Results 1 to 40 of 40

Thread: [Computer Security] Demonstration of the aurora hack: how hacking works.

Threaded View

  1. #1

    Thread Starter
    Hyperactive Member Maven's Avatar
    Join Date
    Feb 2003
    Location
    Greeneville, TN
    Posts
    322

    [Computer Security] Demonstration of the aurora hack: how hacking works.

    I've been pushing for a computer security section on vbforums. And in the discussion, one of the members was interested in how exploits like stuxnet works. In this post, I'm going to write a guide on how to demonstrate a professional hack called Aurora. You can read about the history of this hack here: http://en.wikipedia.org/wiki/Operation_Aurora It was written by the Chinese government, and it was used to gain access to Google. In response to this hack, Google left China.

    Before we begin with this tutorial, there is a few things we need to cover. First and foremost, do not attempt to use this exploit on unaware machines without permission. You would be in violation of the computer fraud and abuse act, and you will rightfully go to prison. This is a demonstration for security purposes that we will do on our own machines. Never attempt to defeat security of remote machines without express written permission. Even if your doing it for educational purposes, you will still go to prison. In addition, you will follow these instructions at your own risk. Do not deviate from my instructions.

    The purpose of this post is to teach you why updates are important. I also want to teach you a little bit about professional hacking. You need to know what you are up against so that you can train people in your respected companies. I would recommend crafting spam emails in house and track employees who click on them. If they click, they go through training. In a basic nutshell, I want you to be better programmers and IT personnel.

    So to begin, we need some tools:
    1. A copy of an unpatched windows XP with IE6.
    2. A copy of backtrack with metasploit.
    3. A virtual machine like vmware.

    Setup Instructions:
    1. Install Windows XP and Backtrack on the virtual machine.
    2. Start both operating systems on the virtual machine.
    3. In windows xp, check the ipaddress by going to command prompt and typing "ipconfig"
    4. In backtrack, check the ipaddress b going to the terminal (if your in gui mode) and typing "ifconfig"
    5. Make sure both operating systems are able to ping each other. If they don't, change the network settings in your virtual machine. In windows command prompt, you can check the ip address by typing "ipconfig". In backtrack, you type "ifconfig" in terminal. On each system, "ping IPADDRESSHERE" is the command to ping.

    Now that we have our network setup properly, we now need to setup the exploit.

    <removed by admin>

    Now that we have configured the exploit, we need to get it running.
    Type "exploit" in terminal.

    You should now see that the exploit is now running on an ip address. It will give you a url like http://YOURIPADDRESSHERE:80/

    Now that we have everything up and running, it's time to deploy the hack.
    1. In windows XP, start up IE6.
    2. Type in the URL given in metasploit that so that IE6 connects to the server. IE6 will get laggy as the exploit fills up memory and cracks the system.
    3. In backtrack, you should see the machine trying to connect to the exploit server.
    4. Once you see a session is open, type "session -i 1" in backtrack terminal.
    5. Next, type "run migrate" This will move our exploit deeper into the victim machine so that we are no longer dependent on the user running IE6.
    6. Now lets upgrade our privileges on the victim machine by typing "get system" in terminal.
    7. You can type "ps" to see all of the processes running on the machine. You can now access that machine like a putty connection.

    Professional hackers create applications like these so that they can get into corporate systems. These groups usually consist of two teams:
    1. Technical team that deals with the exploits.
    2. Application domain team that deals with subject matter material. If the target is a chemical company, they'll have chemist and knowledgeable people in the industry in the application domain team. They create very convincing emails that attempt to get people in the company to click on a link so that they can get access to their system like we did in this tutorial. In addition, they'll review the application domain information that they are seeking to steal.

    You need to train all employees that use computers on spam emails. Also, as I stated above, try to write very convincing emails and test your employees constantly. If they click on them, they need training.

    I hope you people got something out of this =)
    Last edited by brad jones; Jun 26th, 2014 at 08:06 AM. Reason: Can't give step-by-step on an illegal exploit
    Education is an admirable thing, but it is well to remember from time to time that nothing that is worth knowing can be taught. - Oscar Wilde

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  



Click Here to Expand Forum to Full Width