|
 It's a fact, Jack. Nearly 100% of social engineering engagements will involve the use of language.
Yes, that was trite and obvious. But it's also true. Which means that if you want to engage an organization or individual as a target for a social engineering attack, your ability to use language will be a significant factor in the success or failure of your attack. Even more precisely, you have to know the different ways that language can be used, and the differences in the language patterns and formats for each of those uses. Only then will you be empowered to structure your language in such a way as to have maximum impact.
Before talking about how to use language, you have to be aware of language. While most of us are not aware of it, language has two (and only two) distinct actions: the movement of information and the act of influence on another person.
|
|
Read more...
|
|
|
Jack Koziol of Shellcoder's Handbook fame spoke at ChicagoCon last year on heap overflow exploitation, so we thought we'd share the entire audio recording and slide deck with you as an example of the type of talks you'll see at the next ChicagoCon in May 2009.
As defined by Wikipedia, "A heap overflow is a type of buffer overflow that occurs in the heap data area. Like all buffer overflows, a heap overflow may be introduced accidentally by an application programmer, or it may result from a deliberate exploit. In either case, the overflow occurs when an application copies more data into a buffer than the buffer was designed to contain. A routine is vulnerable to exploitation if it copies data to a buffer without first verifying that the source will fit into the destination. A deliberate exploit may result in data at a specific location being altered in an arbitrary way, or in arbitrary code being executed."
So what does all that mean and how do you do it? Find out in Jack's talk on "the most common type of heap overflow exploits for Linux and Windows. He will briefly explain how dynamically allocated memory works, its interaction with the heap memory structure, and how a normal heap operates. Jack will then demonstrate how heap overflows occur, and how they can be exploited on Linux, Windows 2000 and Windows XP SP2 with Data Execution Prevention (DEP) enabled. Unfortunately, the Vista portion of the talk had to be withdrawn. Expect to laugh, cry, and be entertained!"
|
|
Read more...
|
|
|
Review by JP Bourget, CISSP, MCSE, MS
|
Once again, my company had acquired some new networks for us to take over, and of course, the documentation was from 3 years ago. As part of our due diligence, I had to quickly and accurately figure out everything on the network. How did I accomplish this? With a network mapping utility; and the de facto standard in this area is Nmap! Nmap by Gordon Lyon AKA Fyodor not only saves you time, but, if you really know how to unleash it’s power, it can be your friend for network audit’s, discovering new devices, and even part of the network reconnaissance phase of a Pen Test. Another cool use I just learned from the Fyodor /. Interview was that the Chinese use it to scan for open proxies to bypass the Great Firewall of China. With that kind of flexibility, it is clearly the right tool for this job and many others. But what’s the quickest way to get that power working in my favor?
Info on getting half the book for free is available below.
|
|
The obvious choice would be an in-depth tome from the author himself, but, after over 10 years in use around the globe, such a book didn’t exist. But after seeing Fyodor’s talk at Defcon 16 in August of 2008 and seeing an actual pre-release copy of his forthcoming book, I couldn’t wait to get my hands on it. Fast forward to January of 2009 when Fyodor sent me a review copy of what is one of the most well written reference books I have had the chance to use to date. Before you even get to chapter one, you get a comprehensive table of contents followed by a list of tables and examples. Every book should do this! It’s also important to note that this book is filled with out-of-the-box command line examples that should be in any pen tester’s toolkit.
|
|
Read more...
|
|
|
 In the very first webcast produced by The Ethical Hacker Network, world-renowned social engineers, Chris Nickerson of TruTV's Tiger Team and noted expert and international speaker, Mike Murray, prepared you for the future of pen testing. For those of you who couldn't attend the live event, here's the webcast in its entirety. Don't forget to look for the coupon code & special pricing announcement for Chris & Mike's Social Engineering Master Class to be held for the very first time at ChicagoCon 2009s May 4 - 8. The webcast took place on March 10 and was described as:
The world of Information Security is changing. Budgets are tighter, attacks are more sophisticated, and the corporate network is no longer the low hanging fruit. That leaves web-enabled applications as the vector-du-jour, but that well is quickly drying up for organized crime as well. As they creep up the OSI Model looking for easier ways to steal your corporate assets, they are quickly making their way up the stack to the unspoken 8th layer, the end user. So what is the next step in the never-ending escalation of this cyber war?
To find out, we must do as Sun Tzu taught. "Think like our enemy!" That is, after all, the primary tenet of penetration testing AKA ethical hacking, isn't it? After years of hardening physical systems, networks, OSs, and applications, we have now come full circle to a new dawn of attack. People are now the target of the advanced hacker, and the cross-hairs are focused squarely on their foreheads... literally. It is only a matter of time before corporations feel the pain of wetware hacking requiring a new approach to testing and defense.
|
|
Read more...
