Posted on

Beginners guide to IoT security

Hello, aspiring ethical hackers. In this blogpost you will learn about IoT security or Internet of Things (IoT) security. But before you understand IOT security, you need to understand what Information of Things (IOT) is.

What is Information of Things (IoT)?

A few years back, getting an internet connection to our home was a bit rare and costly. I remember most of my friends had a computer at home but nobody had internet. Nowadays, even device (that once existed without the need of internet) can be connected to the internet.

These devices include lightbulbs, security cameras, fans, Refrigerator, Washing machine and almost all the devices of a smart home. They are connected to internet to add comfort to humans. All these devices are together known as Internet of Things (IOT).

Unlike your computer, laptop or mobile, these devices don’t need any human interaction to connect to internet.

What is IoT security?

As you should have figured out by now, IoT security is ensuring the security of these devices to protect your network.

What are various threats to IoT security?

Every device that is connected to internet is vulnerable to hacking. MIRAI botnet proved it. Internet of Things (IoT) devices are built with usability and human comfort in mind. The most common threats to IOT devices are.

1. Firmware vulnerabilities:

Every digital device has a firmware which is similar to a operating system on a computer. However, it cannot by easily updated as a operating system. So, once a vulnerability is detected in the firmware and exploited in an IOT device, it is difficult to upgrade or patch it.

2. Credential attacks:

Although IoT devices come with credentials, these are default credentials that hat are insecure and easy to guess. In most IoT devices, these credentials cannot even be reset or changed. So, any attacker can easily guess the credentials, take control of the devices.

3. Man-in-the-Middle attacks:

Man in the middle (MiTM) attacks are just not limited to computers and servers. It is also possible to perform packet sniffing and password sniffing between the IOT device and the server it is connecting to. If the transmission is taking place in clear text, hackers can sniff on it.

4. Physical access attacks:

Most IoT devices are placed in easily accessible locations. If hackers can get hold of this device, they can take control of the device.

Posted on

Beginners guide to Cloud security

Hello, aspiring ethical hackers. In this blogpost, you will learn about cloud security. Before you learn about cloud security, you need to have a basic idea about what is cloud computing or cloud. Let me give you an example. Have you ever used Gmail or any other email service? What do you do to check your email? You open a browser or email client and go to the URL of the email service, enter your credentials and finally read your mails or start composing an email. Have you ever thought where all the mails are stored? Definitely not on your own system. They are stored elsewhere. Well, this is exactly how cloud computing works.

What is cloud computing?

Cloud computing is providing of computer system resources like data storage, computing power, networking, servers and software etc over the internet on demand.

Types of Cloud computing

Services in cloud can be provided as per anyone’s need with customization. However, there are three models of cloud computing that are generally preferred.

1. Infrastructure as a Service (IaaS):

In this model of cloud service, customers rent the building blocks of computing like servers (physical or virtual), storage and networking. It is usually rented by those organizations which want to have complete control over their cloud. The needed software and applications are installed by the organization.

2. Platform as a Service (PaaS):

What if organization or users don’t have the technical know how about installing everything on their rented hardware on cloud. The PaaS model comes to their rescue. This model comes with the installation of required tools and software along with basic computing resources provided in IaaS. For example, imagine you want to rent a WAMP server on cloud. Along with the basic computing resources, it comes with a Windows 10 machine with WAMP server installed on it. You still have to create the websites to be hosted on the WAMP server.

3. Software as a service (SaaS):

The most popular cloud model, it provides just all the resources and software you need. For example, let’s just say you rented a WordPress website on cloud for you. All you have to do is login into the WordPress website on your browser and upload blogposts. Rest all the cloud provider takes care for you.

What is Cloud Security?

Cloud security is the concept of providing security to the cloud-based systems from all the usual threats and dangers of cyber security. Cloud security is the responsibility of both the cloud service provider and the end user.

What are some cloud security threats?

Systems in cloud are vulnerable to all threats usual networks do like zero-day-vulnerabilities, DoS, phishing and malware etc.

Posted on

Beginners guide to Bluetooth hacking

Hello, aspiring ethical hackers. In this blogpost, you can learn about Bluetooth hacking. Bluetooth is a short-range wireless technology standard used for exchange of data between devices.

Bluetooth is mainly used as an alternative to exchange of data using wires. The range of Bluetooth is very short may be over 10 meters.

What is Bluetooth hacking?

Exploitation of vulnerabilities in Bluetooth technology standard to hack Bluetooth enabled devices is known as Bluetooth hacking.

Modes of Bluetooth

A Bluetooth device can be set in two modes. Discoverable and Non-Discoverable.

  1. Discoverable: In discoverable mode, the Bluetooth device is visible to other Bluetooth enables devices.
  2. Non-discoverable: As you should have guessed by now, in this mode, the device is not visible to other Bluetooth enabled devices.

Pairing modes

Similarly, Bluetooth has two pairing modes. They are Pairable mode and Non-pairable mode.

  1. Pairable mode: In this mode, the Bluetooth device accepts the pairing request upon requested.
  2. Non-pairable mode: In non-pairable mode, the Bluetooth device rejects the pairing attempt.

Various Bluetooth based attacks

There are various Bluetooth based attacks. Some of them are,

1. Bluejacking:

Bluejacking is the attack in which an attacker can send messages to other users from the victim’s phone using Bluetooth.

2. Blue snarfing:

In this attack, an attacker can exploit Bluetooth to steal sensitive data from the target mobile phone.

3. Bluesmacking:

Similar to Ping of Death DoS attack, in this attack, attacker sends a oversized ping packet using Bluetooth to the victim’s device causing a buffer overflow attack.

4. Bluebugging:

In this attack, the attacker gains access to the target’s device using Bluetooth without target user being aware of it.

5. Blueprinting:

In this attack, the attacker tries to printout the data information of the target user’s mobile phone.

6. MAC spoofing attack:

: In this attack, just like any MAC spoofing attack, the attacker spoofs the MAC address of the target user’s mobile phones.

7. Man in the Middle (MitM) attack:

The attacker places himself between two Bluetooth devices.

Impact of Bluetooth hacking

Bluetooth attacks can lead to various threats. These include,.

  1. Leak of calendars and address book.
  2. Sending spurious SMS messages.
  3. Bugging devices.
  4. Sending premium messages.
  5. Social engineering
  6. Installing malicious code
Posted on

Complete guide to web server hacking

Hello, aspiring ethical hackers. This blogpost is a complete guide to web server hacking. To understand web server hacking, you need to first understand what is a web server.

What is a web server?

A web server is a server that serves webpages. Every organization nowadays definitely has a website which is important for their business. To serve these websites, web servers are needed.

Structure of a web server

A webserver consists of both hardware and software components. Examples of popular web server software are Apache, NGINX, Microsoft IIS, Lighthttpd, node.js, Apache Tomcat and LiteSpeed etc. To store data, web servers use a database. Most popular databases in use are MySQL, Oracle, Microsoft SQL Server, PostgreSQL, MongoDB, Redis, MariaDB, Splunk, SQLite etc.

Web pages on the web server can be accused using web clients which are also called as browsers. You already know about various popular browsers. Typical web server uses various languages to build a website. The basic languages and their purpose are given below.

What is web server hacking?

Hacking or compromising of a web server is known as web server hacking. Web servers provide easier access to a company’s network as nobody is blocked from accessing a web server. So, a vulnerability in web server can easily provide hackers access to the company’s network.

Web server Hacking Methodology

The methodology of web server hacking is similar to hacking anything in cybersecurity.

1. Information gathering / Footprinting:

This can be done by whois footprinting, DNS footprinting, website footprinting and banner grabbing.

2. Scanning:

This includes port scanning, service scanning and vulnerability scanning with Nikto and other tools.

3. Exploiting any vulnerabilities and gaining access

Types of web server attacks

There are many attacks that can be used to compromise web servers.

1. Website Defacement:

As you have read earlier, website defacement is the changing of the visual elements of a webpage (most probably, index page) to display a message or simply as nuisance.

2. Misconfiguration attack:

Sometimes, hackers can exploit misconfigurations in the configuration of a web server to hack web servers (For example, use of default credentials or using default setting).

3. DNS Server Hijacking:

A DNS server resolves hostnames to its IP addresses. If the DNS server is breached, hackers can lead genuine users or visitors of a website to a fake website.

4. Web Cache poisoning attack:

The temporary web cache can be poisoned with malicious entries to lure victims to a malicious url.

5. FTP brute force attack:

Many web servers use FTP service to upload files to the web server. If hackers can brute force the credentials of the FTP server, he can upload malicious files to by webserver. Learn more about FTP hacking.

5. SSH brute force attack:

Similarly, if the SSH credentials the web server as compromised, attackers can take control of the entire web server.

6. File upload attack

7. Directory traversal / LFI attack

8. Cross-site scripting (XSS) attack

9. CSRF attack

10. Command Injection attack

11. SQL injection attack

12. Phishing attack

13. Password cracking attack

14. Session Hijacking attack

15. Packet sniffing attack

16. Server side request forgery (SSRF) attack

17. Buffer overflow attack

18. DoS / DDoS attack

Impact of a web server hacking

Compromise of a web server can have many affects. Most important of them are,

1. Data breach and Data theft:

Compromise of a website can result in a data breach and data theft.

2. Leak of sensitive information:

Sometimes, a web server compromise can leak sensitive information about a company or organization.

3. Website defacement:

Every website has an index page that is the page that loads when you visit a website. When hackers change the index page and replace it with another page, it is known as website defacement.

4. Secondary attacks:

Once a web server is compromised, it can be used by hackers for other malicious purposes like hosting malware, to perform a DDoS attack or using it as a proxy to perform attacks on other websites.

Posted on

Session Hijacking for beginners

Hello aspiring Ethical Hackers. In this blogpost, you will learn about session hijacking. In March 2023, the YouTube channel of youtuber Linus Sebastian was hacked. Hackers deleted all his videos and uploaded a few videos on crypto currency. It was later discovered that hackers used session hijacking to gain access to Linus Sebastian YouTube channel. With the advent of passkeys, biometric and password less authentication, hackers are finding it difficult to grab credentials using password cracking. So, they are increasingly turning their attention towards session hijacking. What is session hijacking? To understand that you need to first understand what a session is.

What is a Session?

You login into a number of websites daily. You should have noticed that you don’t have to login again and again into some of the websites. I mean you are kept in logged in state on a website and you don’t have to enter your username and password again and again.

How is this possible? Well, HTTP & HTTPS are itself stateless and hence sessions are used by almost all the webservers to keep the user logged in and track him. A session is assigned as soon as user logs in and it is kept active for a particular period of time or until the user decides to log out.

What is a Session ID?

These active sessions are tracked using piece of text called a Session ID. Usually Session ID is included as part of a cookie.

What is Session Hijacking?

A session hijacking or cookie hijacking is the stealing of a session by whatever means. Once a hacker steals a session, he can perform all actions a legitimate user of that account can perform. No need to crack passwords anymore.

Types of Session Hijacking

1. Session Fixation:

In a Session fixation attack, the attacker tries to fix the session ID for another user. This is only possible if the webserver accepts Session ID’s from URL.

2. Session sniffing:

In packet sniffing and password sniffing, you learnt how hackers can sniff the data in transit. Not just these, even session IDs can be sniffed using any packet sniffer like Wireshark, tcpdump, Ettercap, dsniff, kismet and driftnet etc. This is done by sniffing on cookies if they are being transmitted without any encryption as they contain the session IDs.

3. Cross Site Scripting (XSS):

In our previous article you learnt about Cross Site Scripting. Hackers can also use it to steal a session ID.

4. Malware:

Hackers can install session hijacking malware on the victim’s computer and steal the session ID. Learn more about malware.

5. Brute forcing:

Not just credentials, even session ID’s can be brute forced by hackers. However, they need to have some knowledge about the structure of the session ID before attempting brute force.