Overview
Explore network security vulnerabilities and attack techniques in this conference talk from PhreakNIC 16. Delve into transport networks, cyber attack models, and the potential exploits of routers and switches. Learn about trust relationship exploitation, Oracle database attacks including username/password enumeration and dictionary attacks, and running OS commands through PL/SQL. Examine practical examples of network exploits using Oracle PL/SQL, analyze SNMPWALK results, and understand HSRP MITM attacks through packet analysis and crafting. Gain insights into network instrumentation and enhance your understanding of cybersecurity threats and defenses.
Syllabus
Introduction
Transport Networks
Cyber Attack Model
What Can You Do With a Router or Switch?
Example Cyber Attack Exploiting Trust Relationship
Oracle Username Password Enumeration
Oracle Password Dictionary Attack
Run OS Commands From Oracle PL/SQL
Example of a Network Exploit Using Oracle PL/SQL
PL/SQL Query - SNMPWALK Results
HSRP MITM-Packet Analysis
HSRP MITM-Packet Crafting
Instrumentation