Monthly Archives: June 2021

Ethical Hacking Week 13: Cross Site Scripting

Posted on by
Reply
What is the Role of an Ethical Hacker?

Cross-Site Scripting (XSS) attacks are a type of injection, in which malicious scripts are injected into trusted and credible websites. XSS attacks occur when an attacker uses a web application to send malicious code, generally in the form of a browser side script, to a different end user. Flaws that enable XSS to succeed are quite widespread and occur anywhere a web application uses input from a user like a form within the output it generates without validating or encoding it.

An attacker can use XSS to send a malicious script to an unsuspecting user. The end user’s browser has no way to know that the script should not be trusted, and will execute the script unknowingly because it thinks the script came from a trusted source, the malicious script can access any cookies, session tokens, or other sensitive information retained by the browser and used with that site. These scripts can even rewrite the content of the HTML page.

The malicious content sent to the web browser often takes the form of a segment of JavaScript, but may also include HTML, Flash, or any other type of code that the browser may execute. The variety of attacks based on XSS is almost limitless, but they commonly include transmitting private data, like cookies or other session information, to the attacker, redirecting the victim to web content controlled by the attacker, or performing other malicious operations on the user’s machine under the guise of the vulnerable site.

How to Determine If You Are Vulnerable

XSS flaws can be difficult to identify and remove from a web application. The best way to find flaws is to perform a security review of the code and search for all places where input from an HTTP request could possibly make its way into the HTML output. Note that a variety of different HTML tags can be used to transmit a malicious JavaScript. Nessus, Nikto, and some other available tools can help scan a website for these flaws, but can only scratch the surface. If one part of a website is vulnerable, there is a high likelihood that there are other problems as well.

Types of XSS Attacks

  • Stored XSS Attacks
  • Blind Cross-Site Scripting
  • Reflected XSS Attacks

Ethical Hacking Week 12: Denial Of Service

Posted on by
Reply
Three Ethical Hacking Myths - IEEE Innovation at Work

A DoS attack is an attempt by a hacker to flood a user’s or organization’s system. There are two main categories of DoS attacks which involve an attack sent to a single system to a single target. The other one is where many systems send attacks to a single target. The goal of DoS isn’t to gain unauthorized access to machines or data but to prevent legitimate users from using the servers. A DoS attack may do the following
– Flood a network with traffic, thereby preventing legitimate network traffic
– Disrupt connections between two machines, thereby preventing access to a service.
– Prevent a particular individual from accessing a service
– Disrupt service to a specific system or person

A DoS attack is usually a last resort attack because it is considered unsophisticated. This type of attack doesn’t give the hacker any information or benefits but instead annoys the target and interrupts their service. DDoS attacks are an advanced version of a DoS attacked in a much larger scale. DDoS attacks are coordinated and strategized to flood the victim target’s system.

DDoS Attacks are compromised of three parts because they are more complex. The first part is Master/Handler. Secondly is the Slave/Victim/Zombie. Lastly is the Victim/Primary Victim. The master is the attack launcher and is the mastermind behind the attack. A slave is a host that is compromised by and controlled by the monster to attack the victim’s system as well. The master computer which is behind the attack directs the compromised systems to attack the primary victims system. As you can tell this widescale attack takes a lot of coordination and is done in multiple phases.

The intrusion phase is when the hacker compromises weak systems in different networks around the world and installs DDoS tools on those compromised slave systems. In the DDoS attack phase, the slave systems are triggered to cause them to attack the primary victim.

Ethical Hacking Week 11: Metasploit

Posted on by
Reply
Why is ethical hacking important? — Bellport Branding

Metasploit Framework is a Ruby based penetration testing platform that enables you to write, test, and execute exploit code. The Metasploit framework contains a whole toolkit that you can use to test vulnerabilities, enumerate networks, execute attacks, and evade detection.

One interface Metasploit Framework provides is the MSFconsole which is the most commonly used interface to work with the framework. The console lets you run commands and scan targets. Also exploit vulnerabilities with exploit modules and payloads.

Modules are the core components of the Metasploit Framework. A module is a piece of software that can perform a specific action, such as scanning or exploiting. Each task that you can perform with the Metasploit Framework is defined within a module.

There are specific types of modules in the framework which are used for many different purposes.

    • Exploit– executes a sequence of commands to target a specific vulnerability found in a system or application. Exploit modules include buffer overflow, code injection, and web application exploits.
      Auxilary– an Auxilary module does not execute a payload. It can be used to perform arbitrary actions. Examples include scanners fuzzers, and denial of service attacks.
      Post-Exploitation– A post-exploitation module enables you to gather more information or to gain further access to an exploited target system. Examples of post-exploitation modules include hash dumps and application and service enumerators.
      Payload– A payload is the shell code that runs after an exploit successfully compromises a system. The payload enables you to define how you want to connect to the shell and what you want to do to the target system after you take control of it. A payload can open a Meterpreter or command shell. Meterpreter is an advanced payload that allows you to write DLL files to dynamically create new features as you need them.
      NOP– A NOP generator produces a series of random bytes that you can use to bypass standard IDS and IPS NOP sled signatures. Use NOP generators to pad buffers.

    • Ethical Hacking Week 10: Exploits

    Posted on by
    Reply
    Are you aware of ethical hacking? | Curvearro

    Exploits are a way of gaining access to a system through a security flaw and taking advantage of the vulnerability. Exploits normally came by the way of a programmed software, piece of code, or a script. They are delivered as a part of a kit which is a collection of exploits.

    These exploits can vary in their methodology for instance some exploits allow you to get access to the network and get admin privileges. Other exploits allows you to trap websites with malware and malicious ads to get sensitive information from the website’s traffic. As you can imagine there are hundreds of exploits for many targets of attack. Luckily there is a program meant to identify the vulnerabilities that are well documented and disclosed. All of these vulnerabilities get a unique CVE code to identify the vulnerability usually involving the year it was discovered.

    Blackhole 2.0 is one of the most popular toolkits for exploiting vulnerabilities and security holes in many software’s. Kits like this makes it easy for anyone to generate and distribute malware that has a high degree of success. Other methods include tools such as Nmap or Google Dorking to find security holes.

    Microsoft is the most common target thanks to how widespread the use of it’s software is. The top exploited vulnerability on the list is CVE-2018-8174. Nicknamed Double Kill, it’s a remote code execution flaw residing in Windows VBScript which can be exploited through Internet Explorer.