an effective attack method based on information exposed
play

An Effective Attack Method Based on Information Exposed by Search - PowerPoint PPT Presentation

Aug 02, 2023 •146 likes •285 views

An Effective Attack Method Based on Information Exposed by Search Engines Antonios Gouglidis, University of Macedonia IT Security for the Next Generation European Cup, Prague 17-19 February, 2012 Motivation Extensive usage of Web 2.0

  1. An Effective Attack Method Based on Information Exposed by Search Engines Antonios Gouglidis, University of Macedonia “IT Security for the Next Generation” European Cup, Prague 17-19 February, 2012

  2. Motivation Extensive usage of Web 2.0 technologies • Mostly interested in WS provided by major search engines How WS can be used in a malicious way? PAGE 2 | "IT Security for the Next Generation", European Cup | 17-19 February, 2012

  3. Anatomy of an Attack Initial Steps Footprinting Scanning Enumeration Gaining access Determination of reachable Probe identified hosts and running Attempt to access the Objective Information gathering systems services for known weaknesses target system •Open source search •TCP/UDP port scan •Buffer overflows •Identify applications Technique •Whois •OS detection •Password •List file shares •DNS zone transfer •Ping sweep eavesdropping •Search engines •nmap •Banner grabbing •Bind, ISS Tools •UNIX/LINUX clients •fping •showmount •tcpdump •nslookup PAGE 3 | "IT Security for the Next Generation", European Cup | 17-19 February, 2012

  4. The Proposed Attack Method A 3-step Methodology PAGE 4 | "IT Security for the Next Generation", European Cup | 17-19 February, 2012

  5. How to Deploy the Attack The attack cannot be identified, until its deployment !!! Vulnerable Systems HTTP Proxy Create a query using advanced search operators Return URLs Create a valid HTTP Post Request Deploy the exploit PAGE 5 | "IT Security for the Next Generation", European Cup | 17-19 February, 2012

  6. Implementation Prerequisites Register to get an APPID for either Google or Bing The proposed methodology utilizes: • The “Google Hacking” technique • Web 2.0 technologies – REST approach – JSON PAGE 6 | "IT Security for the Next Generation", European Cup | 17-19 February, 2012

  7. Implementation JBossHacker.py Implemented in the Python scripting language • Approximately 50 lines of code Supported search engines • Google • Microsoft Bing What it can do? • Find servers having their JBoss JMX-Console open • Deploys an exploit • Gain command line access via a Web browser PAGE 7 | "IT Security for the Next Generation", European Cup | 17-19 February, 2012

  8. Hands-on JBossHacker.py - Results Summary Possible Vulnerable Systems PAGE 8 | "IT Security for the Next Generation", European Cup | 17-19 February, 2012

  9. Hands-on JBoss Deployment Scanner PAGE 9 | "IT Security for the Next Generation", European Cup | 17-19 February, 2012

  10. Hands-on Gaining Command Line Access PAGE 10 | "IT Security for the Next Generation", European Cup | 17-19 February, 2012

  11. How to defend yourself? Existing Solutions Google Hack Yourself Rely on Policy and Legal Restrictions Google Diggity Project • Provides an Intrusion Detection System – Alert RSS Feeds – Alert RSS Monitoring Tools PAGE 11 | "IT Security for the Next Generation", European Cup | 17-19 February, 2012

  12. Conclusions The Proposed Attack Methodology What it can do? • Targets online Web Applications on the Internet – Not bounded to a single application • Deploy massive attacks, in an automated way • Undetectable until the time of deploying the exploit • High probability of a successful attack, if target satisfies ALL the criteria What it cannot do? • Discover new vulnerabilities – Prior knowledge of the vulnerability/exploit is required • No guarantees of a successful attack, if criterias are not met by the target PAGE 12 | "IT Security for the Next Generation", European Cup | 17-19 February, 2012

  13. Thank You Antonios Gouglidis, University of Macedonia “IT Security for the Next Generation” European Cup, Prague 17-19 February, 2012

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Effective Security Going Back To The Basics M e r i k e K a e o , C T O m e r i k e @ f s i .

Effective Security Going Back To The Basics M e r i k e K a e o , C T O m e r i k e @ f s i .

Effective Security Going Back To The Basics M e r i k e K a e o , C T O m e r i k e @ f s i . i o FARSIGHT SECURITY DISCUSSION POINTS Attack Trends A Historical View Attack Vectors in Recent Years Evolution of Mitigation

634 views • 29 slides
Effective Treatment of Trauma New Concept, Ancient Method. Different, Effective, Proven .

Effective Treatment of Trauma New Concept, Ancient Method. Different, Effective, Proven .

