Skip to main content

Ethical HaCking 0x04

Security is the separation of an asset from a threat.
Security as practiced by the military generally means destroying the threat. A non functioning threat is no longer a threat. So to separate the threat from the asset, you have three options:

• Physically remove or separate the asset from the threat.
• Destroy the threat.
• Move or destroy the asset

As you know destroying assets is undesirable and destroying threats is not feasible.so most of the time we separate the two from each other.

Elements of Security
Separation can be done by using following elements:
1:Visibility
2:Access
3:Trust

Visibility can be an opportunity for an attacker.What an attacker see,learn or glean into help him in his attack.But think if attacker cant see, then he wont even think of attacking on that thing.Linux provide better ways to go invisible.In linux you can easily DROP ALL such request which can make you visible,like ping replies etc.Unfortunately, visibility is a necessary part of most services since marketing is the core of all business; you must present your wares in order to sell them. Therefore, it is necessary to strike the right balance between what assets should be known to maximize the usefulness and efficiency of services while minimizing exposure.

Access means how much you can interact with the given system.It can be a response,service or any thing.
A service cannot exist without access.The simplest way to prevent access is not to provide it. Physically separating an asset and a threat is the strongest deterrent possible. During penetration tests, the most
common problems can be attributed to a service or application running that does not need to be running. The greatest strength of Linux is the ability to easily choose which ports are open and which services are running

In security sciences, Trust is any unauthenticated interactivity between targets within a scope. For example, a web application may interact with a database server without requiring authentication or specifically identifying itself. (Actually, the request’s IP address may be considered weak identification criteria much like a nametag on a person’s shirt is unqualified identification of a specific person.) Where an attacker finds visibility as opportunity and access as direct interaction, trust is useful for indirect interaction.

Comments

Popular posts from this blog

Install Virtual Box On Kali Rolling

If you facing problem with virtualbox installation on kali rolling edition because of its outdated kernel 4.3.0-kali1-amd64 then this post is for you only.

Step1: Install latest kernel. First search the cache for list of available ones apt-cache search linux-headers
Depending upon the list choose one from the set and install install it.
you can download kernel file using wget from ubuntu source also.
example:wget kernel.ubuntu.com/~kernel-ppa/mainline/v4.4.3-wily/linux-image-4.4.3-040403-generic_4.4.3-040403.201602251634_amd64.deb
for more refer to this post: link

Step2:
Edit the boot entry /boot/vmlinuz-(New Linux kernel Version) & /boot/initrd.img-(New Linux kernel version) in grub menu.

Before making boot entry changes be sure these files exist in the /boot directory after running install command.
In my case following new file got created in /boot folder:

1)vmlinuz-4.6.0-kali1-amd64
2)initrd.img-4.6.0-kali1-amd64

Thats all you need to do to install any virtual software on kali r…

Hacking Windows 10 UWP App: DLL Injection & common Vulnerabilities

I recently started working on  widows 10 Apps( Apps not Applications) security. Before diving deep in hacking terms lets try to understand what's new in Windows 10 UWP( Universal Platform) as compared to old Apps. Lets begin with how apps actually work on windows 10(desktop/tablet). Now windows 10 comes with a container only for running apps inside the isolated environment. By default, /APPCONTAINER(Linker Flag) is off. This option modifies an executable to indicate whether the app must be run in the appcontainer process-isolation environment. Specify /APPCONTAINER for an app that must run in the appcontainer environment—for example, a Windows Store app. (The option is set automatically in Visual Studio when you create a Windows Store app from a template.) For a desktop app, specify /APPCONTAINER:NO or just omit the option. The /APPCONTAINER option was introduced in Windows 8.
Now there is no registry entry concept for these app in the System HIVE rather they install they own hiv…

Cyberoam Login Brute Force Script

#
#  ('-.               .-') _                         ) (`-.               _  .-')
#  ( OO ).-.          (  OO) )                         ( OO ).            ( \( -O )
#  / . --. / ,--.     /     '._     ,------.,--. ,--. (_/.  \_)-.  .----.  ,------.
#  | \-.  \  |  |.-') |'--...__) ('-| _.---'|  | |  |  \  `.'  /  /  ..  \ |   /`. '
#.-'-'  |  | |  | OO )'--.  .--' (OO|(_\    |  | | .-') \     /\ .  /  \  .|  /  | |
# \| |_.'  | |  |`-' |   |  |    /  |  '--. |  |_|( OO ) \   \ | |  |  '  ||  |_.' |
#  |  .-.  |(|  '---.'   |  |    \_)|  .--' |  | | `-' /.'    \_)'  \  /  '|  .  '.'
#  |  | |  | |      |    |  |      \|  |_) ('  '-'(_.-'/  .'.  \  \  `'  / |  |\  \
#  `--' `--' `------'    `--'       `--'     `-----'  '--'   '--'  `---''  `--' '--'
# Cyberaom brute force Script
# @aut…