book

Advanced Persistent Threat Hacking

by Tyler Wrightson

December 2014

Intermediate to advanced

464 pages

12h 47m

English

McGraw-Hill

Read now

Unlock full access

Defining the ThreatThreatsAttacker MotivesThreat CapabilitiesThreat ClassThreat HistoryAPT Hacker: The New BlackTargeted OrganizationsConstructs of Our DemiseThe Impact of Our YouthThe Economics of (In)securityPsychology of (In)securityThe Big PictureThe Vulnerability of ComplexityAll Together NowThe Future of Our WorldDon’t Forget
The Problem with Our Data SetThreat ExamplesTechno-Criminals Skimmer EvolutionTechno-Criminals: Hacking Power SystemsUnsophisticated Threat: Hollywood HackerUnsophisticated Threat: Neighbor from HellSmart Persistent Threats: Kevin MitnickAPT: Nation-StatesStuxnet and Operation Olympic GamesDuqu: The APT Reconnaissance WormFlame: APT Cyber-espionage WormAPT: RSA CompromiseAPT Nation-State: Iran Spying on CitizensCell Phone Spying: Carrier IQDon’t Forget

AHM: Strong Enough for Penetration Testers, Made for a HackerAHM Components (Requirements, Skills, Soft Skills)Elegant, Big-Picture ThinkersAdvanced: Echelons of SkillPreparationPatienceSocial OmniscienceAlways Target the Weakest LinkEfficacious, Not EliteExploitless ExploitsThe Value of InformationAPT Hacker’s Thought ProcessThink Outside the BoxA Side NoteA Vaudeville StoryLook for MisdirectionThink Through the PainAvoid Tunnel VisionNo RulesKeep It Simple, Stupid (KISS)QuoteAPT Hacking Core StepsReconnaissanceEnumerationExploitationMaintaining AccessClean UpProgressionExfiltrationAPT Hacker Attack PhasesAPT Hacker Foundational ToolsAnonymous PurchasingAnonymous Internet ActivityAnonymous Phone CallsAPT Hacker TermsDon’t Forget
Reconnaissance DataData Categories (Technical and Nontechnical)Data Sources (Cyber and Physical)Data Methods (Active and Passive)Technical DataRegistrant InformationDNS Information and RecordsDNS ZonesBorder Gateway Protocol: An OverviewSystem and Service IdentificationWeb Service EnumerationLarge Data SetsGeolocation InformationData from the Phone SystemDon’t Forget
Search Engine Terms and TipsSearch Engine CommandsSearch Engine ScriptingSearch Engine AlertsHUMINT: PersonnelPersonnel Directory HarvestingDirectory Harvesting: HTTP Requests Directory Harvesting: Stateful HTTP Analyzing ResultsDirectory Harvesting HTML TablesPersonnel Directory: Analyzing the Final ResultsE-mail HarvestingTechnical E-mail HarvestingNontechnical E-mail HarvestingGeographical DataReconnaissance on IndividualsNontraditional Information RepositoriesAutomated Individual ReconnaissanceOur Current ViewDon’t Forget
Social EngineeringSocial Engineering StrategiesAssumptionsDo What Works for YouPreparationLegitimacy TriggersKeep It Simple, StupidDon’t Get CaughtDon’t LieBe CongruentSocial Engineering TacticsLike Likes LikePersonality TypesEventsTell Me What I KnowInsider InformationName DroppingThe Right TacticWhy Don’t You Make Me?Spear-Phishing MethodsSpear-Phishing GoalsTechnical Spear-Phishing Exploitation TacticsBuilding the StoryPhishing Website TacticsPhishing Website: Back-End FunctionalityClient-Side ExploitsCustom Trojan BackdoorDon’t Forget
Remote Presence ReconnaissanceSocial Spear PhishingWireless PhasesAPT Wireless ToolsWireless ReconnaissanceActive Wireless AttacksClient Hacking: APT Access PointGetting Clients to ConnectAttacking WPA-Enterprise ClientsAccess Point Component AttacksAccess Point Core Attack ConfigAccess Point Logging ConfigurationAccess Point Protocol ManipulationAccess Point Fake ServersDon’t Forget
Phase IV Spear Phishing with Hardware TrojansHardware Delivery MethodsHardware Trojans: The APT GiftAPT Wakizashi PhoneTrojaned Hardware DevicesHardware Device Trojans with TeensyDon’t Forget
Phase V Physical InfiltrationAPT Team Super FriendsIt’s Official – Size MattersFacility Reconnaissance TacticsExample Target Facility TypesHeadquartersChoosing Facility Asset TargetsPhysical Security Control PrimerPhysical Infiltration FactorsPhysical Security Concentric CirclesPhysical Social EngineeringPhysical Social Engineering FoundationsPhysical CongruenceBody LanguageDefeating Physical Security ControlsPreventative Physical ControlsDetective Physical ControlsHacking Home SecurityHacking Hotel SecurityHacking Car SecurityIntermediate Asset and Lily Pad DecisionsPlant DeviceSteal AssetTake and Return AssetBackdoor AssetDon’t Forget
Software Backdoor GoalsAPT Backdoor: Target DataAPT Backdoors: Necessary FunctionsRootkit FunctionalityKnow Thy EnemyThy Enemies’ ActionsResponding to Thy EnemyNetwork Stealth ConfigurationsDeployment ScenariosAmerican Backdoor: An APT Hacker’s NovelBackdoor DroppersBackdoor ExtensibilityBackdoor Command and ControlBackdoor InstallerBackdoor: Interactive ControlData CollectionBackdoor WatchdogBackdooring Legitimate SoftwareDon’t Forget

Content preview from Advanced Persistent Threat Hacking

CHAPTER

8 Spear Phishing with Hardware Trojans

In this phase, we’ll deploy hardware-based Trojan devices to specific individuals or groups in our target organization. These hardware Trojans can come in many shapes, sizes, and functions, and you’ll learn how to select the best hardware with the proper functionality you need to satisfy different scenarios.

As mentioned previously, the hardware Trojans are really just another manifestation of a spear-phishing attack. However, unlike the universal serial bus (USB) sticks that are able to delete all evidence of our malicious activity, these hardware devices don’t have the capability of removing themselves. This is the main reason why we don’t perform this attack until we have exhausted the other ...