hakin9_StarterKit_03.pdf

~ t q w ~

~ t q w ~

~ t q w ~

Meet your enemy

If you know the enemy and know yourself you need not

fear the results of a hundred battles – Sun Tzu.

It is vital to get to know the enemy in order to ight him

effectively. Per analogia, all IT security specialists should

learn not just the aspects of network defense but also the

offensive tools and techniques used.

We trust our software and use it to run and manage

our business and data. It might be very risky to do so

and not to check and supervise the software quality and

security regularly.

This issue of hakin9 STARTERKIT will help the reader

to understand the basics of breaking the software and

hence – getting to know where the dangers come from

and what can be done to protect out systems better.

One of the most interesting ways of learning computer

security is analysing and studying how the crackers oper-

ate – studying their methods and tools as well as their way

of thinking.

This edition of hakin9 STARTERKIT aims in show-

ing some aspects of exploiting software to make your IT

security education more exciting and multidimensional.

We will provide you with a practical guide to the most

popular forms of attacking software that is run on your

computers.

You will ind a great general introduction to the topic of

software Exploitation. We will introduce articles on Cryp-

tography attacks, man-in-the-middle attacks and SQL

Injection attacks – all which represent serious threats to

any database-driven sites.

Ken Cutler, vice president of Curriculum Development

&Professional Services, stated that the root cause for

most of today's Internet hacker exploits and malicious

software outbreaks are buggy software and faulty secu-

rity software deployment . Let's start learning to prevent

these cases together!

Apart from the interesting and informative articles on

exploiting software, hakin9 STARTERKIT team prepared

some surprises for our readers. You may ind them on a

CD attached to your copy of the magazine. Apart from

BackTrack as a new engine for hakin9.live you will have

a chance to use our specialized versions of applications

related to IT security.

To those of you who wish to get acquainted with

Offensive Security tools and techniques, we recommend

visiting the Offensive Security website ( www.offensive-

security.com ). For those who wish to further their knowl-

edge and gain an intimate understanding of software

exploitation techniques, we recommend the book by Greg

Hoglund and Gary McGraw – Exploiting Software. How to

Break the Code .

CD Contents

Magdalena Błaszczyk

What's new in the latest BackTrack hakin9.live and

what must-have applications you will ind (There is 8

of them in this edition of hakin9 STARTERKIT !).

Exploiting Software 10

Sacha Fuentes

A computer without software is only a piece of

hardware which can't do anything. So when we are

talking about hacking a computer we should refer

to it as hacking the software that runs it. The author

shows the techniques used to exploit compiled

software.

About Software

Exploitation & Malwares 20

Gilbert Nzeka

After reading this article you will know principles of

software exploitation,you will learn how to disassem-

ble software, how to create your own rootkits, how to

create a personalized GINA or hack malware in order

to mislead security software.

Practical Double Return

Address Exploitation 32

Mati Aharoni

This writing provides some great information on an

interesting exploitation method. It also shows that

buffer overlows are fun!

SQL Injection Attacks

with PHP and MySQL 42

Tobias Glemser

Having read this article you will learn the basic

techniques of SQL Injection , Union Select attacks

as well as what are magic_quotes and what they are

used for.

Finding and Exploiting

Bugs in PHP Code 48

Sacha Fuentes

The author shows the most popular lavours of input

validation attacks and presents common design

errors in PHP scripts.

