Understanding Unix/Linux Hacking Techniques

Slide Note
Embed
Share

Explore Unix/Linux hacking techniques including footprinting, scanning, enumeration, vulnerability mapping, remote access, data-driven attacks, buffer overflow, input validation, and countermeasures. Discover methods to gain root access, exploit vulnerabilities, perform brute force attacks, and secure your system against malicious intrusions.

christio
christio Follow

Uploaded on Sep 23, 2024 | 0 Views

Download Presentation

Please find below an Image/Link to download the presentation.

The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author. Download presentation by click this link. If you encounter any issues during the download, it is possible that the publisher has removed the file from their server.

E N D

Presentation Transcript

  1. Hacking Unix/Linux

  2. Footprinting, Scanning, Enumeration Footprinting: Similar to Windows but using different tools: Network enumeration: using whois and finding authoritative name server. DNS interrogation: using nslookup for zone transfer , host to find e-mail server, and traceroute for network reconnaissance. Also dig. Ubuntu desktop: use System, Administration, Network Tools for ping, whois, traceroute, etc. Scanning: again similar to Windows with different tools : Nmap and Nmapfe: use sudo apt install nmap and sudo apt install nmapfe to setup. Use sudo nmapfe for graphical interface. ping sweeps, port scanning: tcp and udp, OS detection. Countermeasures: Snort and Psionic Port Sentry: Documentation. (seen later in IPS/IDS) Enumeration: UNIX enumeration. UNIX Users and group enumeration: finger (see this example) and tftp should be disabled and killed. Basic daemons: sendmail, rpc, NFS, NIS -- all have known vulnerabilities, setup and latest security patches should be applied carefully.

  3. Getting started Vulnerability mapping: identify specific software vulnerabilities (e.g. sendmail, telnet, ftp, NFS, apache). Quest for root: root or nothing ? sudo su - Remote access: gaining access via the network exploit a listening daemon/service a UNIX system performing routing with IP forwarding enabled user-initiated remote execution (hostile Web site, Trojan horses, etc) Local access: having access to a shell or login to the system privilege escalation attacks (from login to root) once a remote access exploits a vulnerability it gains local shell accessBrute force attacks: (we will see again John the Ripper in Linux but not Hydra) remote login programs: telnet, ftp, rlogin.rsh,ssh, http plus a tool to crack the username/password combination. The /etc/passwd file. You should use shadow passwords. Countermeasures: password education and software (e.g. checkpassd)

  4. Remote access Data driven attacks: sending data to an active service that causes unintended results, generally allowing access to the system Buffer Overflow: same Windows vulnerabilities (C programs). Countermeasures: basically good programming practices, testing, auditing, safer compilers, etc. Input Validation: failure in validating input and accepting extraneous input (hack code!!!). Produces similar results to buffer overflow and the countermeasure is the same: safe programming. Shell access: after gaining access using a data driven attack the first objective is to open a shell window to enter commands. Traditional shell access: telnet, rlogin,ssh (admins can close most). Using X-Windows to run xterm in the remote (target) machine and display in the intruder machine, using its client/server features. Reverse telnet and back channels: admins can remove X, then what? Run nc (netcat) in the intruder and run malicious code in the target creating a telnet connection from target to intruder. Countermeasures: remove X (servers), chmod 750 telnet (Linux, root only), better yet only use ssh. There are many ways to identify and exploit vulnerabilities using Kali Linux tools. Here is an youtube video example.

  5. Common remote access attacks FTP: do not run anonymous FTP in the same server you have regular accounts and ftp with user authentication. Keep up to date with vulnerabilities (e.g. wu-ftpd, a popular ftp, had a vulnerability in exec). Better yet, only use ssh/scp. Sendmail: a very complex mail server (over 80,000 lines of code), which few understand. It is needed in almost all UNIX machines and in most cases should not be disabled. Qmail is a potential replacement. Remote Procedure Call: rpcinfo (as root) let us see the running rpc services. Best defense is to limit the use of RPC services to the minimum. NFS: do not export the file system to everyone, or enable NFS selectively (not active in the MISLab), files saved locally, not in the network. DNS: disable BIND in machines NOT used as DNS servers (type ps aux to see what processes are running, also look for /etc/name.boot). Discussing named is beyond the scope of this course (another difficult daemon to setup safely). Test for buffer overflow using dig @ipnumber version.bind chaos txt X Windows: use xhost to add, delete, names and hosts which can access X-Windows. Not a strong line of defense. Again, remove X-Windows from servers Again we will use Kali Linux to attempt attacks like Cross-Site Script, Buffer Overflow, etc.

  6. Local access Password cracking: We cannot decrypt a password, we use a dictionary, or other type of algorithm to generate passwords, encrypt them using the crypt function, DES, etc, and compare with hash in the passwd file. Crack 5 (Info in Ubuntu) and John the Ripper (Configuration) are two of the best of the breed. Local buffer overflow: same problems and countermeasures. Symlinks: ln -s /this /that, when you cat this you see that. Signals in UNIX: you re- start, start, stop daemons sending signals: SIGXXX. Core dump: memory (core) dumps are snapshots of the memory when an error occurs. Delete it or it stays. ulimit set to 0 cancel core dumps. Shared libraries: replace a standard library file with a rogue one, granting privileges to the intruder, when used. Kernel problems: upgrades to the kernel may create security flaws, which will be found, patched, etc. Linux particularly vulnerable (growing). File and directory permissions: SUID files -- a necessary evil. Some applications need to run as root and be used by regular users (solution: SUID). The find command list these files, and there are many of them. World writable files are another problem.

Related


Understanding UNIX and Linux Operating Systems

Understanding UNIX and Linux Operating Systems

eluned
Linux Administration Essentials: A Comprehensive Training Program

Linux Administration Essentials: A Comprehensive Training Program

wecu536
Introduction to Linux System Administration

Introduction to Linux System Administration

pspec
Overview of UNIX System Protection

Overview of UNIX System Protection

bkre
Unveiling Google Hacking Techniques

Unveiling Google Hacking Techniques

aren_ra
CS252 Systems Programming Course Overview

CS252 Systems Programming Course Overview

siip640
Understanding Filesystems and Inodes in UNIX

Understanding Filesystems and Inodes in UNIX

eashw
Understanding Linux Services and Internals

Understanding Linux Services and Internals

savanna
Introduction to Linux System Administration

Introduction to Linux System Administration

herbert
Introduction to Unix-like Systems and Shell Interaction

Introduction to Unix-like Systems and Shell Interaction

lilac
Understanding CP and MV Commands in Unix/Linux

Understanding CP and MV Commands in Unix/Linux

charlie
Understanding the Make Utility in Linux/Unix Operating Systems

Understanding the Make Utility in Linux/Unix Operating Systems

cali_ely
Understanding the AWK Utility in Unix/Linux

Understanding the AWK Utility in Unix/Linux

asty_99
Introduction to Bash Shell Programming

Introduction to Bash Shell Programming

carmelo
Introduction to Linux Shell for CSE 374 Course

Introduction to Linux Shell for CSE 374 Course

bronwyn
Linux Course Overview and Content for Digital Library Training

Linux Course Overview and Content for Digital Library Training

cassian
Introduction to Linux Shell Scripting

Introduction to Linux Shell Scripting

mariyah
Overview of the Linux Boot Process

Overview of the Linux Boot Process

broo_2
Introduction to UNIX Programming Languages and Program Development

Introduction to UNIX Programming Languages and Program Development

dae_b
Understanding UNIX System Permissions and User Terminology

Understanding UNIX System Permissions and User Terminology

kynsieb
Understanding Unix Shells: A Comprehensive Overview

Understanding Unix Shells: A Comprehensive Overview

iza_va
Understanding Man-in-the-Middle Attacks and Network Security Threats

Understanding Man-in-the-Middle Attacks and Network Security Threats

crash
Understanding Linux File Permissions and Security Practices

Understanding Linux File Permissions and Security Practices

smal_be
Geoscientific Data Analysis Using Unix and GMT: Practical Methods and Techniques

Geoscientific Data Analysis Using Unix and GMT: Practical Methods and Techniques

fitzpatri

More Related Content

Understanding TCP/IP Networking Tools in Linux Administration
Understanding TCP/IP Networking Tools in Linux Administration
Understanding Program Execution in Linux
Understanding Program Execution in Linux
Introduction to Linux Command Line
Introduction to Linux Command Line
Stack Based Attacks in Linux (an intro)
Stack Based Attacks in Linux (an intro)
Protecting Your Work Environment from Hacking Threats
Protecting Your Work Environment from Hacking Threats
Strategies for Growth Hacking in Child Welfare Tech Entrepreneurship
Strategies for Growth Hacking in Child Welfare Tech Entrepreneurship
Understanding User Datagram Protocol (UDP) in Unix and Network Programming
Understanding User Datagram Protocol (UDP) in Unix and Network Programming
Understanding User Accounts and Directory Services in Network Computing
Understanding User Accounts and Directory Services in Network Computing
Understanding Unix Process Management
Understanding Unix Process Management
Evolution of Operating Systems: From Mainframe Computers to Unix
Evolution of Operating Systems: From Mainframe Computers to Unix
Introduction to Awk: Powerful Text Processing Tool in UNIX
Introduction to Awk: Powerful Text Processing Tool in UNIX
Evolution of DevOps in Technology Through Images
Evolution of DevOps in Technology Through Images
The Power of Unix Command Line Basics for Text Processing in Bioinformatics
The Power of Unix Command Line Basics for Text Processing in Bioinformatics
Understanding Privilege Escalation in Windows and Linux Systems
Understanding Privilege Escalation in Windows and Linux Systems
Understanding AARCH64 Linux Kernel Memory Management
Understanding AARCH64 Linux Kernel Memory Management
Overview of C Programming Language
Overview of C Programming Language
Understanding User and Group Permissions in Linux Systems
Understanding User and Group Permissions in Linux Systems
Understanding Linux Process Scheduling and Priorities
Understanding Linux Process Scheduling and Priorities
Understanding Linux User Capabilities and Namespace Management
Understanding Linux User Capabilities and Namespace Management
Understanding Dump and Restore for Backups on OpenBSD and Ubuntu Linux
Understanding Dump and Restore for Backups on OpenBSD and Ubuntu Linux
Understanding Common Injection Attacks in Windows and Linux Systems
Understanding Common Injection Attacks in Windows and Linux Systems
Understanding Linux Processes and Controlling Them
Understanding Linux Processes and Controlling Them
Basic Linux Commands Overview for Embedded Programming and Robotics
Basic Linux Commands Overview for Embedded Programming and Robotics
Understanding File Permissions and Ownership in Linux
Understanding File Permissions and Ownership in Linux