1 / 33

How To Hack Windows

How To Hack Windows. Brent Williams MCSE, CNE, A+, N+, XP-MCP brwillia@kennesaw.edu Kennesaw State University (Atlanta, Georgia). Agenda. Why Talk About Hacking? Hacking Scenarios Utilities, Techniques, and Ideas Preventive Methods New Threats. Hackers Know….

cristinamills
Download Presentation

How To Hack Windows

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. How To Hack Windows Brent Williams MCSE, CNE, A+, N+, XP-MCP brwillia@kennesaw.edu Kennesaw State University (Atlanta, Georgia)

  2. Agenda • Why Talk About Hacking? • Hacking Scenarios • Utilities, Techniques, and Ideas • Preventive Methods • New Threats

  3. Hackers Know… • They Look for Targets of Opportunity • Most System Administrators are Self-Taught • Most Don’t Know of Basic Security Issues in Windows • Many Systems are Left Vulnerable

  4. Think Like a Hacker (or script-kiddie, if you prefer!)

  5. Hacking Steps • Casing the Establishment • Public Sources • Social Engineering • Network Hacking (Attack a Server) • Information Retrieval • System Damage • System Hacking (Attack a PC) • Information Retrieval • System Damage

  6. NETWORK ATTACK

  7. Footprinting:Target Acquisition • Visit Their Web Site • http://www.kennesaw.edu • http://its.kennesaw.edu/netsoft/prodnov.shtml • http://its.kennesaw.edu/net/net.shtml • Open Source Search – People • www.allwhois.com • www.arin.net (130.218) • Sam Spade • Nslookup • Tracert • Visual Route

  8. Scanning • Ping sweeps • Ping • Ultrascan • Superscan • WS_Ping (Ipswitch) • Look for • Port 80 • Port 139 and 445 • Port 21

  9. Protect and Check • Firewall Software • www.zonealarm.com • www.networkice.com • www.norton.com • Shields Up? • www.grc.com • www.firewallcheck.com • www.norton.com

  10. Decide How to “Break in” • Use a Web Browser and Exploit a Weakness • Buffer overflow (plant Netcat) • Unchecked Data • Attach • Use a Null Connection • Net Use \\ip\ipc$ “” /u:”” • Look for Shares • \\ip address or \\server name

  11. Example: Windows Enumeration(What You Want) • Identify Valid User Accounts • Identify Group Membership • Find Poorly Protected Shares • Tools… • Winfingerprint • Superscan • Dumpsec

  12. Example:Windows Enumeration (Windows Can be Vary Easy!) • Get the User IDs, Groups, etc. • DumpACL – www.somarsoft.com - Wow! • LDAP query – Dump Accounts and Groups on a 2000 Server • Tool is on the Windows 2000 Server CD!

  13. Example:Get a Password • Brute Force Attack • More Elegant Tools • L0PHTCRACK • LC3/LC4

  14. Easy Hacks • Shares • Most users don’t know how to use NTFS • Default permission in NT/2000 is EVERYONE has FULL CONTROL • Changed in XP to EVERYONE has READ

  15. Protecting Windows Servers • Get and Run the MS Baseline Security Analyzer • Use Policies • Latest Service Packs and patches • Weekly or automatic http://windowsupdate.microsoft.com • Firewall Software • Learn how to use NTFS permissions

  16. Wireless Hacking • Wireless LANs are everywhere • Business, Schools, Homes • By Default, they are Open! • Easy to Find – Netstumbler • Warchalking • Protection is limited • WEP: Wired Equivalent Privacy – can be hacked - airsnort • New Protection Methods • 802.1x

  17. WORKSTATION ATTACK

  18. Basic Windows 95/98 • PWL file • Your Admin Password is All-Over-the-Place! • Easily copied to a floppy • Document Passwords • www.lostpassword.com • www.lostpasswords.com • Keystroke Logging

  19. Workstation Attack Prevention • Firewall – especially on cable or DSL • Limit Shares - Use Passwords • Make Document Passwords LONG • Be aware of PWL files

  20. Windows XP Professional Attacks • More secure out of the box • Use Policies • Know how to use NTFS • Limit Shares • Don’t turn on IIS • Use the built in firewall (or other)

  21. SpyWare • New threat • Visit to Web Site Installs SpyWare • Used to Mine Personal Info • Destabilizes PC • Get SpyBot

  22. Vendors and Politicians Fail Us • Why do Email and Web Clients allow software to install (without a prompt)? • Why not put network access in a “sandbox”? • Why are web sites allowed present misleading “User Agreements” • What will we do about HTML?

  23. Web Sites for Tools • www.2600.com • www.hackersclub.net • www.hackingexposed.com

  24. Summary • Get Some Training! • Hacking Tools are • Plentiful • Simple to Use • Evolving • You Must Expect Attacks on All Systems • Do the Basics – That Stops 99% of Attacks!

  25. This Presentation Available • Visit http://edtech.kennesaw.edu/brent • See Our Course Schedule at http://edtech.kennesaw.edu

  26. Add • N-stealth • Pest Patrol • Nessus • Retina • Check Web Sites • Check Edtech2000 server • Install LC3/LC4 on laptop • Keystroke Logger detection

More Related