- Page 1 and 2:
Hack security “pro”
- Page 3 and 4:
Authors For their contribution to t
- Page 5 and 6:
Chapter IV: Web Vulnerabilities....
- Page 7 and 8:
INTRODUCTION TO TCP/IP NETWORKS Net
- Page 9 and 10:
In case of reception, each layer wi
- Page 11 and 12:
ARP heading: The Hackademy DMP -11/
- Page 13 and 14:
Version: 4 bits. The version field
- Page 15 and 16:
TCP header: Source Port: 16 bits. T
- Page 17 and 18:
TCP/UDP Port Notions: Multiplexing/
- Page 19 and 20:
Start the MS-DOS control interface
- Page 21 and 22:
CHAPTER I INFORMATION ACQUISITION T
- Page 23 and 24:
expires: 2005-10-28 11:28:29 create
- Page 25 and 26:
In the answer field you will find:
- Page 27 and 28:
nmap -sP 192.168.124.0/24 Starting
- Page 29 and 30:
C) Fingerprinting the system The nm
- Page 31 and 32:
It is also possible to specify seve
- Page 33 and 34:
SMTP : Simple Mail Transfer Protoco
- Page 35 and 36:
SNMP : Simple Network Management Pr
- Page 37 and 38:
Here is a scan report obtained with
- Page 39 and 40:
# nmap 3.50 scan initiated Wed May
- Page 41 and 42:
CHAPTER II CLIENT VULNERABILITIES T
- Page 43 and 44:
File viruses: These viruses attack
- Page 45 and 46:
Retroviruses are a bit more aggress
- Page 47 and 48:
However, do check in the start file
- Page 49 and 50:
Creating a hidden gateway : But the
- Page 51 and 52:
infallible. It consists in associat
- Page 53 and 54:
DOS commands if conditional pluggin
- Page 55 and 56:
Each one of these zones can be conf
- Page 57 and 58:
The javascript code destined to dow
- Page 59 and 60:
The wizard will ask you the locatio
- Page 61 and 62:
CHAPTER III NETWORKS VULNERABILITIE
- Page 63 and 64:
Here, the connection between the ro
- Page 65 and 66:
Using the "Follow TCP Stream" optio
- Page 67 and 68:
You have just created a new filter.
- Page 69 and 70:
This handshake takes place as follo
- Page 71 and 72:
Third step Illustration 3: ACK To c
- Page 73 and 74:
The methodology of this type of att
- Page 75 and 76:
The case of the UDP protocol Unlike
- Page 77 and 78:
nc -l -v -n -p 887 Injection of com
- Page 79 and 80:
Let's try to connect again from mac
- Page 81 and 82:
We can see that Ethereal has seen i
- Page 83 and 84:
Conclusion The covert channel princ
- Page 85 and 86:
It is the IP protocol that is going
- Page 87 and 88:
We will simultaneously launch the p
- Page 89 and 90:
5.Connections Hijacking We are goin
- Page 91 and 92:
Let us now display the contents of
- Page 93 and 94:
B) DNS hijacking The DNS protocol i
- Page 95 and 96:
ssh2 protection The server's public
- Page 97 and 98:
B) SSL The SSL protocol functions w
- Page 99 and 100:
Recent viruses use the resources of
- Page 101 and 102:
1.Site Mapping The first thing a ha
- Page 103 and 104:
Scan_web.php Scan_web.php is a PHP
- Page 105 and 106:
The phpinfo() function gives the ha
- Page 107 and 108:
ack to an error message */ if ($ok
- Page 109 and 110:
System() Function The System() func
- Page 111 and 112:
Uploading via PHP Quite often, one
- Page 113 and 114:
inc.php file page1.php file By ty
- Page 115 and 116:
There are other functions of the sa
- Page 117 and 118:
i=0; j=0; while (data[i] != '=') {
- Page 119 and 120:
system("/usr/bin/sendmail -t test@t
- Page 121 and 122:
In all cases, it is also important
- Page 123 and 124:
It is therefore vital to understand
- Page 125 and 126:
The error means that the SQL reques
- Page 127 and 128:
} else{ } $query = "UPDATE users SE
- Page 129 and 130:
And here is the result: We are now
- Page 131 and 132:
We can see that CrashFr is now in b
- Page 133 and 134:
Once the client has entered his pse
- Page 135 and 136:
CHAPTER V APPLICATION VULNERABILITI
- Page 137 and 138:
2.Buffer Overflow Buffer overflow t
- Page 139 and 140:
xdream@Laptop:/$ readelf -a /bin/ls
- Page 141 and 142:
A few assembler notions Let us see
- Page 143 and 144:
Let us study the representation of
- Page 145 and 146:
The program segfaulted when trying
- Page 147 and 148:
We can determine that at address 0x
- Page 149 and 150:
The we can look in libc6 for the ad
- Page 151 and 152:
We can also see in the sources a ca
- Page 153 and 154:
3. String Format Presentation Strin
- Page 155 and 156:
So when the '%n' indicator is encou
- Page 157 and 158: Using dtors. bash# objdump -s -j .d
- Page 159 and 160: Security The only solution here is
- Page 161 and 162: This program is “suidroot”, whi
- Page 163 and 164: } } printf("Opening of file authori
- Page 165 and 166: } flock(fd, LOCK_UN); //Closing of
- Page 167 and 168: 1.Authentication Brute force In thi
- Page 169 and 170: Hybrid attack T launch a hybrid att
- Page 171 and 172: LC3 offers 4 methods. 1. From the l
- Page 173 and 174: B) The Unix passwd file On Unix sys
- Page 175 and 176: C) Authentication service One of th
- Page 177 and 178: The first thing to do is to create
- Page 179 and 180: B) Backdoor kernel Backdoor kernels
- Page 181 and 182: CHAPTER VII GENERIC SECURITY PROCED
- Page 183 and 184: Configure snort so that it can stor
- Page 185 and 186: Pmon NT Pmon is a process monitorin
- Page 187 and 188: Here is a simple scenario. Let us t
- Page 189 and 190: Step 2 : Encoding and signing (PGP)
- Page 191 and 192: 12.You can choose a separate Signat
- Page 193 and 194: B) Cryptography of hard drives Wind
- Page 195 and 196: The first time this operation is do
- Page 197 and 198: Integrity controller on Linux There
- Page 199 and 200: There are three protection levels:
- Page 201 and 202: "Program control" Section The “pr
- Page 203 and 204: The rules take the following values
- Page 205 and 206: 7.VPN What is a Virtual Private Net
- Page 207: Contact 1 Villa du clos de Malevart