SECURITY ONION – EXPLOITING SOFTWARE 03/2012

Understanding conditionals in shellcode
By Craig Wright

This article is going to follow from previous articles as well as going into some of the fundamentals that you will need in order to understand the shellcode creation process. In this article, we are looking at extending our knowledge of assembly and shellcoding. This is a precursor to the actual injection and hooking process to follow. You will investigate how you can determine code loops, the uses of loops as well as acting as an introduction into how you can reverse engineer assembly or shellcode into a higher level language and even pseudo-code, all of which forms an essential component of creating and executing one’s own exploit successfully. By gaining a deep understanding just how code works and to know where to find the fundamentals shellcode programming language we hope to take the reader from a novice to being able to create and deploy their own shellcode and exploits.

Creating a Fake Wi-Fi Hotspot to Capture Connected Users Information
By Roberto Saia

We can use a standard laptop to create a fake open wireless access point that allows us to capture a large amount of information about connected users; in certain environments, such as airports or meeting areas, this kind of operation can represent an enormous security threat but, on the other hand, the same approach is a powerful way to check the wireless activity in certain areas where the security is very important. An attacker can use his properly configured laptop in a large number of public places, even in an airplane, simulating the Wi-Fi gateway used by airline and capturing personal data of connected passengers. With a little effort, anyone can create a fake Wi-Fi Hotspot and use it to gather precious information about connected users, information such as usernames, passwords, messages and so on. You see how an attacker can deceive a large number of users, and consequently capture information that enables him to commit criminal acts such as identity theft.

Easy Network Security Monitoring with Security Onion
By Daniel Dieterle

Hackers and the malware that they create are getting much better at evading anti-virus programs and firewalls. So how do you detect or even defend against these advanced threats? Intrusion Detection Systems monitor and analyze your network traffic for malicious threats. The problem is that they can be very difficult to configure and time consuming to install. Some take hours, days or even weeks to setup properly. The Security Onion IDS and Network Security Monitoring system changes all of that. Do you have 10 minutes? That is about how long it takes to setup and configure Security Onion – a Linux Security Distribution based on the Ubuntu (Xubuntu 10.04 actually) operating system.

Accurate Time Synchronization with NTP. Hardening your Cisco IOS Device
By Abdy Martinez

Hardening your network infrastructure (routers, switches, firewalls, servers…) is significant in network security. Unfortunately, most network engineers and administrators don’t consider the relevance of accurate network timing. Although the manual procedure works in a small network environment, as a network grows, it becomes difficult to ensure that all infrastructure devices are operating with synchronized time. A greater solution is to configure NTP. This protocol allows devices to synchronize their time settings with an NTP server. A group of NTP clients that obtain time and date information from a single source have more consistent time settings.
Network Time Protocol (NTP) is a protocol designed to synchronize the clocks of computer systems over packet-switched, variable-latency data networks to a common time-base (usually UTC). NTP, that uses the User Datagram Protocol (UDP) as its transport protocol, synchronizes timekeeping among a set of distributed time servers and clients. This allows events to be associated when system logs are created and other time-specific events occur.

Penetration Testing Methodology in Japanese Company
By Dennis Ludena

In the last two years, Japanese companies have been the target of different serious and powerful network attacks. The government, industries and even big corporations like Sony PSP Network, Mitsubishi Heavy Industries and The Japanese Parliament have made companies engaged in the IT sector give serious attention and look into a new business horizon and implement penetration systems methodologies as part of their solutions and services. This article explains the different steps and procedures implemented in Fusic Co. Ltd., based in Fukuoka, Japan, which its main business is software and application development. The article describes the tools used and how these tools were used in order to test a new service product the company is offering, the 360do.jp, as part of their first attempt to join the competitive IT business in the field of Penetration Testing.