Tm hiu qu trnh tn cng ng dng ca hacker Cp nht ngy 05/07/2011,11:00:46 Khi phm vi ng dng ca cc Web application ngy cng

ph bin th kh nng xut hin li v b tn cng cng cao. Trong cc lnh vc hacking, hack Web application lun l mt cng vic c hacker nhm n nhm mc ch ph hoi hay phc v mt yu cu no ca h. Bi vit ny khi qut cc giai on trong qu trnh tn cng ca hacker.

Cc giai on qu trnh tn cng ca hacker u tin hacker tin hnh thu thp thng tin v h tng ca mc tiu, m hnh ca cc Web Server, kiu giao tip thng tin thng qua cc cng (port) no, nhng site lin quan n vic thc hin chc nng ca site mc tiu... Vic thu thp thng tin l vn quan trng cho vic tn cng vo mt h thng my mc tiu. Cho d hacker tn cng theo phng din phn cng hay qua ng dng th vic thu thp vn l cn thit. Giai on 1: Thu thp thng tin (Trc khi hacker bt u lm cng vic, 3 yu t cn thit phi c lm y : FootPrinting, Scanning, Enumeration). - FootPrinting (In du n - thu thp thng tin): L bc m k tn cng thu tm cng nhiu thng tin cng tt v i tng, ngi dng, doanh nghip, cc chi nhnh ca cng ty, my ch bao gm cc chi tit: Domain Name, a ch IP, Networking Prototcols y l mt bc quan trng: Cho hacker nhiu thng tin, i khi vi nhng thng tin ny hacker c th lm ch h thng. S dng cng c Nslookup, SmartWhois - Sanning (Qut thm d mng): Phn ln thng tin quan trng t server c c t bc ny. Xc nh h iu hnh, xc nh h thng c ang chy khng, tm hiu cc dch v ang chy hay ang lng nghe, tm hiu cc l hng, kim tra cc cng, xc nh cc dch v s dng giao thc TCP v UDP... - Enumeration (im danh mng - lit k tm l hng): n y, cc hacker bt u kim sot

server s b. Bc ny l tm kim nhng ti nguyn c bo v km, hoc ti khon ngi dng m c th s dng xm nhp, bao gm cc mt khu mc nh, cc script v dch v mc nh. S dng cng c: DumpSec, NbtScan, SuperScan Giai on 2: Phn tch v hnh ng - Gaining Access (t nhp h thng): Hacker s tm cch truy cp vo mng bng nhng thng tin c c ba bc trn. Phng php c s dng y c th l tn cng vo li trn b m, ly v gii m file password, hay brute force (kim tra tt c cc trng hp) password, t nhp qua cc cng m S dng cng c: Tcpdump, Remote Buffer Overflows, Brute-force password attacks - Privilege Escalation (Nng quyn h thng): Trong trng hp hacker xm nhp c vo mng vi mt ti khon no , th h s tm cch kim sot ton b h thng. Hacker s tm cch crack password ca admin, hoc s dng l hng leo thang c quyn. K xm nhp c th truy cp vo cc files hay folder d liu m ti khon ngi s dng ban u khng c cho php truy cp. Khi hacker t c mc quyn truy cp cao, h c th ci t phn mm nh l Backdoors v Trojan horses, cng nh cho php truy cp su hn v thm d. Mc ch chung ca hacker l chim c quyn truy cp mc qun tr. Khi xem nh c ton quyn iu khin h thng mng. C th s dng Sniffer bt cc gi tin, t phn tch tm ra mt khu. - Pilfering (Khai thc h thng): Thng tin ly t bc trn hacker nh v server v iu khin server. S dng cng c: Configuration files, Registry, Telnet, Ftp Giai on 3: Dng v xo du vt - Creating Backdoors (To cng hu): chun b cho ln xm nhp tip theo c d dng hn. Hacker li Backdoors, tc l mt c ch cho php hacker truy nhp tr li bng con ng b mt khng phi tn nhiu cng sc khai ph, bng vic ci t Trojan hay to user mi. y l cc loi Trojan, keylog, creat rogue user accounts - Covering Tracks (Xo du vt): Sau khi c nhng thng tin cn thit, hacker tm cch xo du vt, xo cc file LOG ca h iu hnh lm cho ngi qun l khng nhn ra h thng b xm nhp hoc c bit cng khng tm ra k xm nhp l ai. S dng cng c: Clear logs, Zap, Event log GUI, rootkits... C th trong nhng bc nu hacker khng cn phi i qua theo th t hay phi thc hin ht, nhng vic nm r thng tin ca my mc tiu lun l iu kin tin quyt dn n thnh cng trong vic tn cng. Ty vo thng tin thu thp c m hacker s quyt nh tn cng theo k thut no, xy dng mt kch bn tn cng ph hp.

D tn cng di bt k vi mc ch g th hu qu nh hng u rt ng k, thit hi to ln v uy tn, kinh t, gy thit hi cho ngi dng mng, b nh cp thng tin, c th b hacker li dng tn cng mt t chc khc, tn dng pht tn la o Nu khng thnh cng trong vic xm nhp bng cc k thut ph bin, th DOS (Denial Of Service) l cch thc m hacker thng la chn lm cho h thng khng th hot ng c. Do , vic bo mt cho mt h thng cn i hi s kt hp khng ch ca ring nh qun tr h thng m cn ca nh thit k ng dng v s hp tc ca c nhng khch hng s dng ng dng.