Exploits.ppt

Exploits Dalia Solomon Categories Trojan Horse Attacks Smurf Attack Port Scan Buffer Overflow FTP Exploits Ethereal Exploit Worm Virus Password Cracker DNS Spoofing Trojan Horse attacks A computer becomes vulnerable to this attack when the user downloads and installs a file onto their system. This opens a port without the knowledge of the user. The open port gives the remote user access to ones computer Trojan Horse - NetBus NetBus is a tool that allows a remote user to gain administrative privileges NetBus consists of two programs a server and a client. NetBus Server To infect a computer, NetBus disguises itself as an ICQ executable file that a naive user install on their computer. NetBus Server NetBus server – This application will open a backdoor on the target computer. This application can be configured to be either invisible or visible to the user. NetBus Client NetBus - This application will connect to a computer that is running NetBus server. It allows the hacker to spy and take control of the infected computer. Smurf Attack A Smurf Attack occurs when a packet such as an ICMP echo frame (in this application) is sent to a group of machines. The packet sent has the source address replaced by the target computer or network IP address. This causes a flurry of echo responses to be sent to the target machine, which can overflow the target computer. Smurf Attack Here we are attacking our computer Port Scan This program allows the hacker to scan a target computer to detect open ports. This is primarily used to detect vulnerable applications using certain ports on the target computer. Port Scan Buffer Overflow Buffer Overflow Most common form of exploits Occurs when you put more data in the buffer than what it can hold Occurs if bounds are not checked by program Purpose of buffer overflow is to execute codes and gain special privileges Buffer Overflow Buffer Overflow Buffer Overflow FTP Exploits This exploit shows how it is possible for somebody to get a shell (