IT Pro Tips

By Mark Burnett

I watched a very interesting WebCast today called Why I Can Hack Your Network in a Day. The WebCast is from a TechEd 2007 presentation by Marcus Murry, a Swedish pen-tester. Marcus’ clever humor and knowledge of the hacking tools makes for an entertaining and informative session.

After a short intro, Marcus jumps right into doing actual demonstrations with commonly-used hacking tools. In his first demo he showed how easily he could build a Trojan using a tool called Beast. He attached the Trojan to Microsoft’s Rootkit Revealer tool and renamed it as “Tech Ed 2007 Rootkit Revealer Special Edition.”

After the Trojan runs, Marcus showed how he could remotely steal files, upload his hacking tools, or even view the remote desktop.

He also did a number of demos on how he could crack both WEP and WPA using widely available tools such as Aircrack-ng. My favorite quote from this demo was “If I were sniffing TechEd I would know everything there is to know about you guys. I’m not; but I would.”

What was interesting and quite effective was that instead of the traditional PowerPoint slides with endless bullet points, he used Microsoft OneNote with diagrams and scribbles for the non-demo parts of the presentation.

The presentation went on to demo a number of other attacks using a variety of tools, including wireless sniffing with AirPcap, a Terminal Services man-in-the-middle attack and ARP poisoning with Cain & Abel, and HTML injection using Paros.

The fact is that we hear so much about all these attacks that we almost become desensitized to the threats. Even for someone like me with a number of years in the security business, seeing usernames and passwords popping never loses its impact. Despite all our progress in security, the fact is that we still have a long way to go before we are actually as secure as we think we are.

It is a very entertaining WebCast, and I highly recommend it to anyone of any level. You can view Why I Can Hack Your Network in a Day on TechNet.