CDIC 2008
How to Attack by virus
1. Create virus (or bat file normaly)
2. Find some application
3. Join it with executable files joiner (sample MicroJoiner)
4. Send >>>
How to dump password
1. Cain run on local.
2. Get sam file and crack anywhere.
3. Sniff it!
How to
1. Scan by SQL scan (Found stone)
2. Run by sqlexec (Written by sunx)
http://www.virustotal.comสำหรับทดสอบ Application ว่าติดไวรัสหรือไม่
ประกอบด้วยฐานข้อมูล Antivirus กว่า 30 Brand
Security Checklist
- http://checklists.nist.gov/
- http://iase.disa.mil/stigs/checklist/
Security Tools
http://sectools.org
MMC = Microsoft Management Console
BDD = Business Desktop Deployment
SMS = Systems Management Server
DamwareNT(DNTU5x) = Remote Installation Service
CEH = Certified Ethical Hacker
Create user and add to administrators group.
net user xxx password /add
net localgroup administrators xxx/add
www.actualtests.com
?show=downfile&file=xxcodexx.zip (sample 350-108)
Predict OS
TTL = 64 = Linux
TTL = 128 = Window
TTL = 255 = HW
How to Spam mail
1. Enable Email service on Windows 2003R2
2. In POP3 service add new mail box
3. Setup Outlook express connect to pop3 (for test)
Testing:
#### Send Mail -SMTP #####
telnet /CR
set localecho /cr
open 192.168.111.200 25 /cr
HELO /cr
Mail from: billgate@microsoft.com /cr
RCPT to: 1@acis.net /cr
DATA /cr
From: billgate@microsoft.com /cr
To: 1@123.net /cr
Subject: Give more money /cr
Money Money /cr
. /cr
#### Get Mail -POP3 :110 ####
user user1@123.net
pass password
list
stat
retr 1
dele 1
quit
Make Banner Identification
Telnet xxx.xxx.xxx.xxx 80
Return >>>>> OS and App
Metasploit framework
1. run >> MSFUpdate
> Type T
2. run >> MSFWeb
3. Open IE >> //127.0.0.1:55555
Cross site script attact (XSS) demo
.......
To Hardening
Install Microsoft security guide application
Run:MMC
(MMC = Microsoft Management Console)
+ Add and remove snapin
- Security Configuration and Analysis
> right click and open database
> right click and Analyse now
> right click and Configure Computer Now
- Security Templates
Software Restriction
run gpedit.msc
Computer configuration
>windows settings
>software restriction policies
>additional rules
>On right table right click and choose --> new hash rule
IP Security Policy
run gpedit.msc
Computer configuration
>windows settings
>IP Security Policy
> right click and choose
1. Create virus (or bat file normaly)
2. Find some application
3. Join it with executable files joiner (sample MicroJoiner)
4. Send >>>
How to dump password
1. Cain run on local.
2. Get sam file and crack anywhere.
3. Sniff it!
How to
1. Scan by SQL scan (Found stone)
2. Run by sqlexec (Written by sunx)
http://www.virustotal.comสำหรับทดสอบ Application ว่าติดไวรัสหรือไม่
ประกอบด้วยฐานข้อมูล Antivirus กว่า 30 Brand
Security Checklist
- http://checklists.nist.gov/
- http://iase.disa.mil/stigs/checklist/
Security Tools
http://sectools.org
MMC = Microsoft Management Console
BDD = Business Desktop Deployment
SMS = Systems Management Server
DamwareNT(DNTU5x) = Remote Installation Service
CEH = Certified Ethical Hacker
Create user and add to administrators group.
net user xxx password /add
net localgroup administrators xxx/add
www.actualtests.com
?show=downfile&file=xxcodexx.zip (sample 350-108)
Predict OS
TTL = 64 = Linux
TTL = 128 = Window
TTL = 255 = HW
How to Spam mail
1. Enable Email service on Windows 2003R2
2. In POP3 service add new mail box
3. Setup Outlook express connect to pop3 (for test)
Testing:
#### Send Mail -SMTP #####
telnet /CR
set localecho /cr
open 192.168.111.200 25 /cr
HELO /cr
Mail from: billgate@microsoft.com /cr
RCPT to: 1@acis.net /cr
DATA /cr
From: billgate@microsoft.com /cr
To: 1@123.net /cr
Subject: Give more money /cr
Money Money /cr
. /cr
#### Get Mail -POP3 :110 ####
user user1@123.net
pass password
list
stat
retr 1
dele 1
quit
Make Banner Identification
Telnet xxx.xxx.xxx.xxx 80
Return >>>>> OS and App
Metasploit framework
1. run >> MSFUpdate
> Type T
2. run >> MSFWeb
3. Open IE >> //127.0.0.1:55555
Cross site script attact (XSS) demo
.......
To Hardening
Install Microsoft security guide application
Run:MMC
(MMC = Microsoft Management Console)
+ Add and remove snapin
- Security Configuration and Analysis
> right click and open database
> right click and Analyse now
> right click and Configure Computer Now
- Security Templates
Software Restriction
run gpedit.msc
Computer configuration
>windows settings
>software restriction policies
>additional rules
>On right table right click and choose --> new hash rule
IP Security Policy
run gpedit.msc
Computer configuration
>windows settings
>IP Security Policy
> right click and choose
ความคิดเห็น