Chained Exploits: Advanced Hacking Attacks from Start to Finish

Chained Exploits: Advanced Hacking Attacks from Start to Finish

by Andrew Whitaker, Keatron Evans, Jack Voth
     
 

View All Available Formats & Editions

ISBN-10: 032149881X

ISBN-13: 9780321498816

Pub. Date: 03/13/2009

Publisher: Addison-Wesley

The complete guide to today’s hard-to-defend chained attacks: performing them and preventing them

Nowadays, it’s rare for malicious hackers to rely on just one exploit or tool; instead, they use “chained” exploits that integrate multiple forms of attack to achieve their goals. Chained exploits are far more complex and far more

Overview

The complete guide to today’s hard-to-defend chained attacks: performing them and preventing them

Nowadays, it’s rare for malicious hackers to rely on just one exploit or tool; instead, they use “chained” exploits that integrate multiple forms of attack to achieve their goals. Chained exploits are far more complex and far more difficult to defend. Few security or hacking books cover them well and most don’t cover them at all. Now there’s a book that brings together start-to-finish information about today’s most widespread chained exploits–both how to perform them and how to prevent them.

Chained Exploits demonstrates this advanced hacking attack technique through detailed examples that reflect real-world attack strategies, use today’s most common attack tools, and focus on actual high-value targets, including credit card and healthcare data. Relentlessly thorough and realistic, this book covers the full spectrum of attack avenues, from wireless networks to physical access and social engineering.

Writing for security, network, and other IT professionals, the authors take you through each attack, one step at a time, and then introduce today’s most effective countermeasures— both technical and human. Coverage includes:

  • Constructing convincing new phishing attacks
  • Discovering which sites other Web users are visiting
  • Wreaking havoc on IT security via wireless networks
  • Disrupting competitors’ Web sites
  • Performing–and preventing–corporate espionage
  • Destroying secure files
  • Gaining access to private healthcare records
  • Attacking the viewers of social networking pages
  • Creating entirely new exploits
  • and more

Andrew Whitaker, Director of Enterprise InfoSec and Networking for Training Camp, has been featured in The Wall Street Journal and BusinessWeek. He coauthored Penetration Testing and Network Defense. Andrew was a winner of EC Council’s Instructor of Excellence Award.

Keatron Evans is President and Chief Security Consultant of Blink Digital Security, LLC, a trainer for Training Camp, and winner of EC Council’s Instructor of Excellence Award.

Jack B. Voth specializes in penetration testing, vulnerability assessment, and perimeter security. He co-owns The Client Server, Inc., and teaches for Training Camp throughout the United States and abroad.

informit.com/aw

Cover photograph © Corbis /

Jupiter Images

$49.99 US

$59.99 CANADA

Product Details

ISBN-13:
9780321498816
Publisher:
Addison-Wesley
Publication date:
03/13/2009
Pages:
279
Product dimensions:
6.90(w) x 9.20(h) x 0.90(d)

