X

Download Security and Ethical Hacking PowerPoint Presentation


Login   OR  Register
X

Share page



  Preview

               
Home / Computers & Web / Computers & Web Presentations / Security and Ethical Hacking PowerPoint Presentation

Security and Ethical Hacking PowerPoint Presentation

worldwideweb By : worldwideweb

On : Aug 07, 2014

In : Computers & Web

Embed :
550
views

2
downloads
Login / Signup - with account for


  • → Make favorite
  • → Flag as inappropriate
  • → Download Presentation
  • → Share Presentation
  • Slide 1 - Security & “Ethical Hacking” Luke Arntson Central Washington University Spring 2007 Presentation #4 – Hardware Hacking & Cracking
  • Slide 2 - News Flash!! 5-1-07 Digg.com was taken over last night by what some are calling a “digital riot”. The demand for freedom of speech and the order of the DMCA to remove the HD-DVD unlock key have spawned a massive retaliation on the website. Literally 40,000 stories have spawned about the key, including direct text.
  • Slide 3 - Introduction Hardware is just as important as software Hands-on means you can break it.. Permanently What fun would equipment be if it only had one purpose?
  • Slide 4 - About Me
  • Slide 5 - Overview Cracking WEP/WPA on a Router Bluetooth Sniffing/Snarfing/Hijacking Magnetic Strip Reading for < $5 RFID Reading & Writing Console Hacking (brief) Arcade Building (very very brief)
  • Slide 6 - Cracking WEP / WPA Every modern day router comes with an encryption option WEP & WPA are both vulnerable WEP requires many IVs from source WPA requires one 4-way handshake
  • Slide 7 - Cracking WEP - Tools Let’s crack a 128-bit WEP key! Linux Tools used: gkismet, aireplay, & aircrack. (NG versions work fine.) Optional Tools: void11_hopper/void11_penetration for prism based chipsets. Backtrack is a free LiveCD that supplies all the listed tools & has a hard drive install option
  • Slide 8 - Setup Card & Begin Scan First, you need to scan for a victim & setup your card. For atheros, Kismet automatically detects, others you will need to edit Kismet’s config. Once you know the bssid & channel you need, set your network card to Monitor like so: iwconfig ath0 mode Monitor channel 6
  • Slide 9 - Begin Dumping & Injecting Use airodump to record all of the IVs you’ll need to crack Use aireplay to inject a mass quantity to get new IVs to use to crack the key. You’ll need at least 100,000 keys to crack a 128-bit WEP key, generally 200-300k is good.
  • Slide 10 - Aircrack, WEP cracking tool Aircrack is a very fast WEP cracker that has many nice options. aircrack –f 4 –q 0 myFile.cap Wait patiently until Aircrack tells you its found the key, this can take upwards of 24 hours, but will generally take 1-2 minutes with 200k IVs.
  • Slide 11 - WPA Cracking To crack WPA, you need the 4-way handshake. This is acquired when a new client connects to the WPA router. Void11 de-authenticates users and forces them to reconnect, thus giving you a fresh 4-way handshake. Void11 is only supported by prism cards.
  • Slide 12 - Cowpatty – WPA cracking WPA is cracked via a dictionary or brute force method. Slower in many cases, but because the attacker takes the 4-way handshake home, they are given an infinite amount of time to crack it. Cowpatty is not as fast as aircrack, but gives similar results.
  • Slide 13 - Which To Use? Well its all up to you, WPA is slower than WEP in terms of transfer speed. If your network is not being attacked, WEP is fine for protection If your extremely worried about intruders, use WPA with AES (new routers support this) and use extremely long passwords.
  • Slide 14 - Bluetooth Snarfing Watch this real quick video of a Nokia phone with Bluetooth getting destroyed by bluesnarfer Involves a weakness discovered in allowing Bluetooth connections with specified hardware calls. Each phone/carrier is different. Bluetooth viruses also have been released that spread between phones
  • Slide 15 - Car Whisperer Inject sound into Bluetooth dongles, save sounds, and cause general paranoia Open-source software http://trifinite.org/trifinite_stuff_carwhisperer.html Most Bluetooth dongles use “0000” as the passkey, and many others have a default company passkey. This passkey is what is used to connect via a Bluetooth dongle. By forcing a connection, we are also talking to the dongle just like the phone.
  • Slide 16 - Identify, Hijack, Humiliate The consequences for this flaw are essentially eavesdropping (wireless Watergate??) Do you think the government is not using this now? Pff, read up on FBI using cell phones as RF transmitters  Programs are available to identify, exploit, hijack, download, upload, and abuse hardware via Bluetooth.
  • Slide 17 - Magnetic Strip Reading < $5 Under $5, wtf? How? Can sound represent digits on a magnetic strip? FSK (frequency shift keying - a.k.a. Atkin Biphase) modulation from the magnetic strip can! Materials: Goodwill headphones with polarized magnetic head ~$0.99, half of a 6-ft mono Audio Cable $2.50, material for the stand/swiper Free
  • Slide 18 - Construction Step 1: Cut mono cable in half Step 2: Remove polarized magnetic head from cheap walkman, toss rest if disgusting (mine was) Step 3: Combine positives and negatives on mono cable and polarized magnetic head Step 4: Tape, construct slider, record and load!
  • Slide 19 - Attention to Track Details There are three tracks on a magnetic card: Track 1, 0.223” inches from bottom, Track 2, 0.333” inches from the bottom, and Track 3, 0.443” inches from the bottom These tracks all can contain useful information, although highly secure tracks are often encrypted (check out 2600’s cracking the train tickets!)
  • Slide 20 - Dab.c & Dmsb.c Currently both are only supported in Linux, I will try to make a Win32 port Can take raw microphone input, OR .wav files Dab.c reads raw binary data, then converts over to ASCII via Dmsb.c
  • Slide 21 - Swipe & Observe Sometimes the information on a card is junk, but remember, a credit card reader is ONLY looking at this junk. If you acquire a writer off… Ebay… you could collect card tracks, take a writable smart card, and cause chaos. Hackers at Defcon always manage to unlock a few rooms this way. Imagine a portable swiper hooked up to an MP3 player as well. Sort of scary…scares the sh** out of me
  • Slide 22 - RFID Reading & Writing RFID – radio frequency information device Used in pets, on credit cards, in passports, some guy had it implanted in his skin! Nothing more than a miniature radio transmitter that spits out its ID when told to
  • Slide 23 - Give Me Access Damnit RFID badges are very frequently used in big companies trying to keep “high-tech” Radio frequencies can only be blocked by faraday caged wallets & passport holders RFID readers can pick up anything given to them, especially RFID badges
  • Slide 24 - RFID Read/Write/ RFIDs give off a unique frequency, one which a writer/spoofer can clone Most RFIDs are locked as read-only, but hackers have come up with RFID cloners Give a door the right RFID via a cloner and you’re in! All the attacker needed was to be close enough to activate your RFID badge & copy it.
  • Slide 25 - Costs of RFID Readers RFID Reading is fun to imagine projects for. RFID Toys – essential how-to book on all sorts of projects involving RFID tags www.parallax.com – $40, cheapest RFID modules on the internet, build your own serial connector as well www.thinkgeek.com – $99, sells the “RFID Devil”, a USB RFID reader that can work independently of a computer and save acquired RFIDS.
  • Slide 26 - Console Hacking All systems have been able to run homebrew in one way or another Three main types of homebrew enablers; mod chips, custom firmware, and flash carts. We will discuss the Nintendo DS Flash Cart and the Xbox mod chip, Xecuter 2.6CE www.neoflash.com offers many flash carts nobody else has including Turbo Graphx 16
  • Slide 27 - Nintendo DS Flash & Firmware Nintendo DS currently has 3 ways to run homebrew 1. Running a Slot-1 Passhthrough device and loading programs off of Slot-2 (gba) 2. Running a Slot-1 Passthrough & Homebrew device all-in-one 3. Flashing the firmware with FlashMe v0.7 and running off of Slot-2 (gba)
  • Slide 28 - Flashing the DS If you do not own a passthrough or other such device, and you want to play homebrew via a Slot-2 (gba) flashcart, here’s how! Remove the battery cover from the Nintendo DS, and locate the small hole located on the left side of the battery. The top hole contains this: ( || ) – metal contacts Insert a passthrough, bridge the metal contacts, and run the FlashMe.nds file on the slot-2 flash cart. Flash, restart, finish!
  • Slide 29 - Xbox Mod Chips Many mod chips, some have better features than others, but all circumvent the Microsoft Bios. Not entirely illegal: full Linux bios options are available for a pure Linux Xbox Xecuter 2.6CE offer a lot of options and are very affordable. Come check it out after the presentation.
  • Slide 30 - Post-Modded Xbox Emulators, “backups”, applications, and many more Bigger hard drives, as big as you can get in IDE, 500gb are 100% ok Replace thermal compound to get rid of nasty M$ gunk (also replace fans if you want to) Run Xbox as a media device, streaming live off of the computer Emulation is perfect, games are fun, Xboxs are very cheap, why the heck not??
  • Slide 31 - Arcade Building Just throwing it out there for those who are interested Use a keyboard interface to make arcade controls “act” like a keyboard. Gamepad hacks also work great. Check out the arcade parts I have to show. Use MAME, FCEU, ZSNES, and other emulators to “emulate” the feel of a real arcade.
  • Slide 32 - Many Online Arcade Resources And a book from Saint called Extreme Tech – Project Arcade! www.arcadecontrols.com has some of the best examples out there. Check out the Examples section! www.happcontrols.com is a good place to get the real parts, although I prefer Ebay www.shoryuken.com check out the hardware talk for single arcade sticks (not arcades) if you like fighting games or just want an arcade joystick, not an arcade
  • Slide 33 - Thank You For Your Time Feel free to send me any comments / suggestions / requests for any slides presented arntsonlcwu.edu

Description : Available Security and Ethical Hacking powerpoint presentation for free download which is uploaded by steve an active user in belonging ppt presentation Computers & Web category.

Tags : online security | ethical hacking | internet hacking | hacking | bullying

Shortcode : Get Shareable link