Cover image for Hacking: The Next Generation

Book description

With the advent of rich Internet applications, the explosion of social media, and the increased use of powerful cloud computing infrastructures, a new generation of attackers has added cunning new techniques to its arsenal. For anyone involved in defending an application or a network of systems, Hacking: The Next Generation is one of the few books to identify a variety of emerging attack vectors. You'll not only find valuable information on new hacks that attempt to exploit technical flaws, you'll also learn how attackers take advantage of individuals via social networking sites, and abuse vulnerabilities in wireless technologies and cloud infrastructures. Written by seasoned Internet security professionals, this book helps you understand the motives and psychology of hackers behind these attacks, enabling you to better prepare and defend against them.

  • Learn how "inside out" techniques can poke holes into protected networks

  • Understand the new wave of "blended threats" that take advantage of multiple application vulnerabilities to steal corporate data

  • Recognize weaknesses in today's powerful cloud infrastructures and how they can be exploited

  • Prevent attacks against the mobile workforce and their devices containing valuable data

  • Be aware of attacks via social networking sites to obtain confidential information from executives and their assistants

  • Get case studies that show how several layers of vulnerabilities can be used to compromise multinational corporations

Table of Contents

  1. Special Upgrade Offer
  2. Preface
    1. Audience
    2. Assumptions This Book Makes
    3. Contents of This Book
    4. Conventions Used in This Book
    5. Using Code Examples
    6. We’d Like to Hear from You
    7. Safari® Books Online
    8. Acknowledgments
  3. 1. Intelligence Gathering: Peering Through the Windows to Your Organization
    1. Physical Security Engineering
      1. Dumpster Diving
      2. Hanging Out at the Corporate Campus
    2. Google Earth
    3. Social Engineering Call Centers
    4. Search Engine Hacking
      1. Google Hacking
      2. Automating Google Hacking
      3. Extracting Metadata from Online Documents
      4. Searching for Source Code
    5. Leveraging Social Networks
      1. Facebook and MySpace
        1. Abusing Facebook
      2. Twitter
    6. Tracking Employees
      1. Email Harvesting with theHarvester
      2. Resumés
      3. Job Postings
      4. Google Calendar
    7. What Information Is Important?
    8. Summary
  4. 2. Inside-Out Attacks: The Attacker Is the Insider
    1. Man on the Inside
    2. Cross-Site Scripting (XSS)
      1. Stealing Sessions
      2. Injecting Content
      3. Stealing Usernames and Passwords
      4. Advanced and Automated Attacks
    3. Cross-Site Request Forgery (CSRF)
      1. Inside-Out Attacks
    4. Content Ownership
      1. Abusing Flash’s crossdomain.xml
      2. Abusing Java
        1. Attacking Code.google.com
    5. Advanced Content Ownership Using GIFARs
      1. Stealing Documents from Online Document Stores
    6. Stealing Files from the Filesystem
      1. Safari File Stealing
        1. The feed:// protocol handler
        2. Using Java to steal files
    7. Summary
  5. 3. The Way It Works: There Is No Patch
    1. Exploiting Telnet and FTP
      1. Sniffing Credentials
      2. Brute-Forcing Your Way In
      3. Hijacking Sessions
    2. Abusing SMTP
      1. Snooping Emails
      2. Spoofing Emails to Perform Social Engineering
    3. Abusing ARP
      1. Poisoning the Network
      2. Cain & Abel
      3. Sniffing SSH on a Switched Network
      4. Leveraging DNS for Remote Reconnaissance
      5. DNS Cache Snooping
        1. The snooping attack in a nutshell
        2. A tool to snoop DNS caches
        3. Sample output of cache_snoop.pl
    4. Summary
  6. 4. Blended Threats: When Applications Exploit Each Other
    1. Application Protocol Handlers
      1. Finding Protocol Handlers on Windows
      2. Finding Protocol Handlers on Mac OS X
      3. Finding Protocol Handlers on Linux
    2. Blended Attacks
      1. The Classic Blended Attack: Safari’s Carpet Bomb
      2. The FireFoxUrl Application Protocol Handler
      3. Mailto:// and the Vulnerability in the ShellExecute Windows API
      4. The iPhoto Format String Exploit
      5. Blended Worms: Conficker/Downadup
    3. Finding Blended Threats
    4. Summary
  7. 5. Cloud Insecurity: Sharing the Cloud with Your Enemy
    1. What Changes in the Cloud
      1. Amazon’s Elastic Compute Cloud
      2. Google’s App Engine
      3. Other Cloud Offerings
    2. Attacks Against the Cloud
      1. Poisoned Virtual Machines
      2. Attacks Against Management Consoles
      3. Secure by Default
      4. Abusing Cloud Billing Models and Cloud Phishing
      5. Googling for Gold in the Cloud
    3. Summary
  8. 6. Abusing Mobile Devices: Targeting Your Mobile Workforce
    1. Targeting Your Mobile Workforce
      1. Your Employees Are on My Network
      2. Getting on the Network
      3. Direct Attacks Against Your Employees and Associates
      4. Putting It Together: Attacks Against a Hotspot User
      5. Tapping into Voicemail
      6. Exploiting Physical Access to Mobile Devices
    2. Summary
  9. 7. Infiltrating the Phishing Underground: Learning from Online Criminals?
    1. The Fresh Phish Is in the Tank
    2. Examining the Phishers
      1. No Time to Patch
      2. Thank You for Signing My Guestbook
      3. Say Hello to Pedro!
      4. Isn’t It Ironic?
    3. The Loot
      1. Uncovering the Phishing Kits
      2. Phisher-on-Phisher Crime
    4. Infiltrating the Underground
      1. Google ReZulT
      2. Fullz for Sale!
      3. Meet Cha0
    5. Summary
  10. 8. Influencing Your Victims: Do What We Tell You, Please
    1. The Calendar Is a Gold Mine
      1. Information in Calendars
      2. Who Just Joined?
      3. Calendar Personalities
    2. Social Identities
      1. Abusing Social Profiles
      2. Stealing Social Identities
      3. Breaking Authentication
    3. Hacking the Psyche
    4. Summary
  11. 9. Hacking Executives: Can Your CEO Spot a Targeted Attack?
    1. Fully Targeted Attacks Versus Opportunistic Attacks
    2. Motives
      1. Financial Gain
        1. Converting information to currency
      2. Vengeance
      3. Benefit and Risk
    3. Information Gathering
      1. Identifying Executives
      2. The Trusted Circle
        1. Identifying the trusted circle: Network analysis
        2. Friends, family, and colleagues
      3. Twitter
        1. TweetStats
        2. Clicking links on Twitter
      4. Other Social Applications
    4. Attack Scenarios
      1. Email Attack
        1. Identifying the executive to attack
        2. Finding a potential lure
        3. Identifying the email address of the lure
        4. Constructing the email
      2. Targeting the Assistant
        1. Trusted circle attack on the assistant
        2. Leveraging the assistant’s trust
      3. Memory Sticks
    5. Summary
  12. 10. Case Studies: Different Perspectives
    1. The Disgruntled Employee
      1. The Performance Review
      2. Spoofing into Conference Calls
      3. The Win
    2. The Silver Bullet
      1. The Free Lunch
      2. The SSH Server
      3. Turning the Network Inside Out
      4. A Fool with a Tool Is Still a Fool
    3. Summary
  13. A. Chapter 2 Source Code Samples
    1. Datamine.js
    2. Pingback.js
    3. External-datamine.js
    4. XHRIEsniperscope()
    5. Codecrossdomain.java
    6. HiddenClass.java
  14. B. Cache_Snoop.pl
  15. Index
  16. About the Authors
  17. Colophon
  18. Special Upgrade Offer
  19. Copyright