Table of Contents

Introduction xvii

Chapter 1 Get Your Free Credit Cards Here 1

Setting the Stage 1

The Approach 1

The Chained Exploit 2

Enumerating the PDXO Web Site 3

Enumerating the Credit Card Database 5

Stealing Credit Card Information from the Web Site 11

Selling the Credit Card Information on the Underground Market 13

Defacing the PDXO Web Site 15

Chained Exploit Summary 16

Countermeasures 17

Change the Default HTTP Response Header 17

Do Not Have Public Access to Developer Sites 17

Do Not Install SQL Server on the Same Machine as IIS 17

Sanitize Input on Web Forms 18

Do Not Install IIS in the Default Location 18

Make Your Web Site Read-Only 18

Remove Unnecessary Stored Procedures from Your SQL Database 18

Do Not Use the Default Username and Password for Your Database 18

Countermeasures for Customers 19

Conclusion 20

Chapter 2 Discover What Your Boss Is Looking At 21

Setting the Stage 21

The Approach 22

For More Information 25

The Chained Exploit 28

Phishing Scam 29

Installing Executables 32

Setting Up the Phishing Site 38

Sending Mr. Minutia an E-mail 38

Finding the Boss’s Computer 42

Connecting to the Boss’s Computer 43

WinPcap 45

Analyzing the Packet Capture 46

Reassembling the Graphics 48

Other Possibilities 51

Chained Exploit Summary 52

Countermeasures 52

Countermeasures for Phishing Scams 53

Countermeasures for Trojan Horse Applications 53

Countermeasures for Packet-Capturing Software 54

Conclusion 54

Chapter 3 Take Down Your Competitor’s Web Site 55

Setting the Stage 55

The Approach 57

For More Information 59

The Chained Exploit 59

Attack #1: The Test 60

Attack #2: The One That Worked 66

Getting Access to the Pawn Web site 68

Lab-Testing the Hack 70

Modifying the Pawn Web Site 80

Other Possibilities 83

Chained Exploit Summary 84

Countermeasures 85

Countermeasures for Hackers Passively Finding Information about Your Company 85

Countermeasures for DDoS Attacks via ICMP 85

Countermeasures for DDoS Attacks via HTTP and Other Protocols 86

Countermeasures for Unauthorized Web Site Modification 86

Countermeasures for Compromise of Internal Employees 87

Conclusion 88

Chapter 4 Corporate Espionage 89

Setting the Stage 89

The Approach 91

The Chained Exploit 92

Reconnaissance 92

Getting Physical Access 96

Executing the Hacks 101

Bringing Down the Hospital 107

Other Possibilities 119

Chained Exploit Summary 120

Countermeasures 121

Countermeasures for Physical Security Breaches and Access Systems
Compromise 121

Countermeasures for Scanning Attacks 121

Countermeasures for Social Engineering 122

Countermeasures for Operating System Attacks 122

Countermeasures for Data Theft 123

Conclusion 124

Chapter 5 Chained Corporations 125

Setting the Stage 125

The Approach 126

The Chained Exploit 127

Reconnaissance 127

Social Engineering Attack 135

More and Yet More Recon 137

Aggressive Active Recon 140

Building the Exploit Infrastructure 149

Testing the Exploit 156

Executing the Hack 166

Constructing the Rootkit 167

Game Over–The End Result 172

Other Possibilities 173

Chained Exploit Summary 173

Countermeasures 174

Countermeasures for Hackers Passively Finding Information about Your Company 174

Countermeasures for Social Engineering Attack on Visual IQ 175

Countermeasures for Recon on the Visual IQ Software 175

Countermeasures for Wi-Fi Attack on Quizzi Home Network 175

Countermeasures for the Keylogger Attack 176

Conclusion 176

Chapter 6 Gain Physical Access to Healthcare Records 177

Setting the Stage 177

The Approach 179

For More Information 179

The Chained Exploit 181

Social Engineering and Piggybacking 181

Gaining Physical Access 195

Booting into Windows with Knoppix 201

Modifying Personally Identifiable Information or Protected Medical
Information 204

Chained Exploit Summary 205

Countermeasures 205

Social Engineering and Piggybacking 206

Lock Picking 208

Defeating Biometrics 208

Compromising a PC 208

Conclusion 209

Chapter 7 Attacking Social Networking Sites 211

Setting the Stage 211

The Approach 212

The Chained Exploit 213

Creating a Fake MySpace Web Site 213

Creating the Redirection Web Site 217

Creating a MySpace Page 218

Sending a Comment 221

Compromising the Account 224

Logging In to the Hacked Account 224

The Results 227

Chained Exploit Summary 228

Countermeasures 228

Avoid Using Social Networking Sites 229

Use a Private Profile 229

Be Careful about Clicking on Links 229

Require Last Name / E-mail Address to Be a Friend 230

Do Not Post Too Much Information 230

Be Careful When Entering Your Username/Password 230

Use a Strong Password 230

Change Your Password Frequently 231

Use Anti-Phishing Tools 231

Conclusion 231

Chapter 8 Wreaking Havoc from the Parking Lot 233

Setting the Stage 233

The Approach 236

For More Information 237

Accessing Networks Through Access Points 238

The Chained Exploit 239

Connecting to an Access Point 239

Performing the Microsoft Kerberos Preauthentication Attack 248

Cracking Passwords with RainbowCrack 254

Pilfering the Country Club Data 256

Chained Exploit Summary 257

Countermeasures 258

Secure Access Points 258

Configure Active Directory Properly 259

Use an Intrusion Prevention System or Intrusion Detection System 260

Update Anti-Virus Software Regularly 261

Computer Network Security Checklist 261

Conclusion 266

TOC, 2/9/09, 9780321498816

Customer Reviews

Average Review:

Write a Review

and post it to your social network

     

Most Helpful Customer Reviews

See all customer reviews >