{"id":237,"date":"2022-09-30T13:59:10","date_gmt":"2022-09-30T05:59:10","guid":{"rendered":"https:\/\/www.yuyiares.com\/?p=237"},"modified":"2022-09-30T15:29:18","modified_gmt":"2022-09-30T07:29:18","slug":"ceh-v11-moudle-1-introduction","status":"publish","type":"post","link":"https:\/\/www.yuyiares.com\/?p=237","title":{"rendered":"CEH v11 Moudle 1 – Introduction"},"content":{"rendered":"\t\t
\n\t\t\t\t\t\t
\n\t\t\t\t\t\t
\n\t\t\t\t\t
\n\t\t\t
\n\t\t\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t\t\t\t\t

\u9019\u4e00\u7ae0\u7bc0\u4e0d\u7528\u82b1\u592a\u591a\u6642\u9593\u3002<\/p>

\u57fa\u672c\u4e0a\u8981\u8003CEH\u7684\u4eba\uff0c\u53ea\u9700\u8981\u6ce8\u610f\u898f\u7ae0\u90a3\u90e8\u5206\u5373\u53ef\uff0c\u5176\u4ed6\u61c9\u8a72\u90fd\u6709\u6982\u5ff5\u3002
<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t

\n\t\t\t\t
\n\t\t\t\t\t

0x00 \u8cc7\u5b89\u8981\u7d20<\/h3>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t\t\t\t\t
  • Elements of Information Security (\u8cc7\u8a0a\u5b89\u5168\u7684\u5143\u7d20)<\/span>
    • Confiedemtiality (\u4fdd\u5bc6\u6027)<\/span>
      • \u78ba\u8a8d”\u8cc7\u8a0a\u50c5\u8b93\u6709\u6b0a\u9650\u7684\u4eba\u5b58\u53d6”<\/span><\/li><\/ul><\/li>
      • Integrity (\u5b8c\u6574\u6027)<\/span>
        • \u78ba\u4fdd”\u8cc7\u6599\u4e0d\u6703\u88ab\u975e\u6cd5\u6b0a\u9650\u7684\u4eba\u7ac4\u6539”<\/span><\/li><\/ul><\/li>
        • Availability (\u53ef\u7528\u6027)<\/span>
          • \u78ba\u4fdd”\u7cfb\u7d71\u80fd\u5920\u88ab\u8a8d\u8b49\u7684\u4f7f\u7528\u8005\u6b63\u5e38\u4f7f\u7528”<\/span><\/li><\/ul><\/li>
          • Authenticity (\u9451\u5225\u59d3)<\/span>
            • \u78ba\u4fdd”\u6587\u4ef6\u3001\u901a\u8a0a\u3001\u8cc7\u6599\u7684\u7279\u5fb5\u662f\u771f\u5be6\u4e14\u6b63\u78ba”<\/span><\/li><\/ul><\/li>
            • Non-Requdiation (\u4e0d\u53ef\u5426\u8a8d\u6027)<\/span>
              • \u78ba\u4fdd”\u8a0a\u606f\u7684\u767c\u9001\u8005\u7121\u6cd5\u5426\u8a8d\u81ea\u5df1\u767c\u51fa\u7684\u8a0a\u606f”<\/span><\/li><\/ul><\/li><\/ul><\/li><\/ul>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t
                \n\t\t\t\t
                \n\t\t\t\t\t

                0x01 \u653b\u64ca<\/h3>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t
                \n\t\t\t\t
                \n\t\t\t\t\t\t\t\t\t

                Attacks \u653b\u64ca =<\/span><\/p>

                Motive \u52d5\u6a5f(Goal \u76ee\u6a19) + Method \u65b9\u6cd5 + Vulnerability \u6f0f\u6d1e<\/span><\/p>

                  • \u653b\u64ca\u8981\u6709 \u653b\u64ca\u65b9\u7684”\u65b9\u6cd5\u3001\u52d5\u6a5f” \u8207 \u9632\u79a6\u65b9\u7684\u6f0f\u6d1e<\/span><\/li><\/ul><\/li>
                  • \u00a0<\/li>
                  • Implementation Error <\/span>\u21d2<\/span><\/span><\/span><\/span><\/span><\/span> \u900f\u904e\u8a2d\u5b9a\u6d41\u7a0b\u4f86\u9632\u79a6<\/span>
                    • Security Cap <\/span>\u21d2<\/span><\/span><\/span><\/span><\/span><\/span> \u53ea\u80fd\u900f\u904e\u906e\u853d\u6f0f\u6d1e<\/span><\/li><\/ul><\/li>

                      • \u6839\u64da Vulnerability \u627e\u51fa\u76f8\u5c0d\u61c9\u7684\u65b9\u6cd5\u653b\u64ca<\/span><\/li><\/ul><\/li>
                      • Motive<\/span>
                        • (\u4ee5\u653b\u64ca\u89d2\u5ea6)<\/span><\/li>
                        • religious(\u5b97\u6559),political(\u653f\u6cbb),etc\u2026<\/span><\/li><\/ul><\/li><\/ul>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t
                          \n\t\t\t\t
                          \n\t\t\t\t\t
                          Vulnerability<\/h5>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t
                          \n\t\t\t\t
                          \n\t\t\t\t\t\t\t\t\t
                          • Design flow <\/span>\u21d2<\/span><\/span><\/span><\/span><\/span><\/span> \u53ef\u4ee5\u900f\u904e\u66f4\u65b0\u4fee\u88dc\u6f0f\u6d1e<\/span><\/li><\/ul>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t
                            \n\t\t\t\t
                            \n\t\t\t\t\t
                            Method<\/h5>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t
                            \n\t\t\t\t
                            \n\t\t\t\t\t\t\t\t\t
                            • \u6839\u64da Vulnerability \u627e\u51fa\u76f8\u5c0d\u61c9\u7684\u65b9\u6cd5\u653b\u64ca<\/span><\/li><\/ul>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t
                              \n\t\t\t\t
                              \n\t\t\t\t\t
                              Motive<\/h5>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t
                              \n\t\t\t\t
                              \n\t\t\t\t\t\t\t\t\t
                              • \u653b\u64ca\u89d2\u5ea6<\/span><\/li>
                              • religious(\u5b97\u6559),political(\u653f\u6cbb),etc\u2026<\/span><\/li><\/ul>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t
                                \n\t\t\t\t
                                \n\t\t\t\t\t
                                0x01 - A Threat Categories<\/h5>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t
                                \n\t\t\t\t
                                \n\t\t\t\t\t\t\t\t\t
                                • Network Threats<\/span>
                                  • Information gathering<\/span><\/li>
                                  • Sniffing and eavesdropping<\/span><\/li>
                                  • DNS\/ARP Poisoning<\/span><\/li>
                                  • MITM (Man-in-the-Middle Attack)<\/span><\/li>
                                  • DoS\/DDoS<\/span><\/li>
                                  • Password-based attacks<\/span><\/li>
                                  • Firewall and IDS attack<\/span><\/li>
                                  • Session Hijacking<\/span><\/li><\/ul><\/li>
                                  • Host Threats<\/span>
                                    • Password cracking<\/span><\/li>
                                    • Malware attacks<\/span><\/li>
                                    • Footprinting<\/span><\/li>
                                    • Profiling<\/span><\/li>
                                    • Arbitrary code execution<\/span><\/li>
                                    • Backdoor access<\/span><\/li>
                                    • Privilege Escalation<\/span><\/li>
                                    • Code Execution<\/span><\/li><\/ul><\/li>
                                    • Application Threats<\/span>
                                      • Injection Attacks<\/span><\/li>
                                      • Improper data\/input validation<\/span><\/li>
                                      • Improper error handling and exeception management<\/span><\/li>
                                      • Hidden-field manipulation<\/span><\/li>
                                      • Broken session management<\/span><\/li>
                                      • Cryptography issues<\/span><\/li>
                                      • SQL injection<\/span><\/li>
                                      • Phishing<\/span><\/li>
                                      • Buffer Overflow<\/span><\/li>
                                      • Information disclosure<\/span><\/li>
                                      • Security Misconfigurations<\/span><\/li><\/ul><\/li><\/ul>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t
                                        \n\t\t\t\t
                                        \n\t\t\t\t\t
                                        0x01 - B Attack Vectors<\/h5>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t
                                        \n\t\t\t\t
                                        \n\t\t\t\t\t\t\t\t\t
                                        • APT – Advanced Persistent Threats<\/span>
                                          • \u96b1\u853d\u7684\u5a01\u8105\u884c\u70ba<\/li>
                                          • \u901a\u5e38\u662f\u96b1\u85cf\u5728\u7db2\u8def\u4e2d\u4e00\u6bb5\u6642\u9593<\/li>
                                          • \u901a\u5e38\u6703\u900f\u904eZero day \u9032\u884c\u6ef2\u900f<\/li><\/ul><\/li>
                                          • Cloud computing \/ Cloud based technologies<\/span>
                                            • \u96f2\u7684\u8a2d\u5b9a\u6709\u554f\u984c<\/span><\/li>
                                            • \u96f2\u4e4b\u9593\u7684\u4e92\u76f8\u653b\u64ca<\/li><\/ul><\/li>
                                            • Viruses, worms, and malware<\/span>
                                              • \u77ed\u6642\u9593\u5feb\u901f\u611f\u67d3\u5927\u91cf\u4e3b\u6a5f<\/li><\/ul><\/li>
                                              • Ransomware<\/span>
                                                • \u9650\u5236\u5c0d\u7cfb\u7d71\u548c\u6587\u4ef6\u7684\u5b58\u53d6<\/li>
                                                • \u5e38\u898b\u7684\u52d2\u7d22\u75c5\u6bd2<\/li><\/ul><\/li>
                                                • Mobile Device threats<\/span><\/li>
                                                • Botnets<\/span>
                                                  • Huge network of compromised systems used by an intruder to perform various network attacks<\/span><\/li><\/ul><\/li>
                                                  • Insider attacks<\/span>
                                                    • Disgruntled employee can damage assets from inside.<\/span><\/li><\/ul><\/li>
                                                    • Phishing attacks<\/span><\/li>
                                                    • Web Application Threats<\/span>
                                                      • Attacks like SQL injection, XSS (Cross-site scripting)\u2026<\/span><\/li><\/ul><\/li>
                                                      • IoT Threats<\/span><\/li><\/ul>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t
                                                        \n\t\t\t\t
                                                        \n\t\t\t\t\t

                                                        0x02 Classification of Attacks\n <\/h3>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t
                                                        \n\t\t\t\t
                                                        \n\t\t\t\t\t\t\t\t\t
                                                        • Passive Attacks<\/span>
                                                          • \u76f4\u63a5\u63a5\u89f8\u76ee\u6a19\u7db2\u8def\uff0c\u4e3b\u8981\u70ba\u6514\u622a\u548c\u7db2\u8def\u76e3\u63a7<\/span><\/li>
                                                          • EX: sniffing \u3001 eavesdropping (\u7aca\u807d)<\/span><\/li><\/ul><\/li>
                                                          • Active Attacks<\/span>
                                                            • \u4e0d\u6703\u76f4\u63a5\u63a5\u89f8\u76ee\u6a19\uff0c\u5982\u5e72\u64fe\u901a\u8a0a\uff0c\u7e5e\u904e\u7cfb\u7d71<\/span><\/li>
                                                            • EX: Dos,Man-in-the-Middke,session hijacking and SQL injection<\/span><\/li><\/ul><\/li>
                                                            • Close-in (NEW)<\/span>
                                                              • \u900f\u904e\u7269\u7406\u4e0a\u7684\u63a5\u8fd1\u4f86\u7372\u53d6\u76ee\u6a19\u7684\u90e8\u5206\u8cc7\u8a0a<\/span><\/li>
                                                              • EX:\u3000eavesdropping,shoulder surfing(\u80a9\u625b\u5f0f\u885d\u6d6a) ,dumpster diving(\u5783\u573e\u641c\u5c0b)<\/span><\/li>
                                                              • \u5be6\u969b\u4e16\u754c\u4e0a\u7684\u624b\u6cd5<\/span><\/li><\/ul><\/li>
                                                              • Insider Attacks (NWE)<\/span>
                                                                • \u4f7f\u7528\u7279\u6b0a\u4e14\u9055\u53cd\u898f\u5b9a\u6216\u662f\u5c0d\u76ee\u6a19\u7684\u7cfb\u7d71\u3001\u8cc7\u8a0a\u9020\u6210\u5a01\u8105<\/span><\/li>
                                                                • EX: theft of physical device,planting keyloggers,backdoors<\/span><\/li><\/ul><\/li>
                                                                • Distribution Attacks (NEW)<\/span>
                                                                  • \u611f\u67d3\u5ee0\u5546\uff0c\u5c0e\u81f4\u65bc\u4f9b\u61c9\u93c8\u653b\u64ca<\/span><\/li>
                                                                  • \u901a\u5e38\u75db\u904e\u611f\u67d3\u8edf\u9ad4\u6216\u662f\u786c\u9ad4<\/span><\/li><\/ul><\/li><\/ul>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t
                                                                    \n\t\t\t\t
                                                                    \n\t\t\t\t\t
                                                                    0x02 - A Threat Categories<\/h5>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t
                                                                    \n\t\t\t\t
                                                                    \n\t\t\t\t\t\t\t\t\t
                                                                    • Operating System<\/span>
                                                                      • OS\u7684\u6f0f\u6d1e\u8207\u5b89\u5168\u8a2d\u5b9a<\/span>
                                                                        • Buffer overflows, <\/span><\/li>
                                                                        • Protocol Implementations<\/span><\/li>
                                                                        • software defects<\/span><\/li>
                                                                        • patch levels <\/span><\/li>
                                                                        • authentication schemes<\/span><\/li><\/ul><\/li><\/ul><\/li>
                                                                        • Misconfiguration<\/span>
                                                                          • \u56e0\u8a2d\u5b9a\u7684\u4e0d\u7576\u6216\u662f\u67b6\u69cb\u4e0d\u5b89\u5168\uff0c\u5c0e\u81f4\u51fa\u73fe\u5b89\u5168\u6f0f\u6d1e<\/span>
                                                                            • Improper permissions of SQL users<\/span><\/li>
                                                                            • Access-list permit all<\/span><\/li><\/ul><\/li><\/ul><\/li>
                                                                            • Shrink-Wrap Code<\/span>
                                                                              • \u539f\u751f\u5143\u4ef6\u6216\u4e2d\u7684\u9810\u8a2d\u5f31\u9ede\u6216\u6b0a\u9650\u914d\u7f6e<\/li>
                                                                              • Default passwords<\/span><\/li><\/ul><\/li><\/ul>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t
                                                                                \n\t\t\t\t
                                                                                \n\t\t\t\t\t

                                                                                0x03 \u653b\u64ca\u7df4\n <\/h3>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t
                                                                                \n\t\t\t\t
                                                                                \n\t\t\t\t\t\t\t\t\t

                                                                                \u4e3b\u8981\u53ef\u4ee5\u5206\u6210\u4e09\u500b\u968e\u6bb5<\/p>

                                                                                • Pre-Attack Phase – \u5075\u5bdf\u548c\u6578\u64da\u6536\u96c6\u3002<\/span><\/span> <\/span><\/li>
                                                                                • Attack Phase – \u5617\u8a66\u7a7f\u900f\u7db2\u7d61\u4e26\u57f7\u884c\u653b\u64ca\u3002<\/span><\/span> <\/span><\/li>
                                                                                • Post-Attack Phase- \u6e05\u7406\u4ee5\u5c07\u7cfb\u7d71\u8fd4\u56de\u5230\u653b\u64ca\u524d\u72c0\u614b\u4e26\u63d0\u4f9b\u5831\u544a\u3002<\/span><\/span><\/span><\/li><\/ul>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t
                                                                                  \n\t\t\t\t
                                                                                  \n\t\t\t\t\t
                                                                                  0x03 - A Cyber kill Chain<\/h5>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t
                                                                                  \n\t\t\t\t
                                                                                  \n\t\t\t\t\t\t\t\t\t
                                                                                  • Reconnaissance (\u5075\u67e5)<\/span>
                                                                                    • \u7372\u53d6\u76ee\u6a19\u8cc7\u8a0a<\/span><\/li><\/ul><\/li>
                                                                                    • Weaponization (\u6b66\u5668\u5316)<\/span>
                                                                                      • \u88fd\u4f5c\u4e00\u500b\u60e1\u610f\u4ee3\u78bc\u4f7f\u7528\u6f0f\u6d1e\u6216\u5f8c\u9580<\/span><\/li><\/ul><\/li>
                                                                                      • Delivery (\u50b3\u9001\/\u611f\u67d3)<\/span>
                                                                                        • \u50b3\u9001”\u88fd\u4f5c\u51fa\u4f86\u7684\u5de5\u5177”\u5230\u76ee\u6a19\uff0c\u900f\u904eemail\u6216\u662fusb\u2026<\/span><\/li><\/ul><\/li>
                                                                                        • Exploitation (\u5229\u7528)<\/span>
                                                                                          • \u5728\u76ee\u6a19\u7cfb\u7d71\u57f7\u884c\u7a0b\u5f0f\u4f86\u5229\u7528\u6f0f\u6d1e<\/span><\/li><\/ul><\/li>
                                                                                          • Installation (\u5b89\u88dd)<\/span>
                                                                                            • \u5728\u76ee\u6a19\u7684\u7cfb\u7d71\u4e2d\u5b89\u88dd\u60e1\u610f\u7a0b\u5f0f<\/span><\/li><\/ul><\/li>
                                                                                            • Command and Control (\u547d\u4ee4\u8207\u63a7\u5236)<\/span>
                                                                                              • \u5275\u5efa\u4e00\u500b c2c \u7684\u901a\u9053\u4f86\u50b3\u9001\u8cc7\u6599\u8207\u9032\u884c\u63a7\u5236<\/span><\/li><\/ul><\/li>
                                                                                              • Actions on Objectives<\/span>
                                                                                                • \u63a1\u53d6\u884c\u52d5\u5df2\u9054\u6210\u9810\u671f\u76ee\u6a19<\/span><\/li><\/ul><\/li><\/ul>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t
                                                                                                  \n\t\t\t\t
                                                                                                  \n\t\t\t\t\t
                                                                                                  0x03 - B Hacking Phase (LPT)<\/h5>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t
                                                                                                  \n\t\t\t\t
                                                                                                  \n\t\t\t\t\t\t\t\t\t
                                                                                                  • Reconnaissance (\u5075\u67e5)<\/span><\/li>
                                                                                                  • Scanning\u3000& Enumeration<\/span>
                                                                                                    • network <\/span>\u21d2<\/span><\/span><\/span><\/span><\/span><\/span> live machines <\/span>\u21d2<\/span><\/span><\/span><\/span><\/span><\/span> port <\/span>\u21d2<\/span><\/span><\/span><\/span><\/span><\/span> services <\/span>\u21d2<\/span><\/span><\/span><\/span><\/span><\/span>OS detail <\/span>\u21d2<\/span><\/span><\/span><\/span><\/span><\/span> vulnerabilities<\/span><\/li>
                                                                                                    • \u7372\u53d6\u76f8\u95dc\u8cc7\u8a0a<\/li><\/ul><\/li>
                                                                                                    • Gaining Access<\/span>
                                                                                                      • gaining access<\/span>\u21d2<\/span><\/span><\/span><\/span><\/span><\/span> password craking(Access Controls-Authentication) <\/span>\u21d2<\/span><\/span><\/span><\/span><\/span><\/span> escalate privileges(Bypassing)<\/span>
                                                                                                        • \u6c34\u5e73\u6b0a\u9650\u63d0\u5347<\/li>
                                                                                                        • \u5782\u76f4\u6b0a\u9650\u63d0\u5347<\/li><\/ul><\/li><\/ul><\/li>
                                                                                                        • Maintaining Access<\/span>
                                                                                                          • ownership(use backdoor,etc\u2026)\u2192launch further attacks<\/span><\/li>
                                                                                                          • \u78ba\u4fdd\u4e4b\u5f8c\u80fd\u5920\u518d\u6b21\u5b58\u53d6
                                                                                                            • Rookit,<\/span><\/li>
                                                                                                            • Trojan<\/span><\/li>
                                                                                                            • Backdoor<\/span><\/li><\/ul><\/li><\/ul><\/li>
                                                                                                            • Clearing Tracks<\/span>
                                                                                                              • \u6e05\u9664\u75d5\u8de1
                                                                                                                • Clear the logs<\/span><\/li><\/ul><\/li>
                                                                                                                • \u4e0d\u88ab\u767c\u73fe
                                                                                                                  • Obfuscate trojans or malicious backdoors programs.<\/span><\/li><\/ul><\/li><\/ul><\/li><\/ul>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t
                                                                                                                    \n\t\t\t\t
                                                                                                                    \n\t\t\t\t\t

                                                                                                                    0x04 \u653b\u64ca\u624b\u6cd5\n <\/h3>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t
                                                                                                                    \n\t\t\t\t
                                                                                                                    \n\t\t\t\t\t\t\t\t\t
                                                                                                                    • Tactics (\u7b56\u7565)<\/span><\/li>
                                                                                                                    • Techniques (\u6280\u8853)<\/span><\/li>
                                                                                                                    • Procedures (\u7a0b\u5e8f)<\/span><\/li><\/ul>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t
                                                                                                                      \n\t\t\t\t
                                                                                                                      \n\t\t\t\t\t
                                                                                                                      0x04 - A Vulnerability Categories<\/h5>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t
                                                                                                                      \n\t\t\t\t
                                                                                                                      \n\t\t\t\t\t\t\t\t\t
                                                                                                                      • Misconfiguration – \u4e0d\u7576\u7684\u8a2d\u5b9a<\/span><\/span><\/span>
                                                                                                                        <\/span><\/li>
                                                                                                                      • Default installation – \u672a\u66f4\u6539\u7cfb\u7d71\u7684\u9ed8\u8a8d\u8a2d\u5b9a
                                                                                                                        <\/span><\/li>
                                                                                                                      • Buffer overflow – code execution flaw<\/span><\/li>
                                                                                                                      • Missing patches – \u672a\u4fee\u88dc\u7684\u7cfb\u7d71
                                                                                                                        <\/span><\/li>
                                                                                                                      • Design flaws – \u7cfb\u7d71\u8a2d\u8a08\u7684\u554f\u984c\uff0c\u5982\u52a0\u5bc6\u7248\u672c\u3001\u8cc7\u6599\u9a57\u6574\u7b49\u7b49
                                                                                                                        <\/span><\/li>
                                                                                                                      • Operating System Flaws – flaws specific to each OS<\/span><\/li>
                                                                                                                      • Default passwords – \u7cfb\u7d71\u9810\u8a2d\u7684\u5e33\u865f\u5bc6\u78bc
                                                                                                                        <\/span><\/li><\/ul>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t
                                                                                                                        \n\t\t\t\t
                                                                                                                        \n\t\t\t\t\t

                                                                                                                        0x05 Adversary Behavior Identification\n \n <\/h3>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t
                                                                                                                        \n\t\t\t\t
                                                                                                                        \n\t\t\t\t\t\t\t\t\t
                                                                                                                        • Interal Reconnaissance<\/span>
                                                                                                                          • Insider attack<\/span><\/li>
                                                                                                                          • Enumeration<\/span><\/li><\/ul><\/li>
                                                                                                                          • Use <\/span>PowerShell<\/span><\/strong><\/li>
                                                                                                                          • Unspecified Proxy Activities<\/span>
                                                                                                                            • MiTM Attack<\/span><\/li><\/ul><\/li>
                                                                                                                            • Use of <\/span>Command-Line<\/span><\/strong> Interface<\/span><\/li>
                                                                                                                            • Http\u3000User Agent<\/span>
                                                                                                                              • tools -> Web Browser<\/span><\/li><\/ul><\/li>
                                                                                                                              • Command and Control Server<\/span>
                                                                                                                                • C2 Malware<\/span><\/li><\/ul><\/li>
                                                                                                                                • Use of DNS Tunneling<\/span><\/li>
                                                                                                                                • Use of Web Shell<\/span><\/li>
                                                                                                                                • Data Staging<\/span><\/strong> (\u6578\u64da\u66ab\u5b58)<\/span>
                                                                                                                                  • Collection and Combine Data<\/span><\/li><\/ul><\/li><\/ul>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t
                                                                                                                                    \n\t\t\t\t
                                                                                                                                    \n\t\t\t\t\t

                                                                                                                                    0x06 IoC \u884c\u70ba\u6307\u6a19\n <\/h3>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t
                                                                                                                                    \n\t\t\t\t
                                                                                                                                    \n\t\t\t\t\t\t\t\t\t
                                                                                                                                    • \u5f85\u88dc\u5145<\/li>
                                                                                                                                    • \u96a8\u4fbf\u770b\u770b\u5373\u53ef<\/li><\/ul>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t
                                                                                                                                      \n\t\t\t\t
                                                                                                                                      \n\t\t\t\t\t

                                                                                                                                      0x07 What is Hacking\n \n <\/h3>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t
                                                                                                                                      \n\t\t\t\t
                                                                                                                                      \n\t\t\t\t\t\t\t\t\t
                                                                                                                                      • excekkelent computer skills<\/span><\/li>
                                                                                                                                      • hobby<\/span><\/li>
                                                                                                                                      • probe and do illegal<\/span><\/li><\/ul>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t
                                                                                                                                        \n\t\t\t\t
                                                                                                                                        \n\t\t\t\t\t
                                                                                                                                        0x07-A Hacker<\/h5>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t
                                                                                                                                        \n\t\t\t\t
                                                                                                                                        \n\t\t\t\t\t\t\t\t\t
                                                                                                                                        • exploiting <\/span>\u21d2 <\/span><\/span><\/span><\/span><\/span><\/span>(attack) vulnerabilities<\/span><\/li>
                                                                                                                                        • Security Controls <\/span>\u21d2<\/span><\/span><\/span><\/span><\/span><\/span>(defense) exploiting<\/span><\/li>
                                                                                                                                        • exploiting <\/span>\u21d2 <\/span><\/span><\/span><\/span><\/span><\/span>modifying <\/span>\u21d2<\/span><\/span><\/span><\/span><\/span><\/span>\u00a0 loss<\/span><\/li><\/ul>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t
                                                                                                                                          \n\t\t\t\t
                                                                                                                                          \n\t\t\t\t\t
                                                                                                                                          0x07-A Hacker<\/h5>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t
                                                                                                                                          \n\t\t\t\t
                                                                                                                                          \n\t\t\t\t\t\t\t\t\t
                                                                                                                                          • Black Hats
                                                                                                                                            <\/span><\/strong><\/li>
                                                                                                                                          • White Hats<\/span><\/strong><\/li>
                                                                                                                                          • Gray Hats<\/span><\/strong><\/li>
                                                                                                                                          • Suicide Hackers<\/span><\/em><\/li>
                                                                                                                                          • Script Kiddies<\/span><\/em><\/li>
                                                                                                                                          • Cyber Terrorists<\/span><\/li>
                                                                                                                                          • State-Sponsored<\/span><\/li>
                                                                                                                                          • Hacktivist<\/span><\/li><\/ul>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t
                                                                                                                                            \n\t\t\t\t
                                                                                                                                            \n\t\t\t\t\t

                                                                                                                                            0x08 Ethical Hacking\n \n <\/h3>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t
                                                                                                                                            \n\t\t\t\t
                                                                                                                                            \n\t\t\t\t\t\t\t\t\t
                                                                                                                                            • Scope<\/span>
                                                                                                                                              • \u6709\u6e96\u78ba\u7684\u7bc4\u570d<\/span><\/li><\/ul><\/li>
                                                                                                                                              • Limitations<\/span>
                                                                                                                                                • \u6709\u9650\u5236(\u4e26\u975e\u96a8\u610f\u653b\u64ca,\u76ee\u7684\u4e26\u975e\u7671\u7613\u76ee\u6a19,\u800c\u662f\u627e\u51fa\u554f\u984c)<\/span><\/li><\/ul><\/li>
                                                                                                                                                • Ethical Hacking<\/span>
                                                                                                                                                  • \u70ba\u4e86\u9632\u79a6\u800c\u9032\u884c\u7684\u653b\u64ca\u884c\u70ba<\/span><\/li><\/ul><\/li><\/ul>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t
                                                                                                                                                    \n\t\t\t\t
                                                                                                                                                    \n\t\t\t\t\t

                                                                                                                                                    0x09 \u898f\u7bc4\u8207\u7d44\u7e54\n \n <\/h3>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t
                                                                                                                                                    \n\t\t\t\t
                                                                                                                                                    \n\t\t\t\t\t\t\t\t\t
                                                                                                                                                    • PCI-DSS\uff1a\u7dda\u4e0a\u91d1\u6d41\u6cd5\u6848<\/li>
                                                                                                                                                    • ISO\/IEC 27001:2013\uff1a\u8cc7\u8a0a\u5b89\u5168\u7ba1\u7406\u7cfb\u7d71\u898f\u7bc4
                                                                                                                                                      • \u6a19\u6e96\u65e8\u5728\u70ba\u5efa\u7acb\u3001\u5be6\u65bd\u3001\u7dad\u8b77\u548c\u6301\u7e8c\u6539\u9032\u4fe1\u606f\u5b89\u5168\u7ba1\u7406\u9ad4\u7cfb\u63d0\u4f9b\u8981\u6c42\u3002<\/span><\/li><\/ul><\/li>
                                                                                                                                                      • HIPAA\uff1a\u91ab\u7642\u8cc7\u8a0a\u6cd5\u6848
                                                                                                                                                        • \u300a\u5065\u5eb7\u4fdd\u96aa\u6d41\u901a\u8207\u8cac\u4efb\u6cd5\u6848\u300b\u662f\u4e00\u9805\u8a2d\u5b9a\u96b1\u79c1\u6a19\u6e96\u7684\u6cd5\u5f8b\uff0c\u65e8\u5728\u4fdd\u8b77\u91ab\u751f\u3001\u91ab\u9662\u548c\u4fdd\u96aa\u63d0\u4f9b\u5546\u4e4b\u9593\u5171\u4eab\u7684\u60a3\u8005\u91ab\u7642\u8a18\u9304\u548c\u5065\u5eb7\u4fe1\u606f\u3002<\/span><\/li><\/ul><\/li>
                                                                                                                                                        • SOX\uff1a\u5167\u7dda\u4ea4\u6613\u6cd5\u6848<\/li>
                                                                                                                                                        • DMCA\uff1a\u6578\u4f4d\u8457\u4f5c\u6b0a\u6cd5\u6848<\/li>
                                                                                                                                                        • FISMA\uff1a\u8cc7\u8a0a\u5b89\u5168\u7ba1\u7406\u6cd5\u6848<\/li><\/ul>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<\/div>\n\t\t","protected":false},"excerpt":{"rendered":"

