Thursday, 5 April 2012

Network Hacking(Cygwin)

Cygwin
If you only have access to a Windows machine, and you come across a C/C++ script that is only meant to be compiled in Linux, then you can use Cygwin to make it possible in Windows. Let’s get right into it!
Cygwin
1. Download Cygwin from http://www.cygwin.com/
2. Run the installer.
3. Choose to install from the internet.
4. Continue on until it asks you to choose a mirror to download from. Choose any.

5. Next you must select packages to download. Click View “+” under Devel to expand the category. Expand the window so that you can see all of the columns. Under the package column, search for gcc-core and click on “Skip” to select it and click next.
6. If it tells you that you haven’t selected a couple packages that you need, agree to install them and click next.
7. It will begin to install the packages
8. Once it is installed, double click the desktop icon and a command prompt should come up.

9. Using the same exploit as the last example, save and move it into the “C:\cygwin” directory as “exploit.c”.
10. Now it’s time to run the exploit. First you must change the directory to the home directory (C:\cygwin) by using the command “cd /”. Next use the “ls” command to display all the files in the current directory. You should see “exploit.c”.
11. Now to compile the script we use the same command as we did in Ubuntu: “gcc exploit.c –o exploit”. Here you see that we added a new parameter “-o”. This simply tells the compiler to name the output exe “exploit.exe”. Hit <ENTER> and if no error messages came up, then it was successful. If you use the “ls” command again, you should see a new file “exploit.exe” in the directory.
12. To run the exploit, simply type “./exploit”. It will now display the scripts runtime directions. Put in the right options and parameters and run the script again. The picture below shows all of these steps being done.

13.Once a hacker runs this script against a vulnerable machine and the script works, he will have root access to the target computer.

The more exploits you run, the more you will notice that half of them may not work. Many exploits are created and tested in specific environments and the expected outcome only happens when the exploit is run in the exact same environment. That is another reason why programming knowledge is needed, so you could edit the exploit script to work for you.
Once a skilled hacker gains root to a server he has the ability to do a lot of damage. Some of the things a hacker might do with a rooted server is:
• Add himself as a permanent user for future access.
• Add the server into his botnet collection so he could use it as a weapon against other servers.
• Use it as a proxy to hack other websites.
• Install a rootkit so he can come back and have full control over the server when needed.
• Constantly steel information as it comes.
• Use the system to store illegal data.
• Deface the website and sometimes the hacker will delete everything off of the server.

Countermeasures
There are a few things you can do to stay secure from network hacking attempts.
1. Keep all your software up to date. There will always be new vulnerabilities coming out, and your responsibility is to patch them immediately after a patch comes out.
2. Implement a firewall. This will keep most of the bad data out and good data in.
3. Install anti-virus software.
4. Scan your system with a vulnerability scanner. This may reveal possible vulnerabilities in your system.

2 comments: