Joseph Sullivan. Sullivan is currently being charged with obstruction of justice for an incident that happened at Uber in 2016. At that time, the company had the details of 57 million uber drivers and passengers exposed by a hacking group. To keep this quiet, Sullivan tried to cover up the data breach by paying the hackers 100,000 dollars to delete all the data they had stolen. When the data breach was revealed to the public in 2017, Uber fired Sullivan. Now he is being charged with obstruction of justice because he took “deliberate steps” to stop the FTC from finding out about the hackings.

He disguised the payments by using bitcoin instead of actual money and called it a “bug bounty” reward which is usually given to cyber security experts for discovering vulnerabilities so that they can be fixed. On top of this, he had the hackers sign a non disclosure agreement as part of the payment that stated that they had not stolen any data from Uber. Because of his actions, Uber had to pay $148 million dollars in legal claims from all 50 States.

 

Tidy, Joe. “Uber Ex-Security Boss Accused of Covering up Hack Attack.” BBC News, BBC, 21 Aug. 2020, www.bbc.com/news/technology-53861375?intlink_from_url=www.bbc.com/news/topics/c347w30eq7xt/computer-hacking.

Reading questions with key points

by 1 Comment

Basics of computer networking

            Network topology can have a network arranged in many different layouts that include: star, mesh, point to point, daisy chain, tree, hybrid, ring.

What is the difference between well known ports, registered ports, and ephemeral ports?

Intro to basic networking terminology

            The most widely used network reference model, which were developed to allow products from different manufacturers to interoperate on a network, is the TCP/IP model (which was developed by the Department of Defense)

Why would the DOD need to create a network reference model when there was already one widely used?

Layers of OSI

The open system interconnection (OSI) model is a 7 layer architecture that works to transmit data from one device to another device across the globe.

Was the OSI model to complicated to use? Is that why they created the TCP?IP model?

TCP/IP

            The transmission control protocol/internet protocol is a 4 layer architecture model and was created by the DOD and is a concise version of the OSI model.

How does the OSI model compare to the TCP/IP model (architecture wise)?