We wish you fruitful studies!

hakin9 STARTERKIT team

www.hakin9.org/en

hakin9 starter kit 3/2007

~ t q w ~

Practical IT Security Solutions for Newbies

Reverse Engineering

ELF Executables

in Forensic Analysis 56

Editor in Chief: Ewa Dudzic ewa.dudzic@software.com.pl

Editor: Magdalena Błaszczyk magdalena.blaszczyk@hakin9.org

Contributing Editor: Shyaam Sundhar R. S., Steve Lape

DTP Director: Marcin Pieśniewski marcin.piesniewski@software.com.pl

Art Director: Agnieszka Marchocka

agnieszka.marchocka@software.com.pl

CD: Rafał Kwaśny

Proofreaders: N. Potter, D. F. Leer, M. Szuba, Kelley Dawson

Top betatesters: Wendel Guglielmetti Henrique, Justin Seitz,

Peter Hüwe, Damian Szewczyk, Peter Harmsen, Kevin Bewley,

Marek Janiczek

The article provides information on how to disas-

semble an ELF executable and how to apply reverse

engineering techniques in forensic analysis of a Linux

system.

President: Monika Nowicka monika.nowicka @software.com.pl

Senior Consultant/Publisher: Paweł Marciniak pawel@software.com.pl

National Sales Manager: Monika Godlewska

monika .nowicka @software.com.pl

Production Director: Marta Kurpiewska

marta.kurpiewska@software.com.pl

Marketing Director: Ewa Dudzic ewa.dudzic@software.com.pl

Advertising Sales: Magdalena Błaszczyk

magdalena.blaszczyk@hakin9.org

Subscription: subscription@software.com.pl

Prepress technician: Marcin Pieśniewski

marcin.piesniewski@software.com.pl

Designing

a Crypto Attack on the Ccrp

(Bit Shufling) Cipher 68

Dale Thorn

You will get to know some most important things con-

nected with crypto attacks. The author writes about

the conventional attacks, about how to host and pre-

pare the crypto attack.

Publisher: Software Media LLC

(on Software Publishing House licence www.software.com.pl/en )

Postal adderss:

Software Media LLC

1461 A First Avenue, # 360

New York, NY 10021-2209

USA

Tel: 001 917 338 36 31

www.hakin9.org/en

Introduction to IPv6 72

Gr@ve_Rose (Sean Murray-Ford)

The author describes Internet Protocol version 6

(IPv6) – a network layer protocol for packet-switched

internet works, designated as the successor of Ipv4.

Sean also teaches how to connect your nix machine

to IPv6 as well as basic IPv6 setup.

Software LLC is looking for partners from all over the World.

If you are interested in cooperating with us,

please contact us by e-mail: cooperation@software.com.pl

Print: 101 Studio, Firma Tęgi

Printed in Poland

Man in the Middle Attacks 78

Distributed in the USA by: Source Interlink Fulfillment Division, 27500

Riverview Centre Boulevard, Suite 400, Bonita Springs, FL 34134

Tel: 239-949-4450.

Brandon Dixon

The author explains what is a Man in the Middle

Attack and how to use it with speciic tools. This writ-

ing provides also a quick overview of sub attacks and

ways to mitigate the attack

Distributed in Australia by: Gordon and Gotch, Australia Pty Ltd.

Level 2, 9 Roadborough Road, Locked Bag 527, NSW 2086, Sydney, Australia

Tel: + 61 2 9972 8800

Whilst every effort has been made to ensure the high quality

of the magazine, the editors make no warranty, express or implied,

concerning the results of content usage.

All trade marks presented in the magazine were used only

for informative purposes. All rights to trade marks presented

in the magazine are reserved by the companies which own them.

Check hakin9 magazine out in

Barnes&Noble stores!

To create graphs and diagrams we used program by

company.

CDs included to the magazine were tested with AntiVirenKit by G DATA

Software Sp. z o.o

The editors use automatic DTP system

ATTENTION!

Selling current or past issues of this magazine for prices that are

different than printed on the cover is – without permission of the

publisher – harmful activity and will result in judicial liability.

DISCLAIMER!

The techniques described in our articles may only be

used in private, local networks. The editors hold no

responsibility for misuse of the presented techniques

or consequent data loss.

hakin9 starter kit 3/2007

hakin9 Nr 2/2006

~ t q w ~

Plik z chomika:

Inne pliki z tego folderu:

Inne foldery tego chomika: