First of all, what is social engineering ? Social engineering is art of deception to harvest information from human vector or exploiting human weakness in order to gain information. In hacking cycle, social engineering is an optional step. It means it is not necessary to be done in order to hack into a system. Even though it is optional, social engineering holds a very important aspect which allow the hacker to gain an easier way to hack or when all step in hacking cycle fails, social engineering might be the last option in order to hack the system.
There are top 5 social engineering exploit that can be used :
1) Familiarity Exploit - Making yourself familiar to those you want to exploit and lower their guard. In a world of psychology, people react differently to other people according how close those people are. You can make yourself closer to your target by making yourself familiar to the target such as increasing the number of encounter, getting same interest and the most important thing is to not create a mindset of "Who is that and why is he here ?".
2) Creating a Hostile Situation - What it means by hostile situation is to create a situation which the atmosphere is tense such as angriness. This situation can be easily created or faked by a simple technique like when you have a phone cal with your target you fake a tense fight with someone else while still on the phone. By basic psychology, people will not like an angriness and will try to get rid of it, so people tends to follow your order when you are mad. Use this chance to exploit your target
3) Gathering and Using Information - Gather info as much as possible of your target. The more info you have about your target, the more possibilities that your social engineering to works. There are a lot of ways to gather information such as : Online site ( Facebook, Linked in, etc ), The target work place, asking target's friends or colleague.
4) Get a Job at your Target Workplace - If the payment of the penetration job is worth it, just get a job there. Most small to medium sized company will not do any background check on you, so you can easily get a job there without being afraid of your identity being compromised. Once inside, you can climb your way to earn their trust so you can get access to sensitive information. Once you get the information it wont'be hard for you to exploit it.
5) Reading Body Language - To be able to read a body language, you may need an advanced knowledge in psychology. But it is worth it. The basic explanation is to make your target comfortable as much as possible. When people get comfortable they will be talk more easily and they will feel more eager to help you without questioning your motives. By making them comfortable, you can basically exploit information from them.
According to this technique, someday maybe you can be the initiator of the social engineering or maybe you can be the target of social engineering. With this in mind, be careful about what information you share and do not give any information to people that is not authorised to know those information.
Minggu, 08 Juni 2014
Threat of SQL Injection
What is SQL injection ? SQL Injection is a code injection technique, used to attack data-driven application. in which malicious SQL statements are inserted into an entry field for execution. According to Open Web Application Security Project (OWASP) SQL injection is rated to be the top threat to web application.
By using SQL injection technique, a hacker can easily enumerate the target database to gain sensitive information such as username, password, etc. SQL injection is not always successful. Not all website is vulnerable to SQL injection. Some website with input validation in their form will not be easily injectable.
An SQL injectable website will result in following pages (or similar) when you input " ' " (Single Quotation Mark). This is the example of SQL injection vulnerable website :
By using SQL injection technique, a hacker can easily enumerate the target database to gain sensitive information such as username, password, etc. SQL injection is not always successful. Not all website is vulnerable to SQL injection. Some website with input validation in their form will not be easily injectable.
An SQL injectable website will result in following pages (or similar) when you input " ' " (Single Quotation Mark). This is the example of SQL injection vulnerable website :
This website do not have input validation in their log in form so when a " ' " (Single Quotation Mark) is inputed, the code will consider this input to be an SQL query which result in the above error page.
This means the hacker can exploit the database and in worst case scenario the hacker can take the ownership of the website.
With this SQL injection threat, it is highly encouraged for web developer to develop a web site with SQL injection defines such as :
- Input Validation in Log in Form
- Use Web Application Firewall
- Limit Database Privileges
Langganan:
Postingan (Atom)