E-Book
9,99 €

How to Hack Like a GOD E-Book

Sparc Flow

0,0

9,99 €

oder

Leseprobe lesen

Sammeln Sie Punkte in unserem Gutscheinprogramm und kaufen Sie E-Books und Hörbücher mit bis zu 100% Rabatt.

Mehr erfahren.

Herausgeber: Sparc Flow
Kategorie: Wissenschaft und neue Technologien
Sprache: Englisch

Beschreibung

Follow me on a step-by-step hacking journey where we pwn a high-profile fashion company. From zero initial access to remotely recording board meetings, we will detail every custom script and technique used in this attack, drawn from real-life findings, to paint the most realistic picture possible. Whether you are a wannabe pentester dreaming about real-life hacking experiences or an experienced ethical hacker tired of countless Metasploit tutorials, you will find unique gems in this book for you to try: •Playing with Kerberos •Bypassing Citrix & Applocker •Mainframe hacking •Fileless WMI persistence •NoSQL injections •Wiegand protocol •Exfiltration techniques •Antivirus evasion tricks •And much more advanced hacking techniques I have documented almost every tool and custom script used in this book. I strongly encourage you to test them out yourself and master their capabilities (and limitations) in an environment you own and control. Hack (safely) the Planet! (Previously published as How to Hack a Fashion Brand)

Details

Das E-Book können Sie in Legimi-Apps oder einer beliebigen App lesen, die das folgende Format unterstützen:

EPUB

Veröffentlichungsjahr: 2017

Bewertungen

0,0

Rezensionen(0 Rezensionen)

Leseprobe

How to Hack

Like a GOD

Master the secrets of hacking through

real-life hacking scenarios

All rights reserved. No part of this publication may be reproduced, distributed, or transmitted in any form or by any means, including photocopying, recording, or other electronic or mechanical methods, without the prior written permission of the publisher, except in the case of brief quotations embodied in critical reviews and certain other noncommercial uses permitted by copyright law.

Foreword

Fashion brands tend to portray an elegant image of their products and designs. But what about the underlying machinery and computers that power their fancy fashion shows? How elegant is their IT infrastructure, and to what extent can a hacker wreak havoc?

Follow me on a step-by-step journey where we pwn a high luxury (albeit fictitious) brand. From zero initial access to remotely recording board meetings, we will detail every custom script and technique used in this attack, drawn from real-life findings, to paint the most realistic picture possible.

Whether you are a wannabe pentester dreaming about real-life hacking experiences or an experienced ethical hacker tired of countless Metasploit tutorials, you will find unique gems in this book for you to try.

I have documented almost every tool and custom script used in this book. I strongly encourage you to test them out yourself and master their capabilities (and limitations) in an environment you own and control. Given the nature of this book, it is ludicrous to expect it to cover each and every hacking technique imaginable, though I will try my best to give as many examples as I can while staying true to the stated purpose of the book.

I will fly over some concepts and systems like Kerberos, Citrix, and Mainframes by briefly explaining how they work and what they mean in the context of the hacking scenario. If you feel like you want to go deeper, I strongly advise you to follow the links I offer for each item and explore the dark, fun concepts behind each technique and tool.

Note: Custom scripts and special commands documented in this book are publicly available at www.hacklikeapornstar.com.

By the same author:

How to Hack Like a Pornstar

How to Investigate Like a Rockstar

Ultimate Hacking Challenge

Important disclaimer

The examples in this book are entirely fictional. The tools and techniques presented are open-source, and thus available to everyone. Pentesters use them regularly in assignments, but so do attackers. If you recently suffered a breach and found a technique or tool illustrated in this book, this neither incriminates the author of this book in any way nor implies any connection between the author and the perpetrators.

Any actions and/or activities related to the material contained within this book is solely your responsibility. Misuse of the information in this book can result in criminal charges being brought against the persons in question. The author will not be held responsible in the event any criminal charges are brought against any individuals using the information in this book to break the law.

This book does not promote hacking, software cracking, and/or piracy. All the information provided in this book is for educational purposes only. It will help companies secure their networks against the attacks presented, and it will help investigators assess the evidence collected during an incident.

Performing any hack attempts or tests without written permission from the owner of the computer system is illegal.

Prep and pep talk

“Luck is where opportunity meets preparation.”

Seneca

1.1. $30,000 for that coat, you said?

Do you ever wonder while taking a stroll down Fifth Avenue in NYC – or any other fancy street – what lies behind the bright, shiny facades of big luxury shops? What feat of technology processes hundreds of sales daily? What information system run TV screens broadcasting fashion shows 24/7?

As you are gifted with a curious mind, I am sure you are no stranger to these kinds of thoughts. Yet I would like to share with you a thought that will pique your curiosity: if banks, one of the most paranoid private corporations, struggle1 to secure their systems, how are these luxury-shoe-making shops keeping their systems secure?

In order to answer this question and to make this journey as realistic and enjoyable as possible, we will consider an imaginary luxury brand called GibsonBird. They have locations all over the world and are established in malls and on famous avenues alike. They pride themselves in being a high-tech, modern fashion brand.

Let’s talk pwning strategy!

1.2. Holy Grail

Our goal as attackers is not to hack everything that has an IP address. Why go through 50,000 useless servers when only a few hold the data we are after?

We will tailor our efforts to the complexity and size of GibsonBird – except for the occasional temptation here and there, of course. Who could resist a Windows 2003 SP2 server with an open SMB port2?!

Ideally, we would like to:

Steal financial records of every shop in the country: credit card data, number of sales, etc.

Download personal data of every designer, manager, and executive board member

Record board meetings discussing secret strategic plans

That’s pretty ambitious and should keep us busy for a few more pages. So where do we start? How do we get from a random point on the internet map to a board meeting on the 90th floor of a skyscraper in NYC?

In the scenario featured in How to Hack Like a Pornstar, we used two very common ways to penetrate a bank’s network:

Hacking public websites hosted on the bank’s infrastructure

Phishing employees and tricking them into executing malicious code that gave us remote access

That is all good fun, but this time we would like to follow more esoteric paths. We will show how an attacker with physical access can do damage that quickly escalates to what the media would – incorrectly – call an Advanced Persistent Threat (APT).

The broad idea is to plant a small piece of hardware in one of GibsonBird’s many stores. This hardware acts as a small computer that give us access to that shop’s local network, which we will then leverage to escalate to corporate, and pwn every other shop in the country.

You would think that we need special hardware and engineering skills to achieve this Hollywood-esque move. We don’t. We will cover step-by-step how to build an effective little backdoor for around $30.

Although most leisure time hackers would not choose to go down the road of planting hardware, this is the go-to path for intelligence and federal agencies in multiple countries.

It does make sense. Why struggle to find (often unstable) zero-day vulnerabilities3 when you can intercept a shipment of newly ordered equipment, install a microchip, and access any traffic that flows through the equipment? Take the NSA, for instance; according to Snowden’s files4, that’s one of their favorite strategies.

Figure 1 : Picture showing the NSA carefully opening an intercepted computer (router) package

1.3. Treasure map

Before diving into the core subject, hacking GibsonBird, it is essential to agree on some fundamental hypothesis to fully grasp the purpose of each step we are about to take. We must take the time to ponder GibsonBird’s environmental constraints that will probably lead them to make predictable network choices. This preparation phase is very important as it can greatly help us develop and orient an optimal plan of attack, especially once inside the network.

GibsonBird has over 100 stores. Each store must have a local network connecting all its devices. Just like your home network, machines in a store have private IP addresses protecting them from unsolicited incoming Internet traffic. So we expect a network segment in the 192.168.1.0/24 range (or sometimes 172.16.0.0/16).

When we visit a local store, we see sale people using iPads, ostensibly to optimize workflow and quickly sign in new clients. So let’s add a Wi-Fi connection to the hypothetical network layout:

Sales and reports must go to corporate either in real-time or at the end of each business day, so there should be some sort of tunnel linking all shops to the main network at headquarters. There may be some restrictions, of course, on which computer or salesperson can connect to corporate, but we will get to that later.

We can imagine each country following this same network topology, where corporate is the legal entity representing the brand in any one country. Some services at the corporate level may even be shared between countries to optimize costs, but shops are more likely kept separate for practical and legal reasons. In any case, we will get a clearer view once inside.

We need to keep this figure in mind when navigating through the maze that a foreign network can be. We will update this layout along the way, but the main point is that while shops and stores might hold some temporary sales data, it is the HQ’s information system that we are after.

That is our Holy Grail!

Gearing up

“Man must shape his tools lest they shape him.”

Arthur Miller

As mentioned before, the idea is to plant a small hardware backdoor in one of GibsonBird’s many shops. This implant will connect back to our computer, giving us remote access to their local network. I say “our computer” but it’s more an anonymous server hosted somewhere on the internet. In my previous book – How to Hack Like a Pornstar – I detailed some common setups to use in hacking jobs. For the sake of completeness, though, I will briefly recap some basic precautions.

Lesen Sie weiter in der vollständigen Ausgabe!

Tausende von E-Books und Hörbücher

Ihre Zahl wächst ständig und Sie haben eine Fixpreisgarantie.

Sie haben über uns geschrieben: