Security Programing Techniques

Posted on by
Reply

INTRODUCTION

The main goal of this post is to introduce the reader with the security programing techniques into deferent program languages and operating system security models. The post is introducing four following topics:

  1. Session storage’s in Ruby on Rail
  2. Parameterized statements into Java with JDBC, C# with ASP.NET, PHP5, php-mysqli, Perl, Python and Hibernate Query Language (HQL)
  3. Unix permission model, Unix ACL and Windows 7 security
    model
  4. Finding all the security vulnerabilities in bash script

Each topic will be divided into own section, where at the end of each topic we stated the reference and additional reading material. The source code, scrips and the additional task were given by the lecture. However this will help the readers and people interesting into programing for further work and involvement with the above topics.

Continue reading

Honeypot document

Posted on by
Reply

INTRODUCTION

The main goal of laboratory report is to identify possible leaked/stolen information,
documents from our system without recognising that attacker had an access. Thus access of the document will inform us immediately with the information of the burglar. The report should highlight the following aspects:

 

  • Constructed an document as non malicious code, for instance honey document that will help us to track from where, who, information about the system, etc. is using our document.
  • Detail description of process, how did we build the document and the idea behind the tracking system.
  • Description of needed infrastructure that is tracking the document. Continue reading

Identify Possible Infection of Malware Into the Wireshark Capture File

Posted on by
Reply

INTRODUCTION

The main goal of laboratory report is to identify possible infection of malware into the
wireshark capture file. The report should highlight the following aspects:
• Download https://sim.cert.ee/hw/download.pcap
• Find malware download in this pcap and extract malware or malwares find out
where malware was downloaded from.
• What malware, malwares changes in system.
• C&C Names and address.
• Document the process also where You found hints and how exactly You did it (you
need to show Your thought and communication process – please write a summary of
it.)
• Write an incident report. Continue reading

Virtual Machine Malware / Malicious Analysis

Posted on by
2

INTRODUCTION

The main goal of laboratory report is to identify possible infection of two Windows 7 virtual
machine. Virtual machines presented by the lecture:

  • Win 1
  • Win 2

The assignment is following:

Find out what is infecting the machine win1

  • Understand which way is the current malware dangerous to “your organisation”
  • If possible, do clean win1
  • Is win2 clean or it has problems, too?
  • If needed, do clean win2 Continue reading

Mobile Malware Analysis

Posted on by
Reply

PURPOSE

The goal of this post is to identify and analyze mobile malware file: mmc.jar. Thereby please follow the following steps for completing the task:

  • Unpack the file (hint – using zip on .jar)
  • Examine .class files using tool available here (local copies for MacLinuxWin)
  • Find code sending SMSes using ‘sms://’ URI
  • Calculate short number used in SM.send
  • Finally for compiling the code use the developing tool Eclipse IDE.
Firstly, we are going to analysis the Java source code after decompilation. The accent is to find the code that is sending an SMSes using the ‘sms://’ URL. After identifying the linking associated classes we have to compile the code to move toward to final results of URLs. For this purpose we are using the developing tool Eclipse IDE.
Therefore, the results and the sent SMSes URLs are going to be presented into conclusion section. Which will complete the task and will yield the basic analysis of mobile malware file. Continue reading

Regular Expression

Posted on by
Reply

This post delivers solution of advance regular expression. In the following lines we describe the goal and the rules of the task, whereby follows with the working solution.

Task

Write a regular expression for matching the names which follow the following rules:
1) Each name consists of one or more parts. If there are two or more parts, they are separated either with a single space (” “) or dash (“-”) character.
2) Each name part must consist of letters only. The name part must begin with an upper-case letter which are followed by one or more lower-case letters. Each name part can  have an optional prefix which begins with an upper-case letter, followed by one or more lower-case letters. Continue reading

Analyses of Malware Files

Posted on by
1

PURPOSE

The main goal of laboratory report is to identify three analyses of malware files from the
archive file send by the lecture. The archive contains 89 malware files. The way how we
choice 3 files is by following algorithm:
1. Soft them by name
2. First use last number of your student code + your birthday day
3. Second, generate random number from http://www.random.org/ and only if it does not match first number use it for choosing the file
4. Third, use random number generator again and if it does not match first or second
number use it. Continue reading

IP Responsibility and abuse reporting procedure

Posted on by
Reply

PURPOSE

The main goal of laboratory report is to identify the responsibilities for the IP addresses
below and how we can make connection to them. IP addresses are randomly chosen by
the lecture.
IP addresses:
1. 69.163.171.238
2. 31.44.184.101
3. 188.72.228.69
External IP that is used for purpose of this test is following: 193.40.244.0/255 1. Continue reading

Script Kiddie

Posted on by
Reply

PURPOSE & SCENARIO

The goal of this laboratory test is to make effort to attack server and to deface website.
Here is the scenario: your client is worried about some stuff posted on a blog. They ask You to take care of it. They have a throwaway “script kiddie”[Script kiddie] in a third world country, who will mount the attack so You don’t need to worry about hiding the attackers identity.
Therefore, we need to devise a way to attack wordpress (default installation) based
site to render it unusable (page view times over 60 seconds). Attack resources: one PC with Microsoft Windows XP, a script kiddie, internet connection of 2Mbit/s. In addition, server has to stay down for two days and script kiddie has up to 1 day to set up the attack. Continue reading

Cost of DDoS, leak of credit card numbers, infected machine and spam

Posted on by
Reply

PURPOSE

The main goal of laboratory report is to identify the costs of nowadays most known attack  DDOS, leak of credit card numbers, infected machine and never the less sending spam for 1 000 000 (one million) people. There are few points that should be presented:

  • Where did we discovered the information (links or sources)
  • What kind of source of communication we used, for instance: instant messing, ICQ, IRC, which contact we have gather the information
  • What are the prices for the above attacks. Continue reading