Presentation Material
Abstract
Web Hacking
Web hacking is the next generation of hacking “kung fu.” The previous generation of hackers concentrated on operating systems and network protocols, but operating systems are getting more robust and resistant to attacks and network protocols are getting more secure. On the other hand, e-commerce technology is increasingly common and complex. Unfortunately, not enough effort has been spent on securing Web-based infrastructure. Join us for an eye-opening demonstration on what can go wrong with poorly secured Web applications, how severe the risks are, and how to protect yourself and your company from these Web ninjas.
We shall be covering vulnerabilities ranging from web server misconfigurations, improper URL parsing, application level vulnerabilities, Java application server hacking and some special advanced techniques.
AI Generated Summarymay contain errors
Here is a summarized version of the content:
The speaker is discussing security and rootkits on Windows 2000 machines. They mention that they are running on unpatched machines, but vendors have patched most issues. The speaker has debug privilege, which allows them to run code as a system authority.
They demonstrate installing Hogan’s rootkit on the system, which enables them to hide files and processes, and sniff keyboards. However, they mention a tool called Vision that can detect such stealth tricks.
The conversation is interrupted by a side discussion about debug privileges, where it’s mentioned that giving developers debug privileges can be beneficial for local machine development without violating company policies.
The speaker also mentions the NTI rootkit, which has features like file and process hiding, and keyboard sniffing. They promote their tool Vision, which can detect such rootkits even if they don’t appear in the task manager.
Finally, the speaker shares a humorous image of two individuals, Dave Blanc and Schultz, riding horses together, as a tribute to their friendship.