hakin9_2009_02_21.pdf

CONTENTS

team

Knowledge is a wonderful thing

W e all need to learn how to apply our knowledge, as well as to keep it up-to-

Editor in Chief: Ewa Dudzic ewa.dudzic@hakin9.org

Executive Editor: Monika Świątek

monika.swiatek@hakin9.org

Editorial Advisory Board: Matt Jonkman, Rebecca

Wynn, Rishi Narang, Shyaam Sundhar, Terron Williams,

Steve Lape, Peter Giannoulis

date with the ever-changing advances in computing and technology. Here

at Hakin9 magazine we sometimes publish difficult and slippery topics and

we are forced to switch between White hats and Black hats on a regular basis. People

ask us, Where is the morality with what you do? The editors at Hakin9 have to play the

difficult moral game of determining what is good and what is bad in order to provide

the best articles to our viewers.

In that context, this issue of Hakin9 you will find a number of valuable articles

that you can choose from. Marco describes a real world example of a Clickjacking

attack – a vulnerability that never seems to go away. Robert Hansen and Jeremiah

Grossman prove that Clickjacking is still dangerous and will make you think twice

before clicking on that next link. Marco will show you how to avoid click stealing. While

Antonio claims that it is more interesting to find a web server that you can easily hack

Frameworks on. His article on Backdooring Frameworks, demonstrates how to inject

a backdoor inside the Membership Authentication service. You will also find an article

by Mary Ellen, which explains how benchmarking your Physical Security can affect your

environment. She shows us that it is not hard to find how many threats are poised to

attack us everyday. Some are the result of system or software imperfections, others

are caused by human errors and mistakes. It is never too late to learn new topics or to

improve on our knowledge to make our environment safer.

Hakin9 magazine is here to help you expand your knowledge and to stay informed

of computing vulnerabilities, whether you wear a White or Black Hat. Our job is simply to

provide you with the knowledge. It is your decision on how you use that knowledge. If you

have any ideas you would like to share with us, please write to us at editors@hakin9.org .

Kind regards

Hakin9 Team

DTP: Ireneusz Pogroszewski , Przemysław Banasiewicz,

Art Director: Agnieszka Marchocka

agnieszka.marchocka@hakin9.org

Cover’s graphic: Łukasz Pabian

CD: Rafał Kwaśny rafal.kwasny@gmail.com

Proofreaders: Neil Smith, Steve Lape, Michael Munt,

Monroe Dowling, Kevin Mcdonald, John Hunter, Michael

Paydo, Kosta Cipo

Top Betatesters: Joshua Morin, Michele Orru, Clint

Garrison, Shon Robinson, Brandon Dixon, Justin Seitz,

Donald Iverson, Matthew Sabin, Stephen Argent, Aidan

Carty, Rodrigo Rubira Branco, Jason Carpenter, Martin

Jenco, Sanjay Bhalerao, Avi Benchimol, Rishi Narang,

Jim Halfpenny, Graham Hili, Daniel Bright, Conor Quigley,

Francisco Jesús Gómez Rodríguez,Julián Estévez,

Flemming Laugaard, Chris Gates, Chris Grifin, Alejandro

Baena, Michael Sconzo, Laszlo Acs, Nick Baronian,

Benjamin Aboagye, Bob Folden, Cloud Strife, Marc-Andre

Meloche, Robert White, Sanjay Bhalerao, Sasha Hess, Kurt

Skowronek, Bob Monroe, Chris Misztur, Michael Holtman,

Pete LeMay, James Broad

Special Thanks to the Beta testers and Proofreaders who

helped us with this issue. Without their assistance there

would not be a Hakin9 magazine.

Senior Consultant/Publisher: Paweł Marciniak

Production Director: Marta Kurpiewska

marta.kurpiewska@hakin9.org

Marketing Director: Ewa Dudzic

ewa.dudzic@hakin9.org

Circulation and Subscription Manager:

Ilona Lepieszka ilona.lepieszka@hakin9.org

Subscription: customer_service@hakin9.org

Publisher: Software Wydawnictwo Sp.z.o.o

02-682 Warszawa, ul. Bokserska 1

Worldwide publishing

Business addres: Software Media LLC

1521 Concord Pike, Suite 301 Brandywine

Executive Center Wilmington, DE 19803 USA

Phone: 1 917 338 3631 or 1 866 225 5956

www.hakin9.org/en

BASICS

Software Media LLC is looking for partners from all

over the World. If you are interested in cooperating with

us,please contact us at: cooperation@hakin9.org

18 Analyzing Malware

JASON CARPENTER

Malware is software designed to infiltrate or damage a computer system

without the owner's informed consent. This article is an introduction to

analyzing malware. Jason will take you through the basic steps you need to

perform in order to understand what malware is doing to your systems.

Print: 101 Studio, Firma Tęgi Printed in Poland

Distributed in the USA by: Source Interlink Fulfillment

Division, 27500 Riverview Centre Boulevard, Suite 400,

Bonita Springs, FL 34134, Tel: 239-949-4450.

Distributed in Australia by: Gordon and Gotch, Australia

Pty Ltd., Level 2, 9 Roadborough Road, Locked Bag 527,

NSW 2086 Sydney, Australia, Phone: + 61 2 9972 8800,

Whilst every effort has been made to ensure the high quality

of the magazine, the editors make no warranty, express or

implied, concerning the results of content usage.

All trade marks presented in the magazine were used only

for informative purposes.

All rights to trade marks presented in the magazine are

reserved by the companies which own them.

To create graphs and diagrams

we used program by

ATTACK

24 Metasploit Alternate Uses

for a Penetration Test

STEPHEN ARGENT

The Metasploit Framework is a program developed by Metasploit LLC.

Stephen teaches you what the Metasploit project is. He also shows how to use

Metasploit to tunnel from inside a corporate network when an external firewall

is impenetrable, and then how to exploit the internal network from there.

Cover-mount CD’s were tested with AntiVirenKit

by G DATA Software Sp. z o.o

The editors use automatic DTP system

Mathematical formulas created by Design Science

MathType™

ATTENTION!

Selling current or past issues of this magazine for

prices that are different than printed on the cover is

– without permission of the publisher – harmful activity

and will result in judicial liability.

DISCLAIMER!

The techniques described in our articles may only be

used in private, local networks. The editors hold no

responsibility for misuse of the presented techniques

or consequent data loss.

34 Backdooring Frameworks

ANTONIO FANELLI

Frameworks can be easily backdoored. The most interesting thing is that

if people have access to the web server they can hack frameworks too

easily. In his article, Antonio presents how simple it is.

4 HAKIN9

CONTENTS

42 The Real World Clickjacking

MARCO LISCI

Marco describes a real world example of the Clickjacking attack. This attack

is based on HTML and CSS hacks. You see a way that a bad hacker can

use to steal common users clicks on a web site. These clicks can be used

for whatever the hacker wants. Marco presents this attack for the purpose of

understanding this issue and trying to avoid a click steal.

REGULARS

06 In Brief

Selection of news from the IT security

world.

Armando Romeo &

www.hackerscenter.com

48 Apple Super Drive. Set It Free

MARCO RAMILLI

Last year Apple came out with MacBook Air and with it a CD/DVD reader

and writer for the smallest Personal Computer in the world. Marco explains

how easy it is to hack ”closed devices” by replacing modified controllers with

standard ones.

08 ON THE CD

What's new on the latest hakin9.live CD

– a great number of fully functioning

versions and special editions of

commercial applications.

hakin9 team

DEFENSE

14 Tools

Ettercap

Marco Figueroa & Anthony L. Williams

Acunetix Web Vulnerability Scanner

Version 6.0

Jose Ignacio Peralta Bosio

52 Mapping HTTP Interface Embedded Devices

ADITYA K SOOD

The target of Aditya’s article is to disseminate the HTTP responses and dissect

the changed HTTP parameters by intermediate device to trace the actual

information about the device. Aditya discusses the generic approach of

detecting the HTTP interface of embedded devices.

74 Emerging Threats

Making Open Security Research

Sustainable

Matthew Jonkman

58 How Does Your Benchmark of Physical Security

Affect Your Environment?

MARY ELLEN KENNEL

Many of us are familiar with the equation: Risk = Threat x Vulnerability x

Consequence and we have also learned that in order to make the most

sense of that equation we must define, and then weigh, those three variables.

Mary Ellen presents how your benchmark of physical security affects your

environment.

76 Interview

An interview with Raffael Marty

Hakin9 Team

78 Self Exposure

Mary Ellen Kennel, Martin McKeay

Hakin9 Team

62 iPhone Forensics

TAM HANNA

Gangsters, hoodlums, and a variety of nightlife users love iPhones. If you want

to be a successful street user owning an iPhone is an absolute necessity. While

this is bad for all who are robbed of their iPhones, law enforcement benefits

greatly due to the iPhone’s vulnerability to forensics.

80 Book Review

Hacker's Challenge 3

Network Security Hacks

Michael Schratt

How To Cheat At VoIP Security

Monroe Dowling

Applied Security Visualization

Igor Mozolevsky

66 Safer 6.1

TAM HANNA

Microsoft's Windows Mobile currently dominates the mobile computing market,

and thus is under permanent attack from new (Google's Android) and old

(Symbian, Palm OS) competitors. In an attempt to keep its market position

secure, Microsoft decided to tackle the topic of corporate device management

with Windows Mobile 6.1.

82 Upcoming

Topics that will be brought up in the

upcoming issue of hakin9

Monika Świątek

Credits to NNP

In Hakin9 issue 5/2008 print editions we published an article about VoIPER: VoIP Exploit Research Toolkit and,

due to our error we included wrong name of the article author, by mistake. We apologise to NNP for this error.

We would like to thank NNP for collaborating with the Hakin9 team and writing an article on VoIPER: VoIP

Exploit Research Toolkit.

HAKIN9

Plik z chomika:

Inne pliki z tego folderu:

Inne foldery tego chomika: