THE BEST OF HAKIN9 2013 – 26 HACKING TUTORIALS

Dear Readers,

 The publication you are going to read is a summary of our work in 2013. We decided to provide you with the two most burning and interesting subjects – Exploiting (published last week in The Best of Hakin9 2013 Exploting and Hacking, addressed in this issue.

There are 26 articles inside. We divided them into the following sections: Advanced C++ Code Analysis, Offensive Python, QR Codes Hacking, Malware, Kali Linux, Mobile Hacking, BIOS Security, Offensive Programming and Android Hacking

As you can see, we collected the best articles on hacking so that you could sum up the year you spent with our magazine. We would be more than pleased if you could share your opinion on this passing year, on your experiences with our team, views on the content we published, ideas you would like to introduce if you were in our shoes.

We are always happy to respond to all your questions so please feel free to write directly to my address: [email protected]

I would like to express my gratitude to all of our readers, followers and fans for being with us in 2013. I hope that both the content of our magazine as well as the customer service we provide will contribute to your constant satisfaction with Hakin9.

Hope to talk with you, see you and meet you in 2014.

With all the best wishes for 2014,
Hakin9 Team

---

INSIDE:

Advanced C++ Code Analysis

C++ – Introduction To Code Analysis And Audit
By Bamidele Ajayi, OCP, MCTS, MCITP EA, CISA, CISM

As a security professional code analysis and auditing is an essential task to unravel flaws and vulnerabilities. Analysis and auditing also sheds more light into what the code is actually doing.This article introduces you to the basics you need to know before embarking on source code audit and analysis with emphasis on C++.

C++ Code Analysis
By Mohmmed AlAbbadi, CISSP, CCSP, Deliver Meticulous Information Security Consultancy & Management Analysis for Decision Support, IS Influencer

Have you ever wanted to have a superpower? What was yours? The ability to fly? Blow fire? Disappear? Stop time or even go back in time? Run faster? Or be bulletproof? Mine was always the ability to scan objects and see what others couldn’t see, the X-ray vision. Frankly, I wanted it for two reasons: one that was good and the other that was “wak”. The first was to help people by finding (and sometimes fixing) problems-yet-to-happen-in-the-future before their manifestation. For example, scan a car to find out that the brakes don’t work and tell the car owner before he/she drives it. The other reason was to find people’s vulnerabilities (like a knee injury) to defend myself if I got attacked or bullied.

Offensive Python

Offesive Python
By Kris Kaspersky, Reverse Engineering Expert, International Author
Python was created for fun, but evil hackers use it for profit. Why Python is a new threat for security industry and how tricky Lucifer’s kids are – let’s talk about it.

QR Codes Hacking

QR Codes: Convenience or Minefield?
By David Nordell CEO of New Global Markets
Imagine that you are walking in the street in the town where you live. You need to find a new place to live, and don’t really want to use an estate agent, because they usually lie about the places they have available, and charge a commission too. But you pass a tree with a sheet of paper stapled to the bark, reading “beautiful two-room apartment, lots of light, modern kitchen and bathroom … no agents.”

QR Codes – Hacking, Cracking and Other Security Considerations
By V. Michael Balas, Founder and CEO at VitreoQR, LLC
On March 6th of 1992, the world waited for the Michaelangelo Computer Virus to strike hundreds of thousands of computers across the planet. The threat was so great this one computer event received massive and widespread media attention in virtually every indus-trialized country. Ultimately, the virus did little actual damage but its media coverage fright-ened the world into a more pro-active position regarding protection from such attacks. The antivirus software industry now had its first truly legitimate example of the need for antivi-rus software. John McAfee was well on his way to making millions.

6 Ways To Protect Yourself From QR Code Hacking
By Nick Lynch, Co-Founder of OakReach, a Native Ad and Content Marketing Platform
In today’s fast moving times, getting information and content instantly at our figure tips has become an increasing necessity. Because of this, Quick Response (QR) codes continue to be the biggest driver of print to mobile activations. When scanned, the codes often contain web links that automatically take a user to a website. Over the last few years, the practice of placing this type of matrix barcode on billboards, posters, clothing tags, concert tickets, business cards, TV ads and magazines has become common practice. According to ClickZ.com, QR scans saw an increase of 400% between June 2011 and June 2012.

Malware

Setting Up Your Own Malware Analysis Lab
By Monnappa KA, GREM, CEH; Information Security Investigator – Cisco CSIRT at Cisco Systems
With new malware attacks making news everyday and compromising company’s network and critical infrastructures around the world, malware analysis is critical for anyone who responds to such incidents. In this article you will learn to setup a safe environment to analyze malicious software and understand its behaviour.

Glimpse of Static Malware Analysis
By Ali A. AlHasan, MCSE, CCNA, CEH, CHFI,CISA, ISO 27001 Lead auditor
Internet has become an essential part on our day-to-day life. We are using it to communicate, exchange information, perform bank transaction, etc. Researchers are working around the clock to expand this service and optimize it. Hackers on the other hand are leveraging this crucial service to perform cybercrime activities such as stealing credit cards.

Hybrid Code Analysis versus State of the Art Android Backdoors
By Jan Miller, Reverse Engineering, Static Binary Analysis and Malware Signature algorithms specialist at Joe Security LLC
Mobile Malware is evolving… can the good guys beat the new challenges?
Mainstream usage of handheld devices running the popular Android OS is the main stimulation for mobile malware evolution. The rapid growth of malware and infected Android application package (APK) files found on the many app stores is an important new challenge for mobile IT security.

Next Generation of Automated Malware Analysis and Detection
By Tomasz Pietrzyk, Systems Engineer at FireEye
In the last ten years, malicious software – malware – has become increasingly sophisticated, both in terms of how it is used and what it can do. This rapid evolution of malware is essentially a cyber “arms race” run by organizations with geopolitical agendas and profit motives. The resulting losses for victims have run to billions of dollars.

Kali Linux

Kali Linux, Attacking Servers
By Ismael Gonzalez D., Security Researcher, CEH, MCP, MCDTS, MCSA, LPIC-1
This article will show you how to perform attacks on web servers, getting full access to the system and database. Just by using some of the ‘Top Ten’ tools of Kali Linux.

Hands On: How to Create “Backdoor” to Remote Access with Kali Linux, DNS Spoofing Attack with Ettercap and Cloning Sites with Kali Linux
By Rafael Fontes Souza, Co-Founder at Grey Hats, member of the “French Backtrack Team”
The three articles describe very useful tools in Kali and cover the ideas of creating backdoor, how to perform the spoof attack and how to clone websites with SET Attack Method.

Kali Scanning for HIPAA – A Proof of Concept: using Kali Linux to deploy distributed network vulnerability scanners for medical clients
By Charlie Waters, Security Officer and Senior Consultant for Infinity Network Solutions
The Health Insurance Portability and Accountability Act of 1996 (HIPAA) requires organizations who handle electronic Protected Health Information (e-PHI) to take action and reduce risk relative to potential security breaches of digital communication and storage of patient information. Open Source solutions can be leveraged as a low-cost and effective strategy to minimize risk when used as component of a larger information security program. With a long “track” record of community support, Kali is an open source Linux distribution containing many security tools to meet the needs of HIPAA network vulnerability scans.

Mobile Hacking

Mobile Phone Spying, Detection and Countermeasures
By Akinfe Oluwafemi, CCNA, CCNA sec, A+ IT Tech, C|EH, E|CSA – Information Technology
Too many people see their portable PC which the smartphone today certainly is still as a phone with a sense of phony security accordingly. Thus mobile security products use is still in it’s infancy when you compare it with the classic PC/Laptop.

Windows Phone 8 Application Penetration Testing Essentials
By Wouter Veugelen, Cyber Security Consultant, member of AISA, ISACA , ISSA
An overview of the Windows Phone 8 operating system security features and how to conduct penetration tests of Windows Phone 8 applications.

Kids Mobile Safety
By Dalibor Vlaho, OSCP, CEH, CEO at Information Security Agency
The article on how to protect your family and mostly the youngsters against serious hacking dangers and how to control them using various applications. The overview written by the specialist deeply involved in the Online Child Safety Education and Abuse-Prevention Program.

BIOS Security

BIOS Security – Important Yet Overlooked
By Rob Gangemi and Azeem Nizam, Information Security Consultants, CISSP, CISA, CISM, CRISC, CCISCO
BIOS Security is an easily overlooked part of computer security. Thanks to worrying malware releases such as Mebromi and terrifying proof-of-concepts such as Rakshasa however – government agencies and hardware manufacturers are making serious strides to combat this glaring security weakness.

BIOS Security? Build a PXE Attack Server
By Tony Lee, Scientist at FireEye
and Chris Lee, Security Consultant at Foundstone
As consultants we are often hired to evaluate the security of kiosks or computers that are designed to interface with the general public. The most secure configurations are ones that limit user interaction to the file system, command prompts, and the Internet. One of the best ways to limit user interaction to the hard drive is to lock down the Basic Input/Output System (BIOS) to help prevent booting to alternative Linux distros. This includes disabling booting to USB devices, locking down the boot order, and password protecting the BIOS. In various engagements we will run across kiosks that are fairly locked down, but still vulnerable due to a very commonly seen BIOS configuration. This article discusses how attackers can take advantage of this BIOS setting to allow the Preboot eXecution Environment (PXE) to be an administrator’s best friend and worst enemy.

