![]() Overall this attack is clever and relatively simple in execution and would pose an extreme danger to users were it used in the wild. Uploading of all traffic captures to a remote server Sniffing traffic and man-in-the-middle attack Installation of a Trojan for later access ![]() Įxploitation of browser on splash screen.In his demonstration during Defcon Security Jam in 2008, Rich showed how he was able to package Eager Ed's attack (above) into a self-contained, automated package.Īmong other tricks, several of the exploits used in this setup included: One of the best real-world examples of the attack described above was Rich Mogull's demonstration of a man-in-the-middle attack on a Starbuck's wireless users. Although this is done at DefCon to provide a learning experience, there are plenty of users sitting at coffee shops ready to provide the Zukin with the opportunity to gather potentially useful information. The gleaned information – including usernames, passwords (partial), and domains connected to – is then put into an application and displayed for all the attendees to see. The Wall of Sheep, using a variety of tools to sniff traffic on the wireless network used at the conference, pulls out the credentials being used to log into various social networking sites, e-mail, and a variety of other services. This can be done by actual session hijacking, either by using cookies from a user machine, or by hijacking the users TCP session, or can be a matter of sniffing credentials directly from the network.Ī good illustration of this type of activity can be found in the “Wall of Sheep,” 1 a regular appearance at the well-known DefCon security conference. It is usable in a variety of circumstances but basically boils down to waiting for an authorized user to gain access to a system or application, then impersonating the user and using their credentials to take over the session. Thomas Wilhelm, Jason Andress, in Ninja Hacking, 2011 Credential HijackingĬredential hijacking is a perfect example of a logical timing attack. ![]() and international businesses had become dependent on the air transportation system over the last few decades. The attacks not only resulted in the deaths of thousands of innocent victims, but also further demonstrated how much both U.S. The attacks demonstrated that tourism was now at the forefront of nonconventional warfare, that civilian homefront populations were highly vulnerable to attack, and that in a world of interconnected economies, such an attack could damage national economies around the world. The 9/11 attacks not only demonstrated how vulnerable a major world power was to a well-coordinated hijacking used for military purposes against civilian targets, but created a major economic shock wave that impacted a great deal of the United States and world economies. Prior to the attacks on September 11, most hijackings were of a limited scope, and although there were actions such as the Entebbe raids, most people did not necessarily integrate these acts of terror into their private lives. These multiple acts at the same time changed the course of aviation security and demonstrated clearly to the world that a civilian aircraft could be used as a weapon of mass destruction. The hijackings that occurred on September 11, 2001, may be the world’s most famous cases of plane hijacking. Tarlow, in Tourism Security, 2014 September 11, 2001
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |