Oh, You Meant *Real* Hacking?

One of my Twitter followers, @KuteKetX, was teasing me about my “Hacking” post, saying that that wasn’t real hacking. Yeah, yeah, I know. Well, just like the term “dark web,” “hacking” is just sort of a catch-all term. I blame pop culture for this.

OWASP, for instance, calls them “attacks,” which is more appropriate. Or perhaps “exploits.” There are too many of these to count, in all honesty, but even just mentioning a few would suffice.

One type of attack is a path traversal attack (a.k.a. directory traversal), which exploits application vulnerabilities and allows adversaries to access files they would not normally be able to enter. The attacker does this by manipulating variables designating the locations of files with dot-dot-slash arrangements.

st-vulnerability-explained-in-snyk

path_traversal_attack&prevention

If you want some more exhaustive lists of exploits, Exploit Database has its fair share, as do Shodan Exploits and CVE – take your pick. The issue is that as soon as one vulnerability is patched, another pops open; the list never ends.

Exploit-DB

shodan_exploits

I suppose you could say that some “real” hacking is done via the terminal; using OS’s like Kali Linux provide many of the tools for you. Personally, I don’t think that disqualifies it; it just makes the process a little easier.

For instance, Kali includes Wireshark, which is a network protocol analyzer; it lets you capture network traffic and browse it in a graphical format.

Wireshark_screenshot

This isn’t hacking, per se, but capturing traffic with Wireshark (or other such tools) can be used to this end – once you have the traffic data in your possession, it’s yours to manipulate as you see fit.

Some of the things you can do with it are:

  • Capture packet data from a network
  • Inspect files containing said network data
  • Import packets from text files with hex dumps of network data
  • Display captured packets, including comprehensive protocol information

Obviously, these aren’t all the possible methods of attack and/or network analysis, but just a few good examples.

Sounds like this post deserves a sequel or two! What else would you like to know?

 

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.