Effective Treatment of Trauma New Concept, Ancient Method. Different, Effective, Proven . David Waite, Southwest Manchester EnjoyLifeCounselling@outlook.com. No website- I have all the work I want. e-slides available. I will talk

378 views • 26 slides
Slide 2 Caching is both the most effective AND the most cost-effective method for schools to

Slide 2 Caching is both the most effective AND the most cost-effective method for schools to

Slide 2 Caching is both the most effective AND the most cost-effective method for schools to optimise internet connections. ApplianSys caching appliance CACHE BOX is the most widely selected caching solution by far in the E-Rate program since

600 views • 30 slides
Slide 2 Caching is both the most effective AND the most cost-effective method for schools to

Slide 2 Caching is both the most effective AND the most cost-effective method for schools to

Slide 2 Caching is both the most effective AND the most cost-effective method for schools to optimise internet connections. ApplianSys caching appliance CACHE BOX is the most widely selected caching solution by far in the E-Rate program since

655 views • 29 slides
Detecting a Biological Attack The attack will not be obvious; it may take hours or days to know.

Detecting a Biological Attack The attack will not be obvious; it may take hours or days to know.

Detecting a Biological Attack The attack will not be obvious; it may take hours or days to know. Current biological diagnostics are very effective at identifying agents, but theyre slow. We already have an infrastruc- ture in place to

233 views • 8 slides
Clean Coffee Team 17 Introduction Context Client Problem Progress Initial Method of Attack

Clean Coffee Team 17 Introduction Context Client Problem Progress Initial Method of Attack

Kirk Brink Chris Greaves Erik Karlson Paul Bootsma Clean Coffee Team 17 Introduction Context Client Problem Progress Initial Method of Attack Obstacles Overcome Final Plan of attack Sensitivity Studies Optimization Sustainability

426 views • 26 slides
ISE331: Snowden Attack 1 Ou Outline of f Topics Covered Snowdens background and how he

ISE331: Snowden Attack 1 Ou Outline of f Topics Covered Snowdens background and how he

ISE331: Snowden Attack 1 Ou Outline of f Topics Covered Snowdens background and how he got to the position of being able to leak confidential information from the CIA How Snowden planned and performed the attack The method used

264 views • 24 slides
Attack Graph Based Metrics for Identifying Critical Cyber Assets in Electric Grid Infrastructure

Attack Graph Based Metrics for Identifying Critical Cyber Assets in Electric Grid Infrastructure

Attack Graph Based Metrics for Identifying Critical Cyber Assets in Electric Grid Infrastructure Chen Huo Panini Sai Patapanchala Dr. Rakesh B. Bobba Dr. Eduardo Cotilla-Sanchez 1 Our Goal Short-term : Developing a method that takes

378 views • 20 slides
PDF Mirage: Content Masking Attack Against Information-Based Online Services Ian Markwood*, Dakun

PDF Mirage: Content Masking Attack Against Information-Based Online Services Ian Markwood*, Dakun

PDF Mirage: Content Masking Attack Against Information-Based Online Services Ian Markwood*, Dakun Shen*, Yao Liu, and Zhuo Lu University of South Florida *Co-first authors Presented by Ian Markwood Outline Motivation Background

681 views • 52 slides
Attack- based Domain Transition Analysis Susan Hinrichs shinrich@ uiuc.edu Prasad Naldurg

Attack- based Domain Transition Analysis Susan Hinrichs shinrich@ uiuc.edu Prasad Naldurg

Attack- based Domain Transition Analysis Susan Hinrichs shinrich@ uiuc.edu Prasad Naldurg prasadn@ microsoft.com SE Linux Symposium Attack- based DTA 1 06 Outline Motivation Review of type enforcement transitions Attack

471 views • 18 slides
RFC 3706 A Traffic-Based Method of Detecting Dead Internet Key Exchange (IKE) Peers (Czerny

RFC 3706 A Traffic-Based Method of Detecting Dead Internet Key Exchange (IKE) Peers (Czerny

RFC 3706 A Traffic-Based Method of Detecting Dead Internet Key Exchange (IKE) Peers (Czerny Andeas) Summery 1. Introduction 2. Keepalives and Heartbeats 3. DPD Protocol 4. Resistance to Replay Attack and False Proof of Liveliness Situation

890 views • 20 slides
How to mask S-Boxes of a block cipher against side channel attacks. Focus on the AES. Micha el

How to mask S-Boxes of a block cipher against side channel attacks. Focus on the AES. Micha el

Introduction Masking based on Look-up tables How to mask (additively) basic operations? Method based on multiplicative masking Method based on Square and Multiply and addition chains Method based on the tower field representation

824 views • 54 slides
Thermodynamics of 2+1 flavor QCD with the SF t X method based on the gradient flow SF t X method :

Thermodynamics of 2+1 flavor QCD with the SF t X method based on the gradient flow SF t X method :

2020/5/20 @ R-CCS Thermodynamics of 2+1 flavor QCD with the SF t X method based on the gradient flow SF t X method : small flow-time expansion method WHOT-QCD Collaboration: K. Kanaya, Y. Taniguchi, A. Baba, A. Suzuki (Univ. Tsukuba) S.

