Posted: Sat Jan 01, 2005 4:17 pm Post subject: Dec '04 SFDC Column
December SFDC Column
Well this has been another great year for us at Security Forums. Our membership has passed the twenty thousand mark, and continues to rise. A round of applause for us all for everyone from the members, trusted sources, moderators, and administrators are what make this place the best site on the web today. Sorry for the past couple of days and the downtime we suffered. There were some technical difficulties that have now been ironed out. Well with that out of the way lets take a look at some of this months more interesting posts.
Have you made the switch yet?
An interesting post was made in the newbies section by copedawg. It concerned who had switched web broswers from Internet Explorer to a more secure browser such as say Firefox amongst others. This is a good point to raise for even CERT-CC is advising people to switch from Explorer to anything else. Should you wish to retain Internet Explorer then you would be well advised to read this as it guides you through a quick “health check”. I personally heartily endorse Firefox as it is both free, and imho better.
Learn to walk before you run
This post is to highlight a problem that many of us encounter here on the forum. Wanting to learn is a very laudable goal, but you must first lay the building blocks before the wall is complete. In this case a new member wishes to learn how to exploit certain vulnerabilities. This is an excellent exercise in security as it helps you understand how things work, and more importantly are broken. Problem is though as this thread shows is that you must have a solid foundation of knowledge before you begin to play with exploits in a lab environment. To simply compile and use an exploit is wasted time unless you can interpret the results of what happened. This is not to pick on the poster of this thread, but merely to highlight that you need an understanding of TCP/IP, and some programming principles before you move onto exploit code. Once you have this under your belt you will understand far more and be able to ask more informed questions. That in turn will lead to your receiving better answers. To use an often overused term “hacking” is all about learning, and often learning is best done on ones own.
File sharing in win32 environment
A post was made that indicated a user was having problems with file sharing on his LAN which was composed of win32 clients. The reason I chose to highlight this post is that it really addresses the need to approach a computer related problem, or any other for that matter in a methodical way. Not only that but also it is imperative that when someone posts this type of problem that a full description of the LAN is included. As we can see in this thread the poster is asked if the firewalls are down, and is file sharing enabled as well. These are some of the first things that must be checked. In essence you need to find the break point. At which point in the chain of events does it break? Though we never did really find out what the problem actually was this stresses the need to fault find in a logical way. This can and should include looking at the packets themselves to see what is actually happening.
A true hack
Once again M3DU54 brings us another fine post. M3DU54 states that he wants to be able to execute code on a locked down computer using only an AT or PS2 connector on a dongle. Interesting stuff indeed for there definitely exists these types of high assurance LAN environments. The reason this post was chosen is that it exemplifies just what hacking is all about. Not everyone and actually quite few of us have the skill level of M3DU54, but to be able to see how someone of this talent would approach such a problem is quite enlightening. One would need to have some very good programming skills to be able to execute this, and that is something you just can’t get away from. If you want to excel in computer security you must be able to program. There is no way around it, which is why I am also taking my own baby steps into the world of C and ASM. It is a humbling experience to veer from the path of my known skill set.
You’re in; now what?
I started this post myself, as I was curious to see what people had as part of their survey kit. There are quite a few professional pen testers on this forum, and I thought it might be a good idea to share thoughts on what you would ferry over once a machine is compromised. This is what I mean by a survey kit; now that you are in what would you transfer over to further your penetration of the network? With the availability of exploit code out there today breaking into a machine with little protection does not take a great deal of talent. What do you do once you are there though does. We see that some members said that netcat was useful. Not particularly though seen as you are already in the network. MattA had some good suggestions with getadmin and pipeupadmin. Personally I would transfer over a cli scanner, and packet sniffer which did not require installation such as windump. That being said the target network you are after as a pen tester will also dictate what you are going to use. I personally don’t do pen testing for a living but it does not take a great stretch of imagination to do it as I have my own home lab to play in. Knowing what may be transferred over may also help you to find what may be on your network already.
Personally speaking this had been another great month, and I also hope to be able to further my studies of programming. Should I get stuck I know where to go and find help. I would like to wish you all a prosperous new year, and good health to you and yours.
Last edited by alt.don on Tue Feb 01, 2005 11:31 pm; edited 1 time in total
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum