|
⇤ ← Revision 1 as of 2010-02-02 18:25:36
Size: 84
Comment:
|
Size: 2270
Comment:
|
| Deletions are marked like this. | Additions are marked like this. |
| Line 4: | Line 4: |
= Hacking Exposed Chapter 10: Hacking Code = == Common exploit techniques == === Buffer Overflows and Design Flaws === === Input Validation Attacks === === Stack Buffer Overflows === * Easiest and most devastating buffer overrun * A stack is the computer memory used when functions call other functions. * Occurs when a program writes to a memory address on the program's stack outside of the intended data structure ==== Countermeasures ==== * Practice safe and secure coding standards. * Check your code. * Consider prohibiting the use of old C runtime buffer functions. * Employ stack execution protection. * Use compiler tools. * Eavesdropping on network password exchange * Countermeasures * Man-in-the-middle attacks * Countermeasures === Remote Unauthenticated Exploits === * Network Service Exploits * Countermeasures * End-User Application Exploits * Countermeasures * Device Driver Exploits * Countermeasures === Authenticated Attacks === * Privilege Escalation * Countermeasures === Extracting and Cracking passwords === * Grabbing the Password Hashes (with pwdump) * Countermeasures * Cracking passwords * Countermeasures * Dumping cached Passwords * Countermeasures === Remote Control and Back doors === * Command-line Remote control tools * Graphical Remote control === Covering Tracks === * Disable Auditing * Clear event log * Hiding files * Alternative Data Streams (ADS) * Countermeasures === General countermeasures === * Filenames: Look for suspicious filenames left over * Registry Entries: Hunt down any rogue registry entries * Processes: Look for unnecessary processes running * Ports: Look for rogue connections === Windows Security Features === * Firewall * Automated updates * Security center * Security policy and group policy * Bitlocker and the Encrypted File System (EFS) === Windows Resource Protection === * Integrity Levels, UAC, and LoRIE * Data Execution Prevention (DEP) === Service Hardening === * Service Resource Isolation * Least Privilege Services * Service Refactoring |
Back to Cptr427Winter2010
Hacking Exposed Chapter 10: Hacking Code
Common exploit techniques
Buffer Overflows and Design Flaws
Input Validation Attacks
Stack Buffer Overflows
- Easiest and most devastating buffer overrun
- A stack is the computer memory used when functions call other functions.
- Occurs when a program writes to a memory address on the program's stack outside of the intended data structure
Countermeasures
- Practice safe and secure coding standards.
- Check your code.
- Consider prohibiting the use of old C runtime buffer functions.
- Employ stack execution protection.
- Use compiler tools.
- Eavesdropping on network password exchange
- Countermeasures
- Man-in-the-middle attacks
- Countermeasures
Remote Unauthenticated Exploits
- Network Service Exploits
- Countermeasures
- End-User Application Exploits
- Countermeasures
- Device Driver Exploits
- Countermeasures
Authenticated Attacks
- Privilege Escalation
- Countermeasures
Extracting and Cracking passwords
- Grabbing the Password Hashes (with pwdump)
- Countermeasures
- Cracking passwords
- Countermeasures
- Dumping cached Passwords
- Countermeasures
Remote Control and Back doors
- Command-line Remote control tools
- Graphical Remote control
Covering Tracks
- Disable Auditing
- Clear event log
- Hiding files
- Alternative Data Streams (ADS)
- Countermeasures
General countermeasures
- Filenames: Look for suspicious filenames left over
- Registry Entries: Hunt down any rogue registry entries
- Processes: Look for unnecessary processes running
- Ports: Look for rogue connections
Windows Security Features
- Firewall
- Automated updates
- Security center
- Security policy and group policy
- Bitlocker and the Encrypted File System (EFS)
Windows Resource Protection
- Integrity Levels, UAC, and LoRIE
- Data Execution Prevention (DEP)
Service Hardening
- Service Resource Isolation
- Least Privilege Services
- Service Refactoring