Preface | p. ix |
Intelligence Gathering: Peering Through the Windows to Your Organization | p. 1 |
Physical Security Engineering | p. 1 |
Dumpster Diving | p. 2 |
Hanging Out at the Corporate Campus | p. 3 |
Google Earth | p. 5 |
Social Engineering Call Centers | p. 6 |
Search Engine Hacking | p. 7 |
Google Hacking | p. 8 |
Automating Google Hacking | p. 9 |
Extracting Metadata from Online Documents | p. 9 |
Searching for Source Code | p. 12 |
Leveraging Social Networks | p. 13 |
Facebook and MySpace | p. 13 |
Twitter | p. 16 |
Tracking Employees | p. 17 |
Email Harvesting with theHarvester | p. 18 |
Resumés | p. 19 |
Job Postings | p. 21 |
Google Calendar | p. 23 |
What Information Is Important? | p. 24 |
Summary | p. 25 |
Inside-Out Attacks: The Attacker Is the Insider | p. 27 |
Man on the Inside | p. 28 |
Cross-Site Scripting (XSS) | p. 28 |
Stealing Sessions | p. 29 |
Injecting Content | p. 30 |
Stealing Usernames and Passwords | p. 32 |
Advanced and Automated Attacks | p. 36 |
Cross-Site Request Forgery (CSRF) | p. 39 |
Inside-Out Attacks | p. 39 |
Content Ownership | p. 50 |
Abusing Flash's crossdomain.xml | p. 51 |
Abusing Java | p. 52 |
Advanced Content Ownership Using GIFARs | p. 55 |
Stealing Documents from Online Document Stores | p. 57 |
Stealing Files from the Filesystem | p. 64 |
Safari File Stealing | p. 65 |
Summary | p. 70 |
The Way It Works: There Is No Patch | p. 71 |
Exploiting Telnet and FTP | p. 72 |
Sniffing Credentials | p. 72 |
Brute-Forcing Your Way In | p. 74 |
Hijacking Sessions | p. 75 |
Abusing SMTP | p. 76 |
Snooping Emails | p. 78 |
Spoofing Emails to Perform Social Engineering | p. 79 |
Abusing ARP | p. 80 |
Poisoning the Network | p. 81 |
Cain & Abel | p. 82 |
Sniffing SSH on a Switched Network | p. 83 |
Leveraging DNS for Remote Reconnaissance | p. 85 |
DNS Cache Snooping | p. 86 |
Summary | p. 90 |
Blended Threats: When Applications Exploit Each Other | p. 91 |
Application Protocol Handlers | p. 93 |
Finding Protocol Handlers on Windows | p. 96 |
Finding Protocol Handlers on Mac OS X | p. 99 |
Finding Protocol Handlers on Linux | p. 101 |
Blended Attacks | p. 102 |
The Classic Blended Attack: Safari's Carpet Bomb | p. 103 |
The FireFoxUrl Application Protocol Handler | p. 108 |
Mailto:// and the Vulnerability in the ShellExecute Windows API | p. 111 |
The iPhoto Format String Exploit | p. 114 |
Blended Worms: Conficker/Downadup | p. 115 |
Finding Blended Threats | p. 118 |
Summary | p. 119 |
Cloud Insecurity: Sharing the Cloud with Your Enemy | p. 121 |
What Changes in the Cloud | p. 121 |
Amazon's Elastic Compute Cloud | p. 122 |
Google's App Engine | p. 122 |
Other Cloud Offerings | p. 123 |
Attacks Against the Cloud | p. 123 |
Poisoned Virtual Machines | p. 124 |
Attacks Against Management Consoles | p. 126 |
Secure by Default | p. 140 |
Abusing Cloud Billing Models and Cloud Phishing | p. 141 |
Googling for Gold in the Cloud | p. 144 |
Summary | p. 146 |
Abusing Mobile Devices: Targeting Your Mobile Workforce | p. 149 |
Targeting Your Mobile Workforce | p. 150 |
Your Employees Are on My Network | p. 150 |
Getting on the Network | p. 152 |
Direct Attacks Against Your Employees and Associates | p. 162 |
Putting It Together: Attacks Against a Hotspot User | p. 166 |
Tapping into Voicemail | p. 171 |
Exploiting Physical Access to Mobile Devices | p. 174 |
Summary | p. 175 |
Infiltrating the Phishing Underground: Learning from Online Criminals? | p. 177 |
The Fresh Phish Is in the Tank | p. 178 |
Examining the Phishers | p. 179 |
No Time to Patch | p. 179 |
Thank You for Signing My Guestbook | p. 182 |
Say Hello to Pedro! | p. 184 |
Isn't It Ironic? | p. 189 |
The Loot | p. 190 |
Uncovering the Phishing Kits | p. 191 |
Phisher-on-Phisher Crime | p. 193 |
Infiltrating the Underground | p. 195 |
Google ReZulT | p. 196 |
Fullz for Sale! | p. 197 |
Meet Cha0 | p. 198 |
Summary | p. 200 |
Influencing Your Victims: Do What We Tell You, Please | p. 201 |
The Calendar Is a Gold Mine | p. 201 |
Information in Calendars | p. 202 |
Who Just Joined? | p. 203 |
Calendar Personalities | p. 204 |
Social Identities | p. 206 |
Abusing Social Profiles | p. 207 |
Stealing Social Identities | p. 210 |
Breaking Authentication | p. 212 |
Hacking the Psyche | p. 217 |
Summary | p. 220 |
Hacking Executives: Can Your CEO Spot a Targeted Attack? | p. 223 |
Fully Targeted Attacks Versus Opportunistic Attacks | p. 223 |
Motives | p. 224 |
Financial Gain | p. 224 |
Vengeance | p. 225 |
Benefit and Risk | p. 226 |
Information Gathering | p. 226 |
Identifying Executives | p. 226 |
The Trusted Circle | p. 227 |
Twitter | p. 230 |
Other Social Applications | p. 232 |
Attack Scenarios | p. 232 |
Email Attack | p. 233 |
Targeting the Assistant | p. 238 |
Memory Sticks | p. 239 |
Summary | p. 240 |
Case Studies: Different Perspectives | p. 241 |
The Disgruntled Employee | p. 241 |
The Performance Review | p. 241 |
Spoofing into Conference Calls | p. 243 |
The Win | p. 245 |
The Silver Bullet | p. 245 |
The Free Lunch | p. 246 |
The SSH Server | p. 247 |
Turning the Network Inside Out | p. 249 |
A Fool with a Tool Is Still a Fool | p. 252 |
Summary | p. 253 |
Chapter 2 Source Code Samples | p. 255 |
Cache_Snoop.pl | p. 265 |
Index | p. 269 |
Table of Contents provided by Ingram. All Rights Reserved. |