[ Certified Ethical Hacker v10 ] :: [ Chapter 6 cont’d] :: SQL Injection

This entry is part 11 of 29 in the series [ Certified Ethical Hacker Training ]

SQL injection Definition and Examples Your basic task in to interrupt a SQL query and force it to run your own code. Usually you can do this be adding an invalid character, like a single quote. You can attack GET and POST submissions using options. Definition, Risk Factors and Examples from https://owasp.org/www-community/attacks/SQL_Injection : In SQL: …

[ Certified Ethical Hacker v10 ] :: [ Chapter 6 cont’d] :: sqlmap

This entry is part 12 of 29 in the series [ Certified Ethical Hacker Training ]

Using sqlmap This wicked tool comes with Kali and is easy to install on other Linuxes. All you need is a web form on a website as an entry point for SQL injection. See this short “cookbook” first for quick examples of usage: From https://securityonline.info/top-25-useful-sqlmap-commands/ Here’s the lengthy GitHub usage page: https://github.com/sqlmapproject/sqlmap/wiki/Usage Using Captured Headers …

[ Certified Ethical Hacker v10 ] :: [ Chapter 7 ] :: WiFi Hacking

This entry is part 14 of 29 in the series [ Certified Ethical Hacker Training ]

WiFi Basics SSID: the human-readable name of the network BSSID: the MAC address of the access point ESSID: the name of a network that spans multiple access points IVs: Initialization vectors, 24-bit strings appended to the network key that allow users to access the network with unique session keys PWR (as listed in airodump-ng) is …

[ Certified Ethical Hacker v10 ] :: [ Chapter 8 ] :: Hacking Mobile Devices

This entry is part 15 of 29 in the series [ Certified Ethical Hacker Training ]

Chapter 8: Hacking Mobile Devices: iOS and Android Rooting Android Tools to root Android KingoRoot OneClickRoot TunesGo NTK Droid Jailbreaking iOS Tools to jailbreak iOS Cydia Pangu GeekSn0w, Redsn0w Absinthe Techniques for Jailbreaking Untethered – the kernel will stay jailbroken after reboot Semi-tethered – a reboot reverts to a non-jailbroken kernel, but a jailbreak took …

[ Certified Ethical Hacker v10 ] :: [ Chapter 8 cont’d ] :: Hacking the Internet of Things

This entry is part 16 of 29 in the series [ Certified Ethical Hacker Training ]

Mobile Things, Smart Things, Internet of Things Targets Doorbells Thermostats Lights Coffee pots Toilets Car computers Useless things Methodologies OWASP Mobile Top 10 Vulnerabilities – https://owasp.org/www-project-mobile-top-10/ Tools Shodan A very simple visual example from WikiHow: https://www.wikihow.com/Use-Shodan A more elaborate set of examples from Null Byte: https://null-byte.wonderhowto.com/how-to/hack-like-pro-find-vulnerable-targets-using-shodan-the-worlds-most-dangerous-search-engine-0154576/ Some good examples: https://danielmiessler.com/study/shodan/ Shodon.io’s Own Search Query Fundamentals …

[ Certified Ethical Hacker v10 ] :: [ Chapter 9 ] :: Hacking in the Cloud

This entry is part 17 of 29 in the series [ Certified Ethical Hacker Training ]

Hacking in the Cloud ECC will expect you to know the usual litany of cloud info, for instance: “as a service” – SaaS, PaaS, IaaS Cloud types: public, private, community, hybrid Security organizations like the Cloud Security Alliance (CSA) Security frameworks like the Trusted Computing Model Pen Testing in the Cloud https://www.hackingtutorials.org/general-tutorials/penetration-testing-cloud/ https://www.udemy.com/course/cloud-hacking/ Techniques Scanning …

[ Certified Ethical Hacker v10 ] :: [ Chapter 10 ] :: Trojans, Backdoors, Viruses and Worms

This entry is part 18 of 29 in the series [ Certified Ethical Hacker Training ]

Chapter 10: Trojans and Other Attacks Trojans and Backdoors These aren’t really the same, they just get discussed under the same heading. Famous Trojans Neverquest Trojan (banking) ZeuS Mirai (IoT) The Simplest Backdoor of All Time Create a listener (-l) on the victim: nc -l -p 5555 Then connect to the victim by IP address …

[ Certified Ethical Hacker v10 ] :: [ Chapter 10 cont’d] :: Denial of Service

This entry is part 19 of 29 in the series [ Certified Ethical Hacker Training ]

Chapter 10 Continued: Denial of Service What It Looks Like Digital Attack Map: https://digitalattackmap.com/#anim=1&color=0&country=ALL&list=0&time=18400&view=map The VLS DDoS Attack, visualized with ApachePong / Logstalgia: https://www.youtube.com/watch?v=hNjdBSoIa8k https://logstalgia.io Low Orbit Ion Cannon: a classic DDoS tool: https://en.wikipedia.org/wiki/Low_Orbit_Ion_Cannon DoS Attack Types Fragmentation Volumetric Application TCP state-exhaustion Example DoS Attacks SYN attack SYN flood ICMP flood Smurfing Ping of Death …

[ Certified Ethical Hacker v10 ] :: [ Chapter 10 cont’d] :: Buffer Overflow

This entry is part 20 of 29 in the series [ Certified Ethical Hacker Training ]

Buffer Overflow Know these critical four C functions that don’t perform bounds checking, and thus are susceptible to buffer overflows: gets( ) scanf( ) strcopy( ) strcat( ) The Heap This is a loosely (dis)organized area for random storage. Memory space gets allocated and recovered automatically. The Stack This is much more organized, or constrained. …