book

Hacking: The Next Generation

by Nitesh Dhanjani, Billy Rios, Brett Hardin

August 2009

Beginner

298 pages

9h 5m

English

O'Reilly Media, Inc.

Read now

Unlock full access

Hacking: The Next Generation
SPECIAL OFFER: Upgrade this ebook with O’Reilly
Preface
Audience
Assumptions This Book Makes
Contents of This Book
Conventions Used in This Book
Using Code Examples
We’d Like to Hear from You
Safari® Books Online
Acknowledgments

1. Intelligence Gathering: Peering Through the Windows to Your Organization
Physical Security EngineeringDumpster DivingHanging Out at the Corporate Campus
Google Earth
Social Engineering Call Centers
Search Engine Hacking
Google HackingAutomating Google HackingExtracting Metadata from Online DocumentsSearching for Source Code
Leveraging Social Networks
Facebook and MySpaceAbusing FacebookTwitter
Tracking Employees
Email Harvesting with theHarvesterResumésJob PostingsGoogle Calendar
What Information Is Important?
Summary
2. Inside-Out Attacks: The Attacker Is the Insider
Man on the Inside
Cross-Site Scripting (XSS)
Stealing SessionsInjecting ContentStealing Usernames and PasswordsAdvanced and Automated Attacks
Cross-Site Request Forgery (CSRF)
Inside-Out Attacks
Content Ownership
Abusing Flash’s crossdomain.xmlAbusing JavaAttacking Code.google.com
Advanced Content Ownership Using GIFARs
Stealing Documents from Online Document Stores
Stealing Files from the Filesystem
Safari File StealingThe feed:// protocol handlerUsing Java to steal files
Summary
3. The Way It Works: There Is No Patch
Exploiting Telnet and FTPSniffing CredentialsBrute-Forcing Your Way InHijacking Sessions
Abusing SMTP
Snooping EmailsSpoofing Emails to Perform Social Engineering
Abusing ARP
Poisoning the NetworkCain & AbelSniffing SSH on a Switched NetworkLeveraging DNS for Remote ReconnaissanceDNS Cache SnoopingThe snooping attack in a nutshellA tool to snoop DNS cachesSample output of cache_snoop.pl
Summary
4. Blended Threats: When Applications Exploit Each Other
Application Protocol HandlersFinding Protocol Handlers on WindowsFinding Protocol Handlers on Mac OS XFinding Protocol Handlers on Linux
Blended Attacks
The Classic Blended Attack: Safari’s Carpet BombThe FireFoxUrl Application Protocol HandlerMailto:// and the Vulnerability in the ShellExecute Windows APIThe iPhoto Format String ExploitBlended Worms: Conficker/Downadup
Finding Blended Threats
Summary
5. Cloud Insecurity: Sharing the Cloud with Your Enemy
What Changes in the CloudAmazon’s Elastic Compute CloudGoogle’s App EngineOther Cloud Offerings
Attacks Against the Cloud
Poisoned Virtual MachinesAttacks Against Management ConsolesSecure by DefaultAbusing Cloud Billing Models and Cloud PhishingGoogling for Gold in the Cloud
Summary
6. Abusing Mobile Devices: Targeting Your Mobile Workforce
Targeting Your Mobile WorkforceYour Employees Are on My NetworkGetting on the NetworkDirect Attacks Against Your Employees and AssociatesPutting It Together: Attacks Against a Hotspot UserTapping into VoicemailExploiting Physical Access to Mobile Devices
Summary
7. Infiltrating the Phishing Underground: Learning from Online Criminals?
The Fresh Phish Is in the Tank
Examining the Phishers
No Time to PatchThank You for Signing My GuestbookSay Hello to Pedro!Isn’t It Ironic?
The Loot
Uncovering the Phishing KitsPhisher-on-Phisher Crime
Infiltrating the Underground
Google ReZulTFullz for Sale!Meet Cha0
Summary
8. Influencing Your Victims: Do What We Tell You, Please
The Calendar Is a Gold MineInformation in CalendarsWho Just Joined?Calendar Personalities
Social Identities
Abusing Social ProfilesStealing Social IdentitiesBreaking Authentication
Hacking the Psyche
Summary
9. Hacking Executives: Can Your CEO Spot a Targeted Attack?
Fully Targeted Attacks Versus Opportunistic Attacks
Motives
Financial GainConverting information to currencyVengeanceBenefit and Risk
Information Gathering
Identifying ExecutivesThe Trusted CircleIdentifying the trusted circle: Network analysisFriends, family, and colleaguesTwitterTweetStatsClicking links on TwitterOther Social Applications
Attack Scenarios
Email AttackIdentifying the executive to attackFinding a potential lureIdentifying the email address of the lureConstructing the emailTargeting the AssistantTrusted circle attack on the assistantLeveraging the assistant’s trustMemory Sticks
Summary
10. Case Studies: Different Perspectives
The Disgruntled EmployeeThe Performance ReviewSpoofing into Conference CallsThe Win
The Silver Bullet
The Free LunchThe SSH ServerTurning the Network Inside OutA Fool with a Tool Is Still a Fool
Summary
A. Chapter 2 Source Code Samples
Datamine.js
Pingback.js
External-datamine.js
XHRIEsniperscope()
Codecrossdomain.java
HiddenClass.java
B. Cache_Snoop.pl
Index
About the Authors
Colophon
SPECIAL OFFER: Upgrade this ebook with O’Reilly

Content preview from Hacking: The Next Generation

Examining the Phishers

Phishers use many different permutations of techniques to launch phishing scams. The aim of this section is not to attempt to enumerate all of the techniques. Instead, the goal is to help you understand the thought process, capability, and psychology of the average phisher. In the following paragraphs, we will take a look at four unique case studies based on the examination of phishing sites to understand how they have been set up and how they work.

No Time to Patch

In this case study, we will look at an average phishing site to uncover how a phisher may have compromised the server hosting the site.

Figure 7-2 illustrates a phishing site targeting an online shopping portal. It is interesting to note that the phishing site boldly and blatantly asks the victim for personal details, such as date of birth and mother’s maiden name, right on the login page. The institution’s real and legitimate website requests only a username and password from users.

Figure 7-2. Phishing site targeting a well-known institution

Note

The fact that the phishing website asks for unnecessary private information at the login page should send red flags to users, yet thousands of victims do not have the awareness to identify the situation, and even users who are technically savvy are often distracted by the site’s legitimate-looking logos and visual layout. Phishers are aware of this situation ...

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.

Read now

Unlock full access

More than 5,000 organizations count on O’Reilly

O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.

Julian F.

Head of Cybersecurity

I wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.

Addison B.

Field Engineer

I’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.

Amir M.

Data Platform Tech Lead

I'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.

Mark W.

Embedded Software Engineer

Publisher Resources

ISBN: 9780596806309Errata Page

Cloud Computing

Data Engineering

Data Science

AI & ML

Programming Languages

Software Architecture

IT/Ops

Security

Design