926 views • 50 slides
Replica method: a statistical mechanics approach to probability-based information processing

Replica method: a statistical mechanics approach to probability-based information processing

bg=black!2 Introduction Limiting eigenvalue distribution of random matrices Digital communication Bibliography Replica method: a statistical mechanics approach to probability-based information processing Toshiyuki Tanaka tt@i.kyoto-u.ac.jp

1.14k views • 41 slides
Privileged Attack Vectors: Building Effective Defense Strategies Morey J. Haber Chief

Privileged Attack Vectors: Building Effective Defense Strategies Morey J. Haber Chief

Privileged Attack Vectors: Building Effective Defense Strategies Morey J. Haber Chief Technology Officer mhaber@beyondtrust.com Agenda The Threat Landscape Sample Cases What is Privileged Access Management? Twelve

751 views • 31 slides
Identifying Attack Vectors Professor Larry Heimann Web Application Security Information Systems

Identifying Attack Vectors Professor Larry Heimann Web Application Security Information Systems

Identifying Attack Vectors Professor Larry Heimann Web Application Security Information Systems Nothing is in isolation Attack surface An attack surface is the total number of possible attack vectors Think of a house, with the

309 views • 15 slides
Secure IoT use in Digital Health Professor Awais Rashid

Secure IoT use in Digital Health Professor Awais Rashid

Secure IoT use in Digital Health Professor Awais Rashid (Director, Security Lancaster Research Centre) Yes, you can! IoT use in Digital Health

666 views • 12 slides
CONFERENCE SYSTEM History: Brand established in 1989 Been on the Swedish market for over

CONFERENCE SYSTEM History: Brand established in 1989 Been on the Swedish market for over

CONFERENCE SYSTEM History: Brand established in 1989 Been on the Swedish market for over 20 years Been on the world market for over 10 years Wide range of customer types, from small private board rooms via local municipalities up

622 views • 27 slides
A SHUFFLE ARGUMENT SECURE IN THE GENERIC MODEL Prastudy Fauzi, Helger Lipmaa, Michal Zajac

A SHUFFLE ARGUMENT SECURE IN THE GENERIC MODEL Prastudy Fauzi, Helger Lipmaa, Michal Zajac

A SHUFFLE ARGUMENT SECURE IN THE GENERIC MODEL Prastudy Fauzi, Helger Lipmaa, Michal Zajac University of Tartu, Estonia ASIACRYPT 2016 OUR RESULTS A new efficient CRS-based NIZK shuffle argument OUR RESULTS A new efficient CRS-based

1.4k views • 113 slides
Teacher Evaluation Training for Teachers & Administrators Thank you to the PEA and PUSD

Teacher Evaluation Training for Teachers & Administrators Thank you to the PEA and PUSD

Article 10 Teacher Evaluation Training for Teachers & Administrators Thank you to the PEA and PUSD Bargaining Teams and the Evaluation Committee for years of collaborative work to develop a fair, equitable, and standards-based evaluation

634 views • 34 slides
Mariam Badr Bank Accounts Credit Cards Information Applications users Licenses and

Mariam Badr Bank Accounts Credit Cards Information Applications users Licenses and

Ahmed Khaled Hossam Alaa Mariam Badr Bank Accounts Credit Cards Information Applications users Licenses and certificates Identity thefts Systems hacking Illegal transactions Most web and network applications are

416 views • 27 slides
Quantum Key Distribution (QKD) Prashanta Kharel Applied Physics Seminar November 2012 Friday,

Quantum Key Distribution (QKD) Prashanta Kharel Applied Physics Seminar November 2012 Friday,

Quantum Key Distribution (QKD) Prashanta Kharel Applied Physics Seminar November 2012 Friday, December 7, 12 Friday, December 7, 12 Messag Classical Key Distribution RSA Encryption Message: SEAS 01000101 e d Relies on two

564 views • 10 slides
Phys ysica cal Sec ecurity ity Criter teria ia Bridgin ing g the Gap Between Theory an

Phys ysica cal Sec ecurity ity Criter teria ia Bridgin ing g the Gap Between Theory an

Phys ysica cal Sec ecurity ity Criter teria ia Bridgin ing g the Gap Between Theory an and Prac actica ical Appl plica ication tion Welc lcome ome to to Physical ical Security rity Cri rite teri ria Bri ridging dging th

1.14k views • 67 slides
STUDENT TEACHING AND THE TEACHER WORK SAMPLE: PERCEPTIONS OF BOTH STUDENT TEACHERS AND COOPERATING

STUDENT TEACHING AND THE TEACHER WORK SAMPLE: PERCEPTIONS OF BOTH STUDENT TEACHERS AND COOPERATING

STUDENT TEACHING AND THE TEACHER WORK SAMPLE: PERCEPTIONS OF BOTH STUDENT TEACHERS AND COOPERATING TEACHERS by Robert J. Redmon, Gayle Mullen, and John Schreiber Midwestern State University 3410 Taft Blvd Wichita Falls, TX 76308

583 views • 33 slides

More recommend