I had presented general method of network & computer forensics for Depkominfo at November, 23th, 2011. You can enjoy my presentation on my slideshare below:
People have talked so many things about how to hack the network, but do they remember data communication modeling? do they know how large network hacking scope? or they just know arp spoofing, dns poisoning, and denial of service? To understand complete (nearly?) process network hacking, they have to undestand data communication modeling like DoD (TCP/IP) model or most commonly used OSI model.
By undestanding OSI model concept, knowing all technology related to each OSI layer, and defining each vulnerability which may occurs on each layer they will know how large or how many technology should be assessed on the network or which technology may possesed vulnerability. This presentation try to tell everyone how to understand network hacking from its basic, yeah from OSI model concept. You can read it here!
Understanding shell scripting is one step to make efficient your work with linux command. Some times we have to work with complex shell command every day and type it repetively. Without shell scripting we have to type all of that command manually and wasting our time. This paper has been presented in PT. Datacomm Diangraha at 8-10th May 2010, which contents of,
Table of Content
1. Basic Shell Scripting
a. Redirections & Pipes
i. Redirections
ii. Pipes
b. Variables
c. Conditional & Looping Statements
i. Conditional if .. then
ii. Conditional if .. then .. else
iii. Conditional switch .. case
iv. Looping for
v. Looping while
vi. Looping until
d. Introduction Bash I/O Scripting
i. Using read
ii. Using command line argument
e. Arithmetic & Strings Operations
i. Arithmetic Operations
ii. Strings Operations
2. Advanced Shell Scripting
a. Array
b. Regular Expression
i. Grep
ii. Awk
iii. Sed
c. System Administrative Command Scripting
d. Aliases
e. Functions
f. I/O Redirections
g. Using /dev & /proc
i. Using /dev
ii. Using /proc
h. Security Issues
i. Code Poetry
3. Shell Scripting in Practice
a. Creating & Scheduling Automatic Backup
b. Creating & Scheduling Automatic File Integrity Checker
c. DomainToIP Enumeration Script
d. Start & Stop GRE Tunneling Script
e. Automatic Default Routing Switcher Script
f. Start & Stop Firewall Script
g. Start & Stop Bandwith Management Script
h. Datacomm needs?? Q&A
Just download this paper at here and all bash script presented here. Oke, that’s all and hope it help! Enjoy
Can you imagine our indonesian internet core routing to be shutted down? None can browse their email, open facebook, or just search through google. Can you imagine indonesian internet banking stopped working for a while? Automatic Teller Machine (ATM) won’t work to response your request? That’s all just the lowest risk when core routing to be compromised.
Can you imagine when your confidential data to be sniffed without none notice it? Can you imagine when your username and password to be stealed? Oh that’s not big deal huh? But try to imagine your banking transaction to be intercepted and modified, yeah that’s the real fear on digital world. Hell yeah, this paper explains you how that problems are possible. This paper try to tell you how weak our indonesian core routing infrastructure, check it out!
Thinking how to backdoor & keylog website in unusual way is something that fun to be implemented. Kiddies usually use public backdoor to come back to compromised server or website, dumping the database, and cracking hash of confidential information likes password and CC number. Public backdoor is somewhat easy to be detected by administrator while hash cracking sometimes gives no result.
Modifying source code of website to be a backdoor and keylogger is not kind of new technique, but just few kiddies know about this. By modifying the source code, we can make more invisible backdoor than using public ones. We also can record confidential information likes password and CC number in plaintext, so we don’t have to crack it. I have implemented this technique in phpbb3, modifying its source code become backdoor & keylogger. This concept can be used to modify ecommerce application so just try to imagine when your CC number being stolen.
Download my paper, presentation, and phpbb3 patch which has been presented in STIMIK Palcomtech Palembang.
This is my presentation in STIMIK Dipanegara Makasar. I try to describe Web and Wireless exploitation conceptually & technically. This presentation consist of:
- Web Hacking; I try to describe top 3 web exploitation, SQL Injection, File Inclussion, and Cross Site Scripting (XSS). My explanation are including SQL injection in login form, SQL injection in URI parameter, Local File Inclussion, Remote File Inclussion, DOM based XSS, Non-persistent XSS, and persistent XSS.
- Wireless hacking; I try to describe how to do war driving and how to exploit wireless network. Exploiting wireless network includes how to spoof MAC address, creating Rogue AP, Cracking WEP, Cracking WPA-PSK, and Denial of Service (DoS).
This presentation is not including how to defend that kind of attacking, but i’m sure this presentation is cool enough to start learning Web & Wireless Hacking. Download my presentation here.
Password cracking which uses some computers to accelerate password cracking process. It usually uses computer clusters and some software to support parallel computing. Some known software to do parallel computing in cluster computers are:
- John The Ripper and Condor, John works as password cracker while Condor works as scheduler which parallelizes cracking proccess and distributes it to clusters.
- John The Ripper and Djohn, John works as password cracker while Djohn works as client-servers application which parallelizes cracking proccess and distributes it to clusters.
- Medussa, password cracker which’s originally designed to do parallel password cracking. It contains client servers application to parallelize cracking proccess and distribute it to clusters.
- John The Ripper with MPI patch, john which’s developed using MPI programming. MPI is standard de facto for parallel programming which’s implemented on some softwares i.e : OpenMPI, MPICH, and LAM/MPI.
Our presentation describes how to do parallel cracking using John The Ripper with MPI patch. We use 15 dual core computers and LAM/MPI in distributing cracking proccess. Download our presentation here.
The complete title is “global trend attack in local network“, this is my presentation in Telkom RDC Bandung at last 2007. It’s old but still nice enough to know what threats may disturb your network. Download my presentation here.
This presentation explains top 6 flaws which’s commonly exploited in Local Network. They are:
- Spoofing; ARP Spoofing, IP Spoofing, DHCP Spoofing, DNS Spoofing are commonly exploited.
- Man In The Middle; Using some spoofing techniques to do Man In The Middle attack.
- Sniffing; Combining Man in The Middle with some tricks to passively intercept communication in Local Network.
- TCP/IP Hijacking; Doing active sniffing and modificating data traffic to take over active TCP/IP connection.
- Remote Code Execution; Using some software application flaws to exploit local network infrastructure. Buffer Overflow and Format String are the most common flaws to be exploited in Local Network.
- Denial of Service; Most powerful denial of service (DoS) comes from Local Network.
This presentation is completed with ways to defend this attacks and minimize security risks.