hakin9_03_2008(1).pdf

~ t q w ~

~ t q w ~

~ t q w ~

CONTENTS

team

Editor in Chief: Ewa Dudzic ewa.dudzic@hakin9.org

Executive Editor: Magda Błaszczyk magda.b@hakin9.org

Editorial Advisory Board: Matt Jonkman, Clement Dupuis, Jay

Ranade, Terron Williams, Steve Lape

Assistants: Monika Drygulska monika.drygulska@hakin9.org, Sylwia

Stocka sylwia.stocka@hakin9.org

DTP Management: Robert Zadrożny robert.zadrozny@hakin9.org

Tags: Ireneusz Pogroszewski ireneusz.pogroszewski@hakin9.org

Art Director: Agnieszka Marchocka agnieszka.marchocka@hakin9.org

CD: Rafał Kwaśny rafal.kwasny@gmail.com

May, Labor and hakin9

W elcome, here we have our 16th issue of hakin9 magazine. It is May

Proofreaders: Jonathan Edwards, Steve Lape, Michael Munt,

Robert Kalinofski, Kevin Mcdonald, John Hunter

Top Betatesters: Joshua Morin, Michele Orru, Clint Garrison, Shon

Robinson, Brandon Dixon, Justin Seitz, Donald Iverson, Matthew Sabin,

Stephen Argent, Aidan Carty, Rodrigo Rubira Branco, Jason Carpenter,

Ashish Kumar Martin Jenco, Sanjay Bhalerao, Ashutosh Agarwal,

Robert Kalinofski, Aashish Kumar

(unless you were late and forgot to buy your issue just after it was

released). Although in the United Sates Labor day is on the first

Monday of September, most European countries celebrate it on May 1st. I

come from a country where this day used to be extremely important and

symbolic. It was at a time when the state was governed by the Communist

Party. People wanted or had to (depending if they believed or not in the

government's ideas) attend the colorful parades, shows and other patriotic

and labor-oriented events with songs, flowers and flags. If someone did not

take part in the parade and their boss knew about it, they could either loose

their job or be punished in a different way. After communism ended up in

Europe, most of the countries stopped celebrating Labor Day in this special

or aggressive way and they either renamed it to "State Holiday" or let the

workers' movement and trade unions celebrate it in their own way.

It was just a few words on Labor Day because that is what May brings to

my mind. Labor associates to work. And work is what hakin9 can help you

with. Every two months we look for the best and the most useful articles for

IT Security specialists. If you wish to share your knowledge and experience,

write an article too!

In this issue of hakin9 magazine you are going to learn (or better

remember) how to use Live CDs in a pen test lab. You will also get to know

what the best practices for secure shell are and how to crack LDAP Salted

SHA Hashes. Then, we have a paper for those of you who would like to take

a better look at JavaScript obfuscation. The Defense section contains two

articles this time. You will read the second article from a three-part series

on Postgres as well as part 1 of a nice article on vulnerabilities due to type

conversion. The May-June edition of hakin9 comes with a CD containing a

great number of commercial applications that you might find useful. Browse

the CD, see if you like any of the programs we negotiated for you and enjoy

two other things we prepared: an instructional video on using Metasploit

with its database to scan multiple machines, discover their vulnerabilities

and gain access plus a chapter of a book on Computer Security by William

Stallings and Lawrie Brown. I hope you will like what we have delivered

in this issue. Let me know if you have any comments or questions. I look

forward to your e-mails.

Senior Consultant/Publisher: Paweł Marciniak pawel@hakin9.org

Production Director: Marta Kurpiewska marta.kurpiewska@hakin9.org

Marketing Director: Ewa Dudzic ewa.dudzic@hakin9.org

Circulation and Distribution Executive: Wojciech Kowalik

wojciech.kowalik@hakin9.org

Subscription: customer_service@hakin9.org

Publisher: Software Media LLC

(on Software Publishing House licence www.software.com.pl/en )

1461 A First Avenue, # 360

New York, NY 10021-2209, USA

Tel: 001917 338 3631

www.hakin9.org/en

Software Media LLC is looking for partners from all over the World.

If you are interested in cooperating with us,please contact us at:

cooperation@hakin9.org

Print: 101 Studio, Firma Tęgi

Printed in Poland

Distributed in the USA by: Source Interlink Fulfillment Division,

27500 Riverview Centre Boulevard, Suite 400, Bonita Springs, FL

34134

Tel: 239-949-4450.

Distributed in Australia by: Europress Distributors Pty Ltd, 3/123

McEvoy St Alexandria NSW Australia 2015, Ph: +61 2 9698 4922,

Whilst every effort has been made to ensure the high quality of

the magazine, the editors make no warranty, express or implied,

concerning the results of content usage.

All trade marks presented in the magazine were used only for

informative purposes.

All rights to trade marks presented in the magazine are reserved by

the companies which own them.

To create graphs and diagrams

we used program by

Cover-mount CD’s were tested with AntiVirenKit

by G DATA Software Sp. z o.o

The editors use automatic DTP system

Mathematical formulas created by Design Science MathType™

ATTENTION!

Selling current or past issues of this magazine for prices that are

different than printed on the cover is – without permission of the

publisher – harmful activity and will result in judicial liability.

hakin9 is also available in: Spain, Argentina, Portugal,

France, Morocco, Belgium, Luxembourg, Canada, Germany,

Austria, Switzerland, Poland, Czech, Slovakia, Singapore,

The Netherlands, Australia, The United States

hakin9 magazine is published in 7 language versions:

Magda Błaszczyk

magda.b@hakin9.org

DISCLAIMER!

The techniques described in our articles may only be

used in private, local networks. The editors hold no

responsibility for misuse of the presented techniques

or consequent data loss.

4 HAKIN9 3/2008

~ t q w ~

CONTENTS

BASICS

REGULARS

06 In Brief

Zinho & www.hackerscenter.com

Selection of news from the IT security

world.

16 Pentest Labs Using Live CDs

THOMAS WILHELM

After reading this article, you will come to know how to use and design LiveCDs

for use in a Penetration Test Lab.

08 CD Contents

hakin9 team

What's new on the latest hakin9.live CD

– commercial applications, e-book and a

video tutorial on Metasploit database.

ATTACK

22 Best Practices for Secure Shell

RYAN W. MAPLE

The article presents the usage of an application called Secure Shell. It

explains why SSH is the best secure tool for remote access. The paper also

shows the best practices in using SSH and tips on how to avoid common

mistakes.

12 Tools

Einat Adar

AppliCure dotDefender Monitor and

dotDefender

Sanjay Bhalerao

Elcomsoft Distributed Password Recovery

Brandon Dixon

Jasob 3.1

26 Cracking LDAP Salted SHA Hashes

ANDRES ANDREU

The article will teach you how LDAP Salted SHA Hashes are structured, how

to employ modern day tools to crack LDAP SSHA hashes. The author shows

why LDAP SSHA hashes should be treated like clear-text data.

68 Emerging Threats

Matthew Jonkman

Writing IPS Rules – Part Five

36 Javascript Obfuscation Techniques

DAVID SANCHO, TREND MICRO

A very useful paper on how to conceal javascript code and how to detect and

deobfuscate code hidden by these techniques.

70 Consumers Test

Kevin Beaver & hakin9 team.

Anti-Virus Software

44 Breaking in Add-on Malwares

ADITYA K. SOOD AKA 0KN0CK

This article covers the working functionality of malware Add-ons. It

presents the practical techniques that will help to understand malwares

effectively.

76 Interview

hakin9 team

Interview with Marcus J. Ranum

78 Self Exposure

Monika Drygulska

Richard Bejtlich, Harlan Carvey

DEFENSE

52 Vulnerabilities Due

to Type Conversion of Integers

DAVIDE POZZA

In this article the author presents the nature of type conversion. He explains

how C's type conversions work, how vulnerabilities can be caused by unsafe

type conversions and how to review C code for such vulnerabilities. Last but not

least, you will get to know how to prevent them.

80 Book Review

Marius Rugan

The Oracle Hacker's Handbook: Hacking

and Defending Oracle

Marcin Jerzak

Defeating the Hacker. A Non-Technical

Guide to IT Security

60 Authentication and Encryption Techniques

ROBERT BERNIER

Part II of a three-part series on Postgres. This article is to present ideas

that can be used to mitigate threats presented in first part, using various

authentication and encryption technologies that are available on Linux and

other UNIX-like operating systems.

82 Coming Up

Monika Drygulska

Topics that will be brought up in the

upcoming issue of hakin9.

3/2008

HAKIN9

~ t q w ~

Plik z chomika:

Inne pliki z tego folderu:

Inne foldery tego chomika: