HashFlare
安全篇 - For Security

Recently I find my blog being injected with malicious js which redirects my site to a malicious website,  it took me some time to fix it, although now removed the injection, I really want to stop this malicious site from running, so I have the following steps for you to do if you face the same issue, at least the offender has been suspended by one of the hosting when they received my complaint.

Step 1: NSLOOKUP: look up and find IP addresses in the DNS

http://www.kloth.net/services/nslookup.php

Step 2: Now, do a WHOIS lookup on the IP address at

https://www.arin.net/

Use the link arin.net provides to contact the owner of the IP address to report the abusive content.

Step 3: send email to their abuse department

in my case, I need more steps because as the organization “The RIPE NCC” says that it is one of five Regional Internet Registries (RIRs) that allocates blocks of IP addresses to Internet service providers (ISPs) and other organizations, but has no involvement in how these addresses are used.

Step 4: go to Find Abuse Contacts in their network IP Database( my case the network provider is RIPE)

https://www.ripe.net/support/abuse

Step 5: email them or contact their customer service by opening a ticket

wait for their feedback

 

 

refer:

Reporting Malware and Phishing https://sg.godaddy.com/help/reporting-malware-and-phishing-12000

Start by Example of Communication through RSA
 Client/Hacker1: HI
 Server/Hacker2: Hi,I am server,( server send digital certificate)
 Client: (Action:Validate the certificate and got the public key[2048Bits],confirmed and then send random string *** to Server,Hacker2 failed)
 //Hacker1: (Action: send a simple string to server like 123456)
 Server: (Action: Calculated hash of the string,encrypt with private key, send message to Client/Hacker1)
 Client: (Action: decrypt message with public key and equal to hash(***), confirmed, Hacker1 failed)
 {ok, let's communicate with my Symmetric-key algorithm.}
 (Send the algorithm and key encrypt with public key)
 Server: <Symmetric-key&algorithm>{Ok,what I can do for you}
 Client: <Symmetric-key&algorithm>{I wanna check my bank balance}
 ..................
 上面描述了HTTPS通信握手的过程,简短描述就是:
 1.浏览器发出https请求
 2.服务器回应发送包含公钥的证书(由CA颁发)
 3.浏览器生成随机密钥,并用公钥加密,发送给服务器
 4.服务器用私钥解密获取随机密钥
Browser connects to a web server (website) secured with SSL (https). Browser requests that the server identify itself.
Server sends a copy of its SSL Certificate, including the server’s public key.
Browser checks the certificate root against a list of trusted CAs and that the certificate is unexpired, unrevoked, and that its common name is valid for the website that it is connecting to. If the browser trusts the certificate, it creates, encrypts, and sends back a symmetric session key using the server’s public key.
Server decrypts the symmetric session key using its private key and sends back an acknowledgement encrypted with the session key to start the encrypted session.
Server and Browser now encrypt all transmitted data with the session key.

OAUTH2 flow

oauth2What Is SSL (Secure Sockets Layer) and What Are SSL Certificates?

https://www.digicert.com/ssl.htm

 

1.install certificates
open visual studio developer command prompt, and run command

makecert.exe -sr LocalMachine -ss My -a sha1 -n CN=AuthSrv -sky exchange -pe
makecert.exe -sr LocalMachine -ss My -a sha1 -n CN=ResSrv -sky exchange -pe

Attention:

here this two digital certification is not for https or SSL, is only for OAuth2 token encryption,

for https https://sg.godaddy.com/help/request-an-ssl-certificate-562

relation between Oauth2 and https:

Security considerations

The OAuth2 protocol does not guarantee confidentiality and integrity of communications. That means you must protect HTTP communications using an additional layer. One possible solution is the usage of SSL/TLS (HTTPS) to encrypt the communication channel from the client to the server.

The first version of OAuth (OAuth1) supported an authentication mechanism based on the HMAC algorithm to guarantee confidentiality and integrity; OAuth2 does not (although a Draft proposal exists to support MAC tokens). The lack of message hashing is the primary concern raised regarding the security of OAuth2, and the one most developers complain about (e.g. this blog post by Eran Hammer, the ex-lead of the OAuth specifications).

In a nutshell, always use HTTPS for OAuth2, as it’s the only way to guarantee message confidentiality and integrity with this protocol!

iis_server_certificatesiis_bind_ssl


2.grant full control of certificates to iis_iusrs
mmc_certificates

then right click, select All Tasks/Manage Private Keys/Add/Advanced/Find Now,select IIS_IUSRS(if you can not find,look up and confirm your Locations, make sure it’s under your own PC)

Be aware, this is to demonstrate oauth2 on iis, in practice, Auth Server holds Auth Key pair(public&private key)+ResSrv(public key), Res Server holds Res Key pair(public&private key)+AuthSrv(public key), that’s

make it RSA, but actually this two server don’t communicate with each other directly, Client will request access token from Auth Server, and then send request to Resource Server,Resource Server decrypt user info by authsrv public key.

 

assumption : user agent(browser), client web site cl.com and Client app, oauth server web site srv.com, api web site: api.com,in this scenario,api web site is actually the resource server

user visit client site and  oauth login on srv.com, client site server can get access api site to retrieve data

oauth server code:

oauth2.class
[CustomizeAuthorize, HttpGet]
[HttpHeader(“X-Frame-Options”, “SAMEORIGIN”)]
public ActionResult Index(){//Authorize Page 授权页面
var pendingRequest = AuthorizationServer.ReadAuthorizationRequest(); //generate Code
pendingRequest.ExtraData[“User”] = this.User.Identity.Name;

if (((OAuthServerHost)this.authorizationServer.AuthorizationServerServices).CanBeAutoApproved(pendingRequest))
{
var approval = this.authorizationServer.PrepareApproveAuthorizationRequest(pendingRequest, this.User.Identity.Name);
var response = this.authorizationServer.Channel.PrepareResponse(approval);
return response.AsActionResult();
}

var client = DB.Instance.GetClient(pendingRequest.ClientIdentifier);
var model = new OAuthViewModel
{
AppKey = pendingRequest.ClientIdentifier,
AppName = client.Name,
Scope = pendingRequest.Scope,
ResponseType = pendingRequest.ResponseType == EndUserAuthorizationResponseType.AccessToken ? “token” : “code”,
Redirect = pendingRequest.Callback.AbsoluteUri,
State = pendingRequest.ClientState
};

return View(model);
}
[CustomAuthorize, HttpPost]
public ActionResult Index(bool approve)
{
var pendingRequest = this.authorizationServer.ReadAuthorizationRequest(); //will use Code and models

IProtocolMessage responseMessage = null;
if (approve)
{
DB.Instance.AddAuthorization(new ClientAuthorization
{
ClientIdentifier = pendingRequest.ClientIdentifier,
Scope = pendingRequest.Scope,
OpenId = this.User.Identity.Name,
IssueDate = DateTime.UtcNow
});

responseMessage = this.authorizationServer.PrepareApproveAuthorizationRequest(pendingRequest, this.User.Identity.Name, pendingRequest.Scope); // change response to 302 redirect,redirect url is in pendingRequest
}
else
{
responseMessage = this.authorizationServer.PrepareRejectAuthorizationRequest(pendingRequest);
}

var response = this.authorizationServer.Channel.PrepareResponse(responseMessage);
return response.AsActionResult();
}
[AcceptVerbs(HttpVerbs.Get | HttpVerbs.Post)]
public ActionResult Token()
{
return this.authorizationServer.HandleTokenRequest(this.Request).AsActionResult();
}
CustomizeAuthorize.class :AuthorizeAttribute
override bool AuthorizeCore(HttpContextBase httpContext){
//check HttpContext.Request.IsAuthenticated
//sometimes can check session also(set identity if session exists)
}
override void HandleUnauthorizedRequest(AuthorizationContext filterContext)

according to The OAuth 2.0 Authorization Framework

Authorization Grant ………………………………….8
1.3.1. Authorization Code …………………………….8
1.3.2. Implicit ……………………………………..8
1.3.3. Resource Owner Password Credentials ……………..9
1.3.4. Client Credentials …………………………….9

Type 1: Authorization Code:

client Code:

private readonly WebServerClient client;
private readonly static AuthorizationServerDescription authServerDesc = new AuthorizationServerDescription()
{
TokenEndpoint = new Uri(TOKEN_ENDPOINT),
AuthorizationEndpoint = new Uri(AUTHZ_ENDPOINT),
ProtocolVersion = ProtocolVersion.V20
};
client = new WebServerClient(authServerDesc, clientId);
[HttpGet]
public ActionResult Index()
{
client.RequestUserAuthorization(new[] { “” }, new Uri(Url.Action(“login”, “home”, null, this.Request.Url.Scheme)));

return new EmptyResult();
}

[HttpGet]
public async Task Login()
{
client.ClientCredentialApplicator = ClientCredentialApplicator.PostParameter(clientSecret);
var authorization = client.ProcessUserAuthorization();//wait for token generated by oauthServer
if (authorization != null)
{
if (authorization.AccessTokenExpirationUtc.HasValue)
{
client.RefreshAuthorization(authorization, TimeSpan.FromSeconds(30));
}

string token = authorization.AccessToken;

string scope = “user_name,nick_name,avatar_url”;

using (var httpClient = new ApiHttpClient(token))
{
var content = new StringContent(JsonConvert.SerializeObject(new { user_scope = scope }), Encoding.UTF8, “application/json”);

//// setting for https only
//System.Net.ServicePointManager.ServerCertificateValidationCallback += (sender, certificate, chain, errors) => true;

var apiResponse = await httpClient.PostAsync(ApiEndPoint, content);
if (apiResponse.IsSuccessStatusCode)
{
return new WrapperHttpResponseMessageResult(apiResponse);
}

return Content(“call api failed”);
}
}

return Content(“authorize failed”);
}

public class ApiHttpClient : HttpClient
{
public ApiHttpClient(string accessToken)
: base(new ApiMessageHandler(accessToken))
{ }

class ApiMessageHandler : MessageProcessingHandler
{
string accessToken;
public ApiMessageHandler(string accessToken)
: base(new HttpClientHandler())
{
this.accessToken = accessToken;
}

protected override HttpRequestMessage ProcessRequest(HttpRequestMessage request, CancellationToken cancellationToken)
{
request.Headers.Authorization = new AuthenticationHeaderValue(“Bearer”, this.accessToken);
return request;
}

protected override HttpResponseMessage ProcessResponse(HttpResponseMessage response, CancellationToken cancellationToken)
{
return response;
}
}
}

Request capturing analysis

1.cl.com/home/login

2.srv.com/oauth2?response_type=code&client_id=123456&redirect_uri=http:%2F%2Fcl.com%2Fhome%2Flogin&scope=

run CustomizeAuthorize, if not login yet(AuthorizeCore) will kick to (HandleUnauthorizedRequest)

3.srv.com/home/login?customizeReturnUrl=%2Foauth2%3Fresponse_type%3Dcode%26client_id%3D123456%26redirect_uri%3Dhttp%3A%252F%252Fcl.com%252Fhome%252Flogin%26scope%3D
at this point, you need to log return url for later redirection after successfully login.

then post to login, success then redirect to customizeReturnUrl,
run CustomizeAuthorize again,then enter action Index continue previous request

4.srv.com/oauth2?response_type=code&client_id=123456&redirect_uri=http:%2F%2Fcl.com%2Fhome%2Flogin&scope=

first time will show Authorization Page(render with

@using (Html.BeginForm())
{
@Html.Hidden("client_id", this.Model.AppKey)
@Html.Hidden("redirect_uri", this.Model.Redirect)
@Html.Hidden("state", this.Model.State)
@Html.Hidden("scope", DotNetOpenAuth.OAuth2.OAuthUtilities.JoinScopes(this.Model.Scope))
@Html.Hidden("response_type", this.Model.ResponseType)
@Html.Hidden("approve", true)

}

) , when you click button ‘Authorize Now’,will post data back to oauth2/index?approve=true,after this redirect to original url:
5.cl.com/home/login?code=*******
now, client side start to post Client Secrect
client.ClientCredentialApplicator = ClientCredentialApplicator.PostParameter(clientSecret);
var authorization = client.ProcessUserAuthorization();[server side will check secrect and create token]

successfully!!!

 

Way 2: Client Credentials: app level oauth

public async Task AppClient()
{
var token = await GetToken();

string result = String.Empty;
using (var apiHttpClient = new ApiHttpClient(token))
{
//// setting for https only
//System.Net.ServicePointManager.ServerCertificateValidationCallback += (sender, certificate, chain, errors) => true;

var content = new StringContent(“{\”param_key\”:\”param_value\”}”, Encoding.UTF8, “application/json”);
var apiResponse = apiHttpClient.PostAsync(APIEndPoint, content).Result;
if (apiResponse.IsSuccessStatusCode)
{
result = apiResponse.Content.ReadAsStringAsync().Result;
return Content(result);
}

return Content(“failed: ” + apiResponse.StatusCode.ToString());
}
}
private async Task GetToken()
{
using (var httpClient = new OAuthHttpClient(clientId, clientSecret))
{
var content = new FormUrlEncodedContent(new Dictionary<string, string>
{
{“grant_type”, “client_credentials”}
});

var response = await httpClient.PostAsync(TOKEN_ENDPOINT, content);
var responseContent = await response.Content.ReadAsStringAsync();
if (response.StatusCode == System.Net.HttpStatusCode.OK)
{
return JObject.Parse(responseContent)[“access_token”].ToString();
}

return responseContent.ToString();
}
}

Case Study:

oauth2 server implementation interactive with third party oauth login

oauth-implement

 

协议:
The OAuth 2.0 Authorization Framework
参考书籍:
Pro ASP.NET Web API Security.pdf
ASP.NET Identity
参考阅读:

Decouple OWIN Authorization Server from Resource Server

Security and cryptography
Makecert.exe(证书创建工具)
IIS中的SSL Certificate 证书配置
DotNetOpenAuth
Real World OAuth using ASP.NET MVC
ASP.NET MVC 中实现真实世界中的 OAuth 身份认证
用DotNetOpenAuth实现基于OAuth 2.0的web api授权
使用DotNetOpenAuth搭建OAuth2.0授权框架
各种语言实现的oauth认证
Asp.Net MVC 4 Web API 中的安全认证-使用OAuth
[OAuth]基于DotNetOpenAuth实现Client Credentials Grant

扩展阅读:
数字证书原理
网上银行安全证书工作原理
WCF开发框架之证书加密使用说明书

 

OAuth 2.0 (without Signatures) is Bad for the Web

 

黑客隐私密码-安全牛

黑客隐私密码-安全牛
Facebook等大型互联网公司推动的服务器与数据中心、大数据工具的开源化项目类似,当大型互联网公司们在超大规模基础设施运营方面面临的挑战超出技术厂商的能力时,这些巨头就选择反客为主,成为创新技术的推动者和提供者。同样的情况也在信息安全领域中发生着。不少大型互联网公司经常会将自己开发的顶级安全工具开源,推动整个互联网的安全发展。

本月早些时候安全牛曾介绍过Google开源的web安全测试工具Firing Range、Nogofail以及Facebook开源的Osquery等。

事实上不仅Google、Facebook,包括Netflix甚至Etsy.com这样的电商网站也都贡献过精品开源安全工具。

以下安全牛为大家汇总整理十大互联网巨头的开源安全工具,供大家收藏参考:

一、安全猴 Security Monkey

securitymonkeyHead

“安全猴”是Netflix三年前开发的一个安全工具,能够对亚马逊云服务的配置进行监控和安全分析,组件功能包括监控各种AWS账号组件,机遇规则的开发和执行活动,在审计规则被触发时通知用户,并存储配置历史信息用作电子取证和审计目的。

二、OSquery

OSquery是Facebook刚刚发布的一个安全工具,为安全专业人士提供了一个可调用底层操作系统功能的系统,例如启动进程、加载内核模块、在SQL数据库表中打开网络连接进行查询和监控等。

三、Skyline

Skyline是电商网站Etsy技术团队开发的一个类似Nagios的实时异常侦测系统,主要目的是为安全团队提供一个可扩展的被动监控指标体系——可以同时跟踪成百上千的指标。

四、MIDAS

MIDAS是Etsy与Facebook安全团队合作为Mac电脑开发的一个轻量级可扩展的入侵侦测系统。开发团队希望从MIDAS开始,企业开始留意OSX系统端点的常见攻击模式。

五、Secureheaders

Secureheaders是Twitter送给web开发者的一份大礼,作为一款web安全开发工具,Secureheaders能够自动实施安全相关的header规则,包括内容安全政策(CSP),防止XSS、HSTS等攻击,防止火绵羊(Firesheep)攻击以及XFO点击劫持等。

六、Google Rapid Response

GRR(Google Rapid Response)是Google开发的一个时间响应框架,支持进行远程实时取证。Google将GRR以开源工具的方式与安全界分享,可以作为FireEye/Mandiant 的MIR事件响应平台的替代产品。

七、Scumblr和Sketchy

Scumblr和Sketchy是Netflix今年夏天同时发布的两款web应用,可以帮助安全团队监控和记录社交媒体和网络聊天中的安全威胁和攻击。

八、Conceal

Conceal是面向Android平台的一组简单的Java API,能够对SD卡等公共存储设备中的大文件进行快速加密和认证。Conceal由Facebook设计,开发者可利用Conceal开发出能适用于老版本Android的内存和处理器开销较低的加密算法。

九、Rappor

RAPPOR(Randomized Aggregatable Privacy-Preserving Ordinal Response )是Google上月才发布的隐私工具,能够从终端用户软件采集众包统计数据,同时又不侵犯用户隐私。

十、Moloch

Moloch由AOL的技术团队开发,是一个网络流量分析取证工具,能够大规模抓取IPv4数据包,进行索引并存储,可通过一个简单的web界面浏览、搜索和输出所有PCAP数据。

 

— 文章来自安全牛http://www.aqniu.com/tools/security-tools/5732.html

当你连接到互联网的那一刻你的隐私就已经在理论上荡然无存了,所以不要再犯傻了,学会保护自己的前提是知道自己的信息是如何被掳走的!

先感叹一下,最近小米被脱裤+爆菊,台湾爆出小米偷偷将用户照片信息上传至北京某服务器上,为了平息愤怒不妨我们替人家小米想一下,“那么便宜卖给你,让我看一下还不行吗”,也许人家小米只是为了更好的用户体验呢,你如果用小米做的都是正大光明的勾当就不用怕怕…..所以这里先说一句,若要人不知,除非己莫为,互联网就是头上三尺的神明呀!
好了,回到我开篇说的那句话,你也许会反驳我,我TMD就不连接互联网总行了吧,其实

一、Offline Hack 线下黑你

你早已被裹挟在无数信号网络之中,不客气的说,你的血液中都流淌着移动联通的信号

即使你使用诺基亚抗暴击版黑白手机,也会遇到电信诈骗,这些骗子会利用各种技能伪装成各职能部门或银行专业机构的号码敲诈你,当然也会用变音软件变成美女诱惑你博取同情,他们也会利用伪基站接收利用你们的手机验证码信息破解你的账号。

如果你手上还有磁条式的银行卡,你要小心了,坏人会利用射频读卡器在接近你的瞬间完美的复制您的银行卡信息,所以看看周围是否有人挎着黑包异常的接近您….至于您的银行卡密码更有丰富多彩的方式可以获取,比如摄像头在你刷卡提现输入密码的时候已经在记录了,所以一定记得用手遮挡。如果您手里的银行卡是先进的芯片卡,国际上目前没有芯片卡被复制的记录出现,但是现在NFC技术已经可以读取芯片卡部分信息,万一坏人拿到您的银行卡号+有效期+CVV就很危险了(我是指某些带有visa功能的银行卡),用过信用卡应该知道,有了这个三个信息就可以直接消费,对了,这里还要多提醒一句,您在国外的网站消费的话尤其是购买某些服务时一定要小心,大部分都会默认开启自动续费功能,所以钱在你没有察觉的情况下自动转入商家账号,规律性定期查看银行卡消费记录是个好习惯

不要随便办理太多信用卡,不要随便参与街头问卷调查(更不要输入真实信息),复印使用个人身份信息时(身份证/护照/签证/通行证/工卡/学生卡/房卡),多余的一定不要随时丢弃,一定要先销毁。您如果想问这个跟互联网时代的隐私有毛关系,你也许不知道什么叫‘社工库’,你也许不知道黑客的‘社会工程学’,您也许忘记了您已经深陷互联网不可自拔,注册了大量连你自己都忘记的账号,上传了连你自己都已经遗忘了的照片,写过连你自己都已经忘记了的诗篇,hold on,你说我是网络小白,只用过qq,oh,你老婆此时也许正用你的身份证号激活了某款游戏,黑客此时也许已经伪装成修水管的在你家里了(深圳某软件工程师利用职位之便,到委托单位利用U盘病毒篡改了彩票程序盗取千万奖金),我不是恐吓你,当然如果你不是那么重要就不用太担心,我只是想告诉你黑客不是天天黑着脸对着电脑而已。

即使您家的破台式机没有联网,现在也有空气隙病毒可以通过声卡传播,不过不用太担心,这个难度不是一般大,很鲜见,我只是在这里炫耀一下博学而已(嘘….)

二、Online Hack 线上安全

好了,接下来是给网虫们的,如果你此刻正划着手机屏幕/pad大屏幕,对了现在屏幕这么大,你不怕解锁的时候密码被人看到呀??!!可是你只有两只手,一只拿大屏iphone6,一只手输入密码,好像没有手用来遮挡了,好了不用挑战自己了

1.我是想说作为网虫一定要准备好如下几套密码,保你安全等级瞬间满格

四位数–六位数解锁密码,你就姑且认为这个是公开密码就行了,他们的安全等级最低,你也不必太担心,只是锁屏而已。
八位数–十二位数普通密码,这些就用来登录各种网站论坛等,组合是 小写字母+数字,顺序自便。
八位数–十六位数中级密码,这些是用来登录一些等级比较高的常用社交站点,比如qq 人人 fb等等,组合是小写字母+大写字母+数字,顺序自便。
八位数–十六位数高级密码,这些是支付账号相关的密码,组合小写字母+大写字母+特殊字符+数字

2.移动设备不要一直插着电脑,离开电脑记得Windows+L锁屏

3.在公共场合尽量不要用公共wifi,比如某KFC餐厅根本就没有提供免费wifi,但是确有一个KFC-free的信号,这就可能是欺诈的wifi信号,即使是正规的也尽量不要做隐私操作,简单浏览网页即可。

4.支付的时候起码看下是不是走https协议的,比如支付宝,最后支付的时候页面的url会是https******

5.现在有很多网站跟QQ/微博/人人等做了集成,可以直接用这些第三方账号登入到一些网站,如果你不是很信任他们可以这样做,比如你先登录QQ/微博/人人,然后点击你需要登录网站上面的qq图标/微博图标/人人图标,他们都会自动检测到你已经登录qq,此时无需输入用户名密码,如果你是第一次会显示授权页面,确认即可,有些接下来可能需要绑定账号或者注册新账号,反正记住不放心就不要输入你第三方的帐号密码就行了,按照我说的方法登录即可。

6.警惕一切免费的东西

比如云盘,放一些简单的东西就好,不要什么都放,云还没有传说中的安全;硬盘中重要的文件尽量加个锁之类的;
如果你想翻墙,尽量不要用免费的vpn,里面可能有猫腻,花钱买个用吧,不贵的,一顿饭钱就够了,不懂可以联系作者,我就不为某国的vpn做广告了;
下载下来的东西解压缩之前和之后都尽量扫一下毒,尤其是可执行的文件,还有种办法,可以装个虚拟机运行,反正有问题直接force close

如果你要问360呢,也是免费的,说实话我也在用,360毕竟占据了天朝大部分的市场,所以大家一起用还是不用怕怕的,反正要死一起死~

7.永远不要相信通过网络跟你聊天的人,包括你家人朋友

你永远不能确认正在跟你聊天的是什么人,直到你发现破绽,互联网没有善恶,善恶的只是人性,不要冒险去当小红帽,狼外婆可能就在电脑/iphone的那头,所以涉及钱财要多多验证一番。

8.不使用电脑时不要让摄像头对着自己的床或者换衣服的地方,否则不小心你就成了某片主角

对于普通人来说,只要足以对付小级别的工具黑客就行了,大家就是沧海之一粟,没有多大的价值,多数人在意的是我们的钱包以及亲戚朋友的钱包,你自己的安全同样危及到你亲友的安全,至于其他方面的隐私如果您觉着无所谓当然不必在意,精力有限,辛苦的写下着篇文章不容易,希望对你有用,将持续更新….

 

>>>>>科普:

1.社会工程学

社会工程学是世界头号黑客Kevin Mitnick在《欺骗的艺术》中所提出,但其初始目的是让全球的网民们能够懂得网络安全,提高警惕,防止没必要的个人损失。但在我国黑客集体中还在不断使用其手段欺骗无知网民制造违法行为,社会影响恶劣,一直受到公安机关的严厉打击。一切通过各种渠道散布、传播、教授黑客技术的行为都构成传授犯罪方法罪,如出版的《黑客社会工程学攻击2》已被公安机关网安部门所关注,予以打击;一切使用黑客技术犯罪的行为都将受到法律严厉制裁,请读者慎用这把“双刃剑”。

所有社会工程学攻击都建立在使人决断产生认知偏差的基础上。有时候这些偏差被称为“人类硬件漏洞”,足以产生众多攻击方式,其中一些包括:
假托(pretexting)是一种制造虚假情形,以迫使针对受害人吐露平时不愿泄露的信息的手段。该方法通常预含对特殊情景专用术语的研究,以建立合情合理的假象。
调虎离山(diversion theft)
钓鱼(phishing)
在线聊天/电话钓鱼(IVR/phone phishing,IVR: interactive voice response)
下饵(Baiting)
等价交换(Quid pro quo) 攻击者伪装成公司内部技术人员或者问卷调查人员,要求对方给出密码等关键信息。在2003年信息安全调查中,90%的办公室人员答应给出自己的密码以换取调查人员声称提供的一枝廉价钢笔。后续的一些调查中也发现用巧克力和诸如其他一些小诱惑可以得到同样的结果(得到的密码有效性未检验)。攻击者也可能伪装成公司技术支持人员,“帮助”解决技术问题,悄悄植入恶意程序或盗取信息。
尾随(Tailgating)

2.社工库

一种包含很多非法采集或盗取来的用户数据库,里面有你在各大社交网络、邮箱、O2O服务等的数据,这些数据要么是被黑出来的,要么是被内鬼卖出来的。

 

RANDOM POSTS

0 1345
Although this Articles simply collects and gathers links for all front-end developer's or designer's reference, but it's really important to introduce or remind us...