Root-me

From Embedded Lab Vienna for IoT & Security
Revision as of 10:49, 12 January 2021 by JKrzyzak (talk | contribs)
Jump to navigation Jump to search

Root-me

Root-me is a non-profit organization whose aim is to offer a great learning platform for ethical hacking. Together with its members, Root-me builds up a community where everyone can contribute as well as participate to the website’s development. Since it was founded in 2010 it became a platform offering the largest number and variety of content dedicated to cyber security such as ethical hacking or forensics as well as numerous exercises to train ethical hacking. Another name for ethical hacking is penetration testing which is performed using penetration testing tools.

Background

Rapid changes in the IT do not only bring more benefits into our everyday life but also cause new challenges for IT security. It is difficult nowadays to find any company that does not take advantage of the online services for better management, organization, or advertising. It thus seems necessary to protect this part of a business. Unfortunately, cyber-attacks definitely became the norm. Unauthorized individuals try to gain access to confidential data and resources by breaking into a system and get more and more creative in exploiting vulnerabilities. This led developers to undertake regular system checks in order to prevent potential attacks. This process is called a penetration test.

Penetration testing

A penetration test (PEN test) is a simulated cyber-attack against a system to identify its weak points. As a result, all present safety vulnerabilities should be detected. Those can have several different origins – human errors, bad design, or poor system configuration. Identifying the insecure areas does not only help to protect sensitive data from attackers and intruders but it also checks the strength of the organization’s security policies, the employee security awareness, and the general reaction to security events . In order to provide a platform for practical ethical hacking and information security, Root-Me was created.

Test models

Several test models are used to perform ethical hacking to ensure that the most vulnerabilities will be discovered. The most common are:

  • external test: aims to exploit externally visible servers and devices, for instance the email server. Here the hacker tries to find possibilities how an attacker could gain access to the system.
  • internal test: an attack done by an authorized user is simulated
  • blind test: a real attack is simulated, the employees know about it and the ethical hacker gets very little knowledge about the whole system
  • double blind test: where only a few people within the organization know that a penetration test is going to take place

Test types

Due to the variety of possible exploits, the defense system as well as the company as a whole has to checked for possible weak points. In the most cases it is not enough to ensure that all employees are using strong passwords. In some cases it may not be difficult to get the password or it even not is necessary to know it to enter the system in order to harm it. Therefore, it is necessary to check as many potential entry points as possible. Different test types are used for this purpose and they include:

  • Network penetration test

This is all about inspecting the system by analyzing packets by e.g. performing deep packet sniffing and protocols. Network penetration testing aims to detect vulnerabilities in order to prevent violations such as Brute-Force attacks, SQL injections or Man-in-the-Middle attacks. A multitude of tools exists for this kind of testing and can principally be divided into two groups: tools which are mainly used to analyze the system and tools for actually attacking the system. Metasploit, the most used penetration testing automation framework in the world, offers both. Wireshark, Nmap or Netsparker are examples of tools for simply analyzing a network and all of them are free to use for everyone. Ettercap, an attacking tool, lets you perform a Man-in-the-Middle attack. On Root-me users can find many more freely available more or less popular tools and learn to use them by performing tasks in the provided challenges.

  • Wireless penetration test

Here, the goal is to ensure WiFi security and application security. Interestingly, WiFi security options have been very weak until 2005 as hackers could break into the system of TJ Maxx, over TJ Maxx’ wireless LAN that has been secured by a rather powerless form of securing, namely Wired Equivalent Privacy (WEP). As a consequence, over 40 million customer records were stolen, which included millions of credit card numbers. However, this event led specialists to provide better solutions for protecting wireless connections.

  • Social engineering

In this case the employee is exploited to gain access to desired resources. Professionals even tend to say that it is actually a human, who acts as the weakest link in the security chain. This leads to the situation, in which one does not need any programming skills or knowledge about a system in order to harm the company. A number of experiments have been done and documented showing how easy it often is to get passwords or any other informations by fooling someone. Kevin Mitnick, 'world's most famous hacker,' is the best example for social engineering. In his book, ‘Ghost in the wires’, he tells many stories about tricking people into giving him the informations he wanted.