|
|
|
Mike Murray was also at the last ChicagoCon in the fall of 2008. Since he is now going to be a regular columnist on The Ethical Hacker Network, this seems like an appropriate place to publish the slide deck and audio recordings from his talk. If you've never heard Mike speak on Social Engineering, then you're in for a treat. Not only will you be entertained but also educated. The description of the talk is as follows:
"Information security has seen some major changes in the paradigms of attackers through the past 15 years. From the early days of social engineering, through the golden age of server hacking, and to the present times where the human is once again the target, we have seen significant changes in the way that attackers exploit targets. Mike Murray, Former Director of Neohapsis Labs and social engineering expert, will detail those changes and provide a detailed understanding of the types of skills that are being used to exploit human targets today, as well as examples of strategies that you can take to defend against skilled social engineers."
|
|
Read more...
|
|
|
 The first time I gave this speech was at the SANS WhatWorks in Pen Testing Summit in 2008. Although the content was what I wanted to cover, I did tone it down it bit for the audience. I had a strong desire to do the talk again in the future, but had no intention on presenting at my own event, ChicagoCon. I must admit, that it didn't take too much arm twisting from some of the other EH-Netters to get me back to the podium.
So last fall at ChicagoCon 2008f (yes... that's what the 'f' is for), I took the advice and went for it. Not only is this version slightly longer, the stories I tell are not all the same & the free resources section is much longer, but also the audience was different allowing me to let loose. As I state in the speech itself, it's actually in the script for me to drop the 'F' Bomb... and I don't mean 'f'all. So if you really enjoyed the first one, then I'm excited to be able to share with you this new edition. If you're of the Disney crowd, the please refer to the last one. I still think it's worthwhile.
|
|
Read more...
|
|
|
 There are numerous tools used in the Penetration Testing (pen testing) process, and there are plenty of books that go into how to use the individual tools. There are very few resources that discuss how the tools are used and how to approach the process. Parts 1 and 2 encompass the basic outline of what was presented at a talk given to the Duke University ACM Chapter with some minor changes.
In Part 1, we took the viewer through the initial network recon stage through actual exploitation using Metasploit. Initially the network is scanned through Nmap, and then continued with Nessus. We importing the Nessus vulnerabilities directly into Metasploit, determined the corresponding modules for the specific host, then used the module to compromise a remote Microsoft Windows XP box.
Part 2 covers some of the post-exploitation tasks that a pen tester may use. It begins with some basic Meterpreter tasks. Meterpreter is a specialized pen testing shell that is included in Metasploit as a payload. Using Meterpreter, password hashes are obtained from the exploited machine, and 0phcrack is used to crack the obtained passwords. While the passwords are cracking offline, the viewer is taken back to Meterpreter in order to create a hidden cmd.exe shell on the remote host. Finally we create a new user and add that user to the Administrators group. Ready to see it in action?
|
|
Read more...
|
|
|
Challenge Extended until March 16!
 Dearest challenge fans,
We've got a special treat for you this time around. Josh Wright of InGuardians has created a simply fantastic challenge based on the beloved 1970's TV show, _The_Brady_Bunch_. I grew up watching the Brady's crazy antics again and again in re-runs, and love how Josh has interweaved the show's lore throughout his challenge. But, even if you aren't into the Bradys, there is so much gee-whiz technical awesomeness here, you really should work through this one, my friends. Josh's funk is multi-layered, and there is a bunch to be learned by all of us from this one. Don't skip it or be intimidated by it... just start working your way through it, carefully and methodically, and enjoy all of the beautiful twists and turns Josh has crafted. I honestly think this is one of our best challenges yet!
As usual, we'll have three prizes: one for the best technical answer, one for the most creative answer that is technically correct, and one random draw winner. You must submit something to qualify for the random draw, so send in even partially completed answers. Winners will receive signed copies of my book, Counter Hack Reloaded. All entries are due by March 9, 2009 March 16, 2009.
--Ed Skoudis
Co-Founder, InGuardians, SANS Fellow, EthicalHacker.net Challenge Master, Author of Counter Hack Reloaded, Josh Wright Fan
|
|
Read more...
|
|
|
The world of Information Security is changing. Budgets are tighter, attacks are more sophisticated, and the corporate network is no longer the low hanging fruit. That leaves web-enabled applications as the vector-du-jour, but that well is quickly drying up for organized crime as well. As they creep up the OSI Model looking for easier ways to steal your corporate assets, they are quickly making their way up the stack to the unspoken 8th layer, the end user. So what is the next step in the never-ending escalation of this cyber war?
To find out, we must do as Sun Tzu taught. "Think like our enemy!" That is, after all, the primary tenet of penetration testing AKA ethical hacking, isn't it? After years of hardening physical systems, networks, OSs, and applications, we have now come full circle to a new dawn of attack. People are now the target of the advanced hacker, and the cross-hairs are focused squarely on their foreheads... literally. It is only a matter of time before corporations feel the pain of wetware hacking requiring a new approach to testing and defense.
Join world-renowned social engineers, Chris Nickerson of TruTV's Tiger Team and noted expert and international speaker, Mike Murray, as they prepare you for the future of pen testing. This webcast on Tuesday March 10, 2009 at 11:00 CST is your primer to the world of "Modern Social Engineering."
|
|
Read more...
|
|
| | << Start < Prev 1 2 3 4 5 6 7 8 Next > End >>
| | Results 40 - 52 of 103 |
|
del.icio.us
(4) 
Career Central : Becoming Pentester / EH