ACPI Tables Overloading. A Hands-On Approach
By Marco Sogli, BIOS Engineer at SECO
With the ever increasing demand for efficient systems, including servers, personal computers and portable devices, the trade-off between performance and power consumption has become critical for almost all system architectures. Power efficiency needs to be achieved not only through an optimized hardware design, but also through a deep software optimization, for example enabling the system to run in low power mode and to support dynamic switching to higher performances when the CPU/GPU tasks become more heavy, all of this, trying to keep the whole system quiet and cold.

Offensive Programming

How To Use Offensive Security by Programming, Exploits And Tools
By Akshay Bharganwar, Innovator, Entrepreneur, Public Speaker – ICTTF and Indian Cyber Army and HANS
The Interest for “Offensive Security” has increased the last couple of years. This happened because criminals have moved to the digital world, using computers and computer networks to commit crimes.

Using Hydra To Crack The Door Open
By Nikolaos Mitropoulos, CCNA, JNCIA and JNCIS-SEC
Take advantage of a cracking tool to test the resilience of your local or remote network servers and various other devices from a computer to router on the network.

Processing of PCAP files with Snort
By Steven McLaughlin, Network Security Manager at NSW Ambulance Service
PCAP files are something which security and network administrators analyse on a regular basis. But how often do you process your packet capture files through an IDS engine to see what alerts it generates?

Session Hijacking Through Cross-site Scripting (XSS)
By Danny Chrastil, Senior Security Consultant at BT Global Services
Tired of explaining to clients how an alert() box is a valid proof of concept for a XSS vulnerability. You should be. The truth is that providing a straightforward proof-of-concept code for XSS attacks involving session hijacking, is not so straightforward.

Defensive Programming
By Michael Christensen (Certified Business Continuity and It-Security Consultant -
CISSP, CSSLP, CRISC, CCM ISO:22301, CPSA, ISTQB and PRINCE2) and Danny Camargo (IT Consultant at outforce A/S, MCSE)
How to defend yourself from becoming a victim of a hacker? Programmers all over the world are working hard to write secure code, but some are taking the “ostrich” approach – with their head buried deep in the sand! Reading this magazine, however, you are probably not one of these.
Instead you get a new mission: Spread the word of “how to secure the code…”

Android Hacking

Android Hacking Made Easy – What You Can Do To Limit Your Exposure
By John Lear, the Founder of Oomba Security LLC. He has over 18 years experience in system and security engineering
Android devices are extremely popular. From phones to tablets, e-readers, netbooks, smart watches and car computer out there. Over a half billion Android device users are out there with 1.3 million new users added every day. Any technology that is in a lot of hands is a target for hackers. Why not? When “you can make $10,000 a month for a basic effort at writing malware – you can get more when you distribute this malware to the contact lists and [build botnets],” Worried yet? The statistics are alarming. In 2012 Android accounted for 79% of all mobile malware, 96% in the last quarter alone according to F-Secure.What’s more we bring our own devices to work, school, everywhere we go, exposing not only our networks but other networks we might connect to. McAfee reports malware broke new records in 2012 with the number of new malware to reach 100 million for the year.

Weak Wi-Fi Security, Evil Hotspots and Pentesting with Android
By Dan Dieterle has 20 years of IT experience and has provided various levels of IT support to numerous companies from small businesses to large corporations
Wireless networks and mobile Wi-Fi devices have saturated both the home front and business arena. The threats against Wi-Fi networks have been known for years, and though some effort has been made to lock down wireless networks, many are still wide open. In this article we will look at a few common Wi-Fi security misconceptions. We will also see how a penetration tester (or unfortunately, hackers) could set up a fake Access Point (AP) using a simple wireless card and redirect network users, capture authentication credentials and possibly gain full remote access to the client. Finally we will look at the latest app for Android that allows you to turn your Wi-Fi smart phone or tablet into a pentesting tool. With it you can scan your network for open ports, check for vulnerabilities, perform exploits, Man-in-the-Middle (MitM) attacks and even sniff network traffic on both your Wi-Fi network and wired LAN.

Build Secure Android Applications with ITTIA DB SQL
By Sasan Montaseri, the founder of ITTIA, a company focused on data management software solutions for embedded systems and intelligent devices
With Android’s worldwide success, market dominance and the availability of inexpensive devices, it is easier than ever to deploy a distributed network of data-driven mobile software. With the rise of smart devices and similar mobile platforms for Android, anyone can own a general-purpose computing device that is capable of storing large amounts of data and running sophisticated applications on Android. Business applications often deal with confidential data, process transactions, and log information for auditing purposes. When developing a mobile, distributed application it is important to not only protect confidential information, but also to prevent tampering and destruction of important data.