How Hackers Break into a Computer

How hackers break into a computer: Hackers look at computer code as being a number of small chunks of instructions, connected by “jumps"represented to the right as arrows. They try map out these chunks and jumps and turn them into a "flowchart", like the one to the right; which could be a flowcart for a simple web server. Then, they try to find chunks with exploitable code, and use the flowchart to help them navigate to the explotable code and hack it. Get a request for a webpage Does that web- page exist? ADD eax, DWORD[eax Oy yes no PUSH eax; PUSH ebx; CALL DWORD[ipx Ох04] Return an JNZ eax, DWORD[ipx + 0 error РОP ebx; message РОP еах; SUB ebx, 1; Quit PUSH eaх; no CALL DWORD[ipx 0x09, - DoI have per- JNZ eax, DWORD[ipx + 0x0563]; mission to serve that webpage? Once the hacker has found a yes vulnerable section of code, he can attack it in any one of a number of different ways. In this example, we show a privelige escalation attack, where the hacker attempts to fool the webserver into serving him files he does not have permission to access. The hacker may use these files later on return the webpage Quit Glossary: DoS: A Denial of Service attack attempts to crash or hang the program being attacked. Buffer Overrun: An attack method that attempts to copy more data into a string, also known as a buffer, tha to hack further into the system and/or obtain root access on the system. Often, one of the most-sought files using this type of attack is the system's encrypted password file. Hackers can then use a password cracker, such as John the Ripper, to obtain the passwords for all of the users on that system. it can hold. Root: The user with the highest level permissions in a com- puter system. Also known as the "Superuser." White Hats: Hackers who attempt to compromise software in order to find and remove the coding flaws which make hacking possible. Also known as “Security Analysts." Black Hats: Hackers who attempt to compromise software for personal, political, or monetary gain. Source: Greg Hoglund, Gary McGraw. "Exploiting Software: How to Break Code" Addison Wesley Professional -----------------...----- exploitable code How hackers break into a computer: Hackers look at computer code as being a number of small chunks of instructions, connected by “jumps"represented to the right as arrows. They try map out these chunks and jumps and turn them into a "flowchart", like the one to the right; which could be a flowcart for a simple web server. Then, they try to find chunks with exploitable code, and use the flowchart to help them navigate to the explotable code and hack it. Get a request for a webpage Does that web- page exist? ADD eax, DWORD[eax Oy yes no PUSH eax; PUSH ebx; CALL DWORD[ipx Ох04] Return an JNZ eax, DWORD[ipx + 0 error РОP ebx; message РОP еах; SUB ebx, 1; Quit PUSH eaх; no CALL DWORD[ipx 0x09, - DoI have per- JNZ eax, DWORD[ipx + 0x0563]; mission to serve that webpage? Once the hacker has found a yes vulnerable section of code, he can attack it in any one of a number of different ways. In this example, we show a privelige escalation attack, where the hacker attempts to fool the webserver into serving him files he does not have permission to access. The hacker may use these files later on return the webpage Quit Glossary: DoS: A Denial of Service attack attempts to crash or hang the program being attacked. Buffer Overrun: An attack method that attempts to copy more data into a string, also known as a buffer, tha to hack further into the system and/or obtain root access on the system. Often, one of the most-sought files using this type of attack is the system's encrypted password file. Hackers can then use a password cracker, such as John the Ripper, to obtain the passwords for all of the users on that system. it can hold. Root: The user with the highest level permissions in a com- puter system. Also known as the "Superuser." White Hats: Hackers who attempt to compromise software in order to find and remove the coding flaws which make hacking possible. Also known as “Security Analysts." Black Hats: Hackers who attempt to compromise software for personal, political, or monetary gain. Source: Greg Hoglund, Gary McGraw. "Exploiting Software: How to Break Code" Addison Wesley Professional -----------------...----- exploitable code How hackers break into a computer: Hackers look at computer code as being a number of small chunks of instructions, connected by “jumps"represented to the right as arrows. They try map out these chunks and jumps and turn them into a "flowchart", like the one to the right; which could be a flowcart for a simple web server. Then, they try to find chunks with exploitable code, and use the flowchart to help them navigate to the explotable code and hack it. Get a request for a webpage Does that web- page exist? ADD eax, DWORD[eax Oy yes no PUSH eax; PUSH ebx; CALL DWORD[ipx Ох04] Return an JNZ eax, DWORD[ipx + 0 error РОP ebx; message РОP еах; SUB ebx, 1; Quit PUSH eaх; no CALL DWORD[ipx 0x09, - DoI have per- JNZ eax, DWORD[ipx + 0x0563]; mission to serve that webpage? Once the hacker has found a yes vulnerable section of code, he can attack it in any one of a number of different ways. In this example, we show a privelige escalation attack, where the hacker attempts to fool the webserver into serving him files he does not have permission to access. The hacker may use these files later on return the webpage Quit Glossary: DoS: A Denial of Service attack attempts to crash or hang the program being attacked. Buffer Overrun: An attack method that attempts to copy more data into a string, also known as a buffer, tha to hack further into the system and/or obtain root access on the system. Often, one of the most-sought files using this type of attack is the system's encrypted password file. Hackers can then use a password cracker, such as John the Ripper, to obtain the passwords for all of the users on that system. it can hold. Root: The user with the highest level permissions in a com- puter system. Also known as the "Superuser." White Hats: Hackers who attempt to compromise software in order to find and remove the coding flaws which make hacking possible. Also known as “Security Analysts." Black Hats: Hackers who attempt to compromise software for personal, political, or monetary gain. Source: Greg Hoglund, Gary McGraw. "Exploiting Software: How to Break Code" Addison Wesley Professional -----------------...----- exploitable code How hackers break into a computer: Hackers look at computer code as being a number of small chunks of instructions, connected by “jumps"represented to the right as arrows. They try map out these chunks and jumps and turn them into a "flowchart", like the one to the right; which could be a flowcart for a simple web server. Then, they try to find chunks with exploitable code, and use the flowchart to help them navigate to the explotable code and hack it. Get a request for a webpage Does that web- page exist? ADD eax, DWORD[eax Oy yes no PUSH eax; PUSH ebx; CALL DWORD[ipx Ох04] Return an JNZ eax, DWORD[ipx + 0 error РОP ebx; message РОP еах; SUB ebx, 1; Quit PUSH eaх; no CALL DWORD[ipx 0x09, - DoI have per- JNZ eax, DWORD[ipx + 0x0563]; mission to serve that webpage? Once the hacker has found a yes vulnerable section of code, he can attack it in any one of a number of different ways. In this example, we show a privelige escalation attack, where the hacker attempts to fool the webserver into serving him files he does not have permission to access. The hacker may use these files later on return the webpage Quit Glossary: DoS: A Denial of Service attack attempts to crash or hang the program being attacked. Buffer Overrun: An attack method that attempts to copy more data into a string, also known as a buffer, tha to hack further into the system and/or obtain root access on the system. Often, one of the most-sought files using this type of attack is the system's encrypted password file. Hackers can then use a password cracker, such as John the Ripper, to obtain the passwords for all of the users on that system. it can hold. Root: The user with the highest level permissions in a com- puter system. Also known as the "Superuser." White Hats: Hackers who attempt to compromise software in order to find and remove the coding flaws which make hacking possible. Also known as “Security Analysts." Black Hats: Hackers who attempt to compromise software for personal, political, or monetary gain. Source: Greg Hoglund, Gary McGraw. "Exploiting Software: How to Break Code" Addison Wesley Professional -----------------...----- exploitable code How hackers break into a computer: Hackers look at computer code as being a number of small chunks of instructions, connected by “jumps"represented to the right as arrows. They try map out these chunks and jumps and turn them into a "flowchart", like the one to the right; which could be a flowcart for a simple web server. Then, they try to find chunks with exploitable code, and use the flowchart to help them navigate to the explotable code and hack it. Get a request for a webpage Does that web- page exist? ADD eax, DWORD[eax Oy yes no PUSH eax; PUSH ebx; CALL DWORD[ipx Ох04] Return an JNZ eax, DWORD[ipx + 0 error РОP ebx; message РОP еах; SUB ebx, 1; Quit PUSH eaх; no CALL DWORD[ipx 0x09, - DoI have per- JNZ eax, DWORD[ipx + 0x0563]; mission to serve that webpage? Once the hacker has found a yes vulnerable section of code, he can attack it in any one of a number of different ways. In this example, we show a privelige escalation attack, where the hacker attempts to fool the webserver into serving him files he does not have permission to access. The hacker may use these files later on return the webpage Quit Glossary: DoS: A Denial of Service attack attempts to crash or hang the program being attacked. Buffer Overrun: An attack method that attempts to copy more data into a string, also known as a buffer, tha to hack further into the system and/or obtain root access on the system. Often, one of the most-sought files using this type of attack is the system's encrypted password file. Hackers can then use a password cracker, such as John the Ripper, to obtain the passwords for all of the users on that system. it can hold. Root: The user with the highest level permissions in a com- puter system. Also known as the "Superuser." White Hats: Hackers who attempt to compromise software in order to find and remove the coding flaws which make hacking possible. Also known as “Security Analysts." Black Hats: Hackers who attempt to compromise software for personal, political, or monetary gain. Source: Greg Hoglund, Gary McGraw. "Exploiting Software: How to Break Code" Addison Wesley Professional -----------------...----- exploitable code