Author Archive Jayanthi

Avatar ByJayanthi

Anatomy of the Shellshock vulnerability

Reading Time: 3 minutes

If you thought, remotely seizing a machine and making it obey your orders was what sci-fi movies were made of, think again! The Shellshock vulnerability or the Bash bug vulnerability discovered in September of 2014 by Stephane Chazelas, a security researcher at Akamai firm allowed hackers to do exactly that in reality!

 It was different from other vulnerabilities because it attacked Unix, Linux and Mac OS machines instead of the traditional Windows systems. NIST (National Institute of standards and technology) named the vulnerability as, CVE-2014-7169.  It is to be noted that the terms Shellshock and Bash bug will be used interchangeably in this article.

 Why is it so named?

It was so named because it exploited a vulnerability in the shell of the Unix, Mac OS and Linux operating systems. The Shell of the Unix and Linux environment is known as GNU ‘Bourne again shell’ which gives the vulnerability its name ‘BASH’. The vulnerability affected all versions of Bash from 1.14 to 4.3.

This shell is the command line interpreter (that which is used to run commands) which is the crucial component in the vulnerability. The critical point about the Bash bug or the Shell shock vulnerability is that the machine can be exploited remotely and can be brought completely under the control of the attacker.

Hungry? Order from Swiggy!! 🙂 

In a nutshell, how does it work?

The flawed design of Linux/Unix/Mac OS Bash shell executes code after definition of the environment variable, first. Web applications are particularly susceptible since they take user input and execute accordingly. For example, when setting environment variables

env e=’() { :;}; echo new command

The interpreter executes the malicious code ‘echo new command’ first, specified after the environment variable and then executes the environment variable.  

What happens if the vulnerability has been exploited on your machine?

If your machine has been compromised and the vulnerability has been exploited these are some of the things that the hacker can do:

  1. take complete control of the OS
  2. install backdoors
  3. view/change database usernames and passwords
  4. ruin the web server by modifying its contents
  5. deface websites(TrendLabs Security Intelligence blog, 2014)

Now let’s move onto the move onto the most important point of the article, the anatomy of the attack.

 

Anatomy of the Shellshock attack:

The shellshock or the Bash bug vulnerability can be exploited under three circumstances:

  1. Machines running HTTP server using CGI scripts(which require no authentication)
  2. Machines running SSH(which require authentication)
  3. Machines running DHCP server

 

 

     We will discuss the anatomy of the Shellshock attack on the HTTP server running CGI scripts.

As an example, let us consider two machines one running Kali Linux (which is the victim machine) and one running Ubuntu OS (which is the attacker machine) Our Kali Linux system will be using the Apache web server which will be victim server.

  1. Create a CGI script and save it with .cgi extension on the victim machine. For simplicity, place it in the root folder of the Apache web server.
  2. Make sure the CGI script is executable and Apache web server executes it.
  3. Start the web server and execute the CGI script to make sure that it works accordingly
  4. Go to the attacker machine and create a ‘reverse TCP payload’ by means of Metasploit. Metasploit being a bundle of payloads and exploits – it is wise to use the popular ‘msfpayload’ for this. Note: The “reverse shell” is used by the attacker to create a listener on his machine and the victim machine connects to it. The attacker then gets the shell code.
  5. Once the “payload” has been created, make sure to see that it is indeed there.
  6. The ‘curl’ command is then used to send the payload to the victim machine by making use of ‘Bash’ vulnerability. The ‘curl’ command is the command to send data to/from a server. This can be monitored by the listener on the attacker machine. By now, the victim machine is completely under the control of the attacker. (EXPLAINED: What is SHELL SHOCK or BASH BUG and How to EXPLOIT!)

This is the successful anatomy of the Shellshock attack. To protect oneself from the Shellshock vulnerability, it is necessary to apply regular updates as and when they are released.

Bibliography

EXPLAINED: What is SHELL SHOCK or BASH BUG and How to EXPLOIT! (n.d.). Retrieved from Youtube.com: https://www.youtube.com/watch?v=u1H12rMdLTg

TrendLabs Security Intelligence blog. (2014, September 25). Retrieved from TrendMicro: https://blog.trendmicro.com/trendlabs-security-intelligence/shell-attack-on-your-server-bash-bug-cve-2014-7169-and-cve-2014-6271/

 

 

 

 

 

 

 

 

 

 

 

 

 

Avatar ByJayanthi

The ‘Interview’….

Reading Time: 2 minutes

Several years ago, a young lady wearing a salwar kameez, walked into a quiet place in a hesitant way. The environment was fairly formal and the people in the place made her feel quite warm and comfortable. This was the first time she was meeting them.

Her father had already hinted that this might not be the usual type of conversation. After the initial formalities, the conversation shifted its focus towards the real reason why she was there.

The interview process:

She was working in a computer training center then and the leading person in the situation asked a few questions along  these lines:

  1. “What computer language had she studied while she was in college?”
  2. ” What computer language did she teach now?”
  3.  “Was the concept of pointers in ‘C’ really hard?”

If you think, this was a technical interview, think again!

     There were also other non-technical questions such as:

  1. “Why was she not wearing any gold bangles – did she not like jewellery?”(all from first impression! :))(True – She had never liked gold jewellery!)
  2. “How would she like her future husband to be?”
  3. “Did she like to have an arranged marriage or love marriage?”

   I am not sure whether you are able to figure out the lead questioner in the above conversation…. it was a would-be father-in-law and a would-be daughter-in-law having a conversation! 🙂

 

 

 

How did it happen?

Contrary to most other ways of getting married in India, this couple got married in a novel way. The parents, sister and the girl were called for an appointment to meet the prospective groom’s family! By a strange turn of events, they marched right into their house without thinking twice(normally, it is the groom’s family that marches into the girls house!)  The would-be father-in law, mother-in-law and the groom’s grand mother were all present and the casual interview began!! 🙂

housejoy.in(40% cashback on all services )

Only one obvious  person asked the questions – while the two other members remained silent. A person of excellent mathematical and computer skills, it was not easy to get past the would-be father-in-law’s questioning. Word had it that he could crack integration problems with ease even at his age!

Most of the questions that he asked(like love/arranged marriage etc and the many technical computer questions absolutely threw the girl off! – who would go for a wedding discussion and answer questions about pointers in ‘C’?!! :)) It was the frankness and outspokenness of the father-in-law and the girl’s ability to answer them boldly that really sealed the interview. 

The girl did crack the interview because she did marry the boy just a few months later! 🙂

And no prizes for trying to identify the characters in the above story! 🙂

 

Avatar ByJayanthi

The ‘Apple’ of my eye! :)

Reading Time: 2 minutes

For most of the Apple lovers possessing iPhones, iPods, Mac books and iPad and so on, this week was an exciting week as it saw the  launch of the iPhone 8, iPhone 8S and iPhone X. How will the new iPhone X be? Pronounced iPhone ’10’ and not iPhone ‘X’, this is the thought for most of the world(if not all!) Till we can lay our hands on it or see someone who lays their hands on it 🙂 we can only surmise a few details as of now:

Features of iPhone XDescription   
Pre-orders starting date in IndiaOctober 27
Sales will start fromNovember 3 in India
Price of iPhone X$ 999 and up

89,000 Rs in India
Wireless charging
Display5.8 inch OLED display

Highest resolution display:

2436x1125 pixels at 458 pixels per inch
Authentication Face ID instead of Touch ID and NO home button

Appearance Durable glass in the front and back

Water and dust resistant


Battery life14 hours of Internet use
ProcessorA11 Bionic chip(can manage 600 billion operations per second)

6 core processor
CameraDual 12MP TrueDepth cameras

Storage64GB

Planning to go somewhere? Try booking flights through ‘Makemytrip‘!!

The most interesting features of the iPhone X  are:

  1. Price – $999 for US markets and a cool lakh for Indian markets(256GB variants)
  2. Processor speed – The iPhone X has the A11 Bionic chip supposedly the most powerful and smartest chip
  3. Battery life – The iPhone X boasts of 14 hrs of Internet usage which will be tested in due time(Scientific American)
  4. Camera – It has a larger and faster megapixel sensor(for camera buffs and geeks, there is plenty in store with the new iPhone X to achieve superior quality pictures) 
  5. Face ID – This is obviously the most talked about authentication feature of the new iPhone X – ‘face recognition’. Apple has done away with the home button and introduced the ‘face recognition’ feature which raises interesting and new questions. While biometrics is always a better way of authenticating a user than the traditional username and password combination(not to forget remembering the umpteen number of passwords) face ID might be much more trickier than  other biometrics.  These are some of the key points regarding Face ID:
  •   For now, only one face ID will be supported per device.
  •   Going by the number of thoughts around the web, what if the device can be unlocked while sleeping or by an identical twin?

           iPhone user experience is always beautiful and in India where owning an iPhone(or any Apple product and any version) is a symbol of pride, it remains to be seen if the new iPhone X will live up to its standards. Most of the details and doubts will only be solved in due course of time – but one final question that is on everyone’s mind – is it too pricey even by Apple standards?

Thanks to Satish for his thoughts, suggestions and tips for this post!

 

 

 

 

 

Avatar ByJayanthi

Types of hackers

Reading Time: 1 minute

In today’ post, we will see the different types of hackers:

 

Try Club Mahindra today!

Avatar ByJayanthi

Which is more secure: SSL, TLS or HTTPS

Reading Time: 2 minutes

Data that is passed “as-is”(without encryption) is prone to attacks by hackers and people with malicious intent. In order to pass critical financial information without being eavesdropped, it is crucial to encrypt all data. Encrypting communication allows one to pass credit card numbers, banking information and other sensitive details between the client and server and it is more secure. Encryption between the client and server is done by SSL/TLS. Before seeing which is a more secure protocol,we will first understand the terms SSL,  TLS  and HTTPS.

SSL is ‘Secure Sockets Layer‘ and it is used to secure the connection between the client and server. It makes use of public key encryption(when a public key may be used encrypt and private key may be used to decrypt –  or it can work the other way around too) and it works at the transport layer of the OSI model. It provides data integrity, confidentiality for the connections between the client and server. 

 

 SSL is now known as TLS or ‘Transport layer security‘. It is again a cryptographic protocol that is used to encrypt all communication between client and server. SSL 3.0 officially became TLS and TLS 1.2 is the latest version.  TLS is backward compatible to secure older SSL connections. 

‘HTTPS’ is ‘Hyper text transfer protocol secure’. HTTP is the building block of the Internet. HTTPis ‘HTTP’ secured with SSL/TLS.  HTTPS is synonymous with security during transmission.  Connections can be understood to be encrypted by seeing the padlock at the left hand corner of the screen or by seeing ‘https’ instead of ‘http’.

Now coming to the original question of which is more secure TLS is more secure as SSL has given way to TLS. But since communication security is still understood as SSL, it can be said that SSL/TLS is more secure. 

 

Note: HTTP vs HTTPS image source: Google images

 

 

 

 

 

 

 

Avatar ByJayanthi

Have you heard about cyber diplomacy?

Reading Time: 1 minute

‘Diplomacy’ is defined as “the art of dealing with people in a sensitive and tactful way” and cyber diplomacy is a careful extension to that.

Social media is an absolute necessity for individuals, businesses and government organizations. Most major heads of state are present either on Facebook, Twitter and/or other social media platforms. Given the openness of social media platforms, interactions are easy at all levels with these social media channels.  It is also easy for heads of state to carry out conversations with each other and/or with ordinary citizens. 

Read More

Avatar ByJayanthi

Magic of ‘Belur’!

Reading Time: 2 minutes

I have always been a fan of history and particularly Indian history. India is a glorious and old country with a rich heritage. There are numerous temples and other architectural monuments all around the country which are several hundred years old. While I have never had the opportunity to visit the monuments in the Northern part of India, the temples at Hampi, Halebidu and Belur(in the southern part of India) hold a special place in my heart. Words and pictures do poor justice to the exotic monuments.Join me as I try to recreate the magic of  ‘Belur’ in this post.

Read More

Avatar ByJayanthi

Definition of the day: Honeypots

Reading Time: 1 minute

“Honeypots” in network security is a computer system which entices hackers to attack it.  All ports are kept open on the  system and the computer acts normally with its services(but in reality, it is isolated and monitored) The main idea behind setting up “honeypots” is used to study the motives of malicious individuals and track their actions.

 

 

It must be noted that none of the production systems are connected to the “honeypot” system and no vital business information is lost during the “honeypot” project.

Avatar ByJayanthi

Introduction to Bitcoins

Reading Time: 4 minutes

Even as the Bitcoin fork is making news, and there is  “Bitcoin” and  “Bitcoin cash” now, we will deal with the elementary aspects of “Bitcoin” and “Blockchain” in this post.

“Bitcoin” first appeared in 2009, but they are much more prominent now, thanks be to better adoption by individuals and professionals. In this post, we will understand the meaning of the “Bitcoin” cryptocurrency, some basic terms related to it and the way it works.

Read More

Avatar ByJayanthi

Definitions: What is “Deep web?”

Reading Time: 1 minute

Coming close on the heels of my previous post –  “Dark web“, we will be defining “Deep web” in this blog post.  Similar to “Dark web, the “Deep web” cannot be searched by traditional search engines as well. So, what is present in this “Deep web”, which sounds so similar to “Dark web”?  Here are a few features of the “Deep web”:

1. They cannot be indexed by popular search engines as well.

2.  The “Deep web” has content that you do not want everyone to see. The “Deep web” contents are:bank account statements,  contents of your email , medical information, academic information, databases and any dynamically generated information.

While “Dark web” is associated with illegal content, “Deep web” does not have that connotation.

3. In addition, it does not require special browsers to view it.

As seen in the previous blog post, surface web(the place where we mostly interact like Facebook, Twitter and other social media channels), the “Deep web” and the “Dark web” are best represented by an “iceberg”. The iceberg is the perfect representation of the amount of information that is visible to us (which is hardly any!)

Join me as I uncover more of the tangled web in Information Security! 🙂