                                                                                                                                                          \u9019\u4e00\u7ae0\u7bc0\u4e0d\u7528\u82b1\u592a\u591a\u6642\u9593\u3002 \u57fa\u672c\u4e0a\u8981\u8003CEH\u7684\u4eba\uff0c\u53ea\u9700\u8981\u6ce8\u610f\u898f\u7ae0\u90a3\u90e8\u5206\u5373\u53ef\uff0c\u5176\u4ed6\u61c9\u8a72\u90fd\u6709\u6982\u5ff5\u3002 0x00 \u8cc7\u5b89\u8981\u7d20 Elements of Information Security (\u8cc7\u8a0a\u5b89\u5168\u7684\u5143\u7d20) Confiedemtiality (\u4fdd\u5bc6\u6027) \u78ba\u8a8d”\u8cc7\u8a0a\u50c5\u8b93\u6709\u6b0a\u9650\u7684\u4eba\u5b58\u53d6” Integrity (\u5b8c\u6574\u6027) \u78ba\u4fdd”\u8cc7\u6599\u4e0d\u6703\u88ab\u975e\u6cd5\u6b0a\u9650\u7684\u4eba\u7ac4\u6539” Availability (\u53ef\u7528\u6027) \u78ba\u4fdd”\u7cfb\u7d71\u80fd\u5920\u88ab\u8a8d\u8b49\u7684\u4f7f\u7528\u8005\u6b63\u5e38\u4f7f\u7528” Authenticity (\u9451\u5225\u59d3) \u78ba\u4fdd”\u6587\u4ef6\u3001\u901a\u8a0a\u3001\u8cc7\u6599\u7684\u7279\u5fb5\u662f\u771f\u5be6\u4e14\u6b63\u78ba” Non-Requdiation (\u4e0d\u53ef\u5426\u8a8d\u6027) \u78ba\u4fdd”\u8a0a\u606f\u7684\u767c\u9001\u8005\u7121\u6cd5\u5426\u8a8d\u81ea\u5df1\u767c\u51fa\u7684\u8a0a\u606f” 0x01 \u653b\u64ca Attacks \u653b\u64ca = Motive \u52d5\u6a5f(Goal \u76ee\u6a19) + Method \u65b9\u6cd5 + Vulnerability \u6f0f\u6d1e \u653b\u64ca\u8981\u6709 \u653b\u64ca\u65b9\u7684”\u65b9\u6cd5\u3001\u52d5\u6a5f” \u8207 \u9632\u79a6\u65b9\u7684\u6f0f\u6d1e \u00a0 Implementation Error \u21d2 \u900f\u904e\u8a2d\u5b9a\u6d41\u7a0b\u4f86\u9632\u79a6 Security Cap \u21d2 \u53ea\u80fd\u900f\u904e\u906e\u853d\u6f0f\u6d1e \u6839\u64da Vulnerability \u627e\u51fa\u76f8\u5c0d\u61c9\u7684\u65b9\u6cd5\u653b\u64ca Motive (\u4ee5\u653b\u64ca\u89d2\u5ea6) religious(\u5b97\u6559),political(\u653f\u6cbb),etc\u2026 Vulnerability Design flow \u21d2 \u53ef\u4ee5\u900f\u904e\u66f4\u65b0\u4fee\u88dc\u6f0f\u6d1e Method \u6839\u64da Vulnerability \u627e\u51fa\u76f8\u5c0d\u61c9\u7684\u65b9\u6cd5\u653b\u64ca Motive \u653b\u64ca\u89d2\u5ea6 religious(\u5b97\u6559),political(\u653f\u6cbb),etc\u2026 0x01 – A Threat Categories Network Threats Information gathering Sniffing and eavesdropping DNS\/ARP Poisoning MITM (Man-in-the-Middle Attack) DoS\/DDoS Password-based attacks Firewall and IDS attack Session Hijacking Host Threats Password cracking Malware attacks Footprinting Profiling Arbitrary code execution Backdoor access Privilege Escalation Code Execution Application Threats Injection Attacks Improper data\/input validation Improper error handling and exeception management Hidden-field manipulation Broken session management Cryptography issues SQL injection Phishing Buffer Overflow Information disclosure Security Misconfigurations 0x01 – B Attack Vectors APT – Advanced Persistent Threats \u96b1\u853d\u7684\u5a01\u8105\u884c\u70ba \u901a\u5e38\u662f\u96b1\u85cf\u5728\u7db2\u8def\u4e2d\u4e00\u6bb5\u6642\u9593 \u901a\u5e38\u6703\u900f\u904eZero day \u9032\u884c\u6ef2\u900f Cloud computing \/ Cloud based technologies \u96f2\u7684\u8a2d\u5b9a\u6709\u554f\u984c \u96f2\u4e4b\u9593\u7684\u4e92\u76f8\u653b\u64ca Viruses, worms, and malware \u77ed\u6642\u9593\u5feb\u901f\u611f\u67d3\u5927\u91cf\u4e3b\u6a5f Ransomware \u9650\u5236\u5c0d\u7cfb\u7d71\u548c\u6587\u4ef6\u7684\u5b58\u53d6 \u5e38\u898b\u7684\u52d2\u7d22\u75c5\u6bd2 Mobile Device threats Botnets Huge network of compromised systems used by an intruder to perform various network attacks Insider attacks Disgruntled employee can damage assets from inside. Phishing attacks Web Application Threats Attacks like SQL injection, XSS (Cross-site scripting)\u2026 IoT Threats 0x02 Classification of Attacks Passive Attacks \u76f4\u63a5\u63a5\u89f8\u76ee\u6a19\u7db2\u8def\uff0c\u4e3b\u8981\u70ba\u6514\u622a\u548c\u7db2\u8def\u76e3\u63a7 EX: sniffing \u3001 eavesdr…<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[22,5],"tags":[],"class_list":["post-237","post","type-post","status-publish","format-standard","hentry","category-ceh-research-study","category-research-study"],"yoast_head":"\nCEH v11 Moudle 1 - Introduction - Ares Vlog<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.yuyiares.com\/?p=237\" \/>\n<meta property=\"og:locale\" content=\"zh_TW\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"CEH v11 Moudle 1 - Introduction - Ares Vlog\" \/>\n<meta property=\"og:description\" content=\"\u9019\u4e00\u7ae0\u7bc0\u4e0d\u7528\u82b1\u592a\u591a\u6642\u9593\u3002 \u57fa\u672c\u4e0a\u8981\u8003CEH\u7684\u4eba\uff0c\u53ea\u9700\u8981\u6ce8\u610f\u898f\u7ae0\u90a3\u90e8\u5206\u5373\u53ef\uff0c\u5176\u4ed6\u61c9\u8a72\u90fd\u6709\u6982\u5ff5\u3002 0x00 \u8cc7\u5b89\u8981\u7d20 Elements of Information Security (\u8cc7\u8a0a\u5b89\u5168\u7684\u5143\u7d20) Confiedemtiality (\u4fdd\u5bc6\u6027) \u78ba\u8a8d”\u8cc7\u8a0a\u50c5\u8b93\u6709\u6b0a\u9650\u7684\u4eba\u5b58\u53d6” Integrity (\u5b8c\u6574\u6027) \u78ba\u4fdd”\u8cc7\u6599\u4e0d\u6703\u88ab\u975e\u6cd5\u6b0a\u9650\u7684\u4eba\u7ac4\u6539” Availability (\u53ef\u7528\u6027) \u78ba\u4fdd”\u7cfb\u7d71\u80fd\u5920\u88ab\u8a8d\u8b49\u7684\u4f7f\u7528\u8005\u6b63\u5e38\u4f7f\u7528” Authenticity (\u9451\u5225\u59d3) \u78ba\u4fdd”\u6587\u4ef6\u3001\u901a\u8a0a\u3001\u8cc7\u6599\u7684\u7279\u5fb5\u662f\u771f\u5be6\u4e14\u6b63\u78ba” Non-Requdiation (\u4e0d\u53ef\u5426\u8a8d\u6027) \u78ba\u4fdd”\u8a0a\u606f\u7684\u767c\u9001\u8005\u7121\u6cd5\u5426\u8a8d\u81ea\u5df1\u767c\u51fa\u7684\u8a0a\u606f” 0x01 \u653b\u64ca Attacks \u653b\u64ca = Motive \u52d5\u6a5f(Goal \u76ee\u6a19) + Method \u65b9\u6cd5 + Vulnerability \u6f0f\u6d1e \u653b\u64ca\u8981\u6709 \u653b\u64ca\u65b9\u7684”\u65b9\u6cd5\u3001\u52d5\u6a5f” \u8207 \u9632\u79a6\u65b9\u7684\u6f0f\u6d1e \u00a0 Implementation Error \u21d2 \u900f\u904e\u8a2d\u5b9a\u6d41\u7a0b\u4f86\u9632\u79a6 Security Cap \u21d2 \u53ea\u80fd\u900f\u904e\u906e\u853d\u6f0f\u6d1e \u6839\u64da Vulnerability \u627e\u51fa\u76f8\u5c0d\u61c9\u7684\u65b9\u6cd5\u653b\u64ca Motive (\u4ee5\u653b\u64ca\u89d2\u5ea6) religious(\u5b97\u6559),political(\u653f\u6cbb),etc\u2026 Vulnerability Design flow \u21d2 \u53ef\u4ee5\u900f\u904e\u66f4\u65b0\u4fee\u88dc\u6f0f\u6d1e Method \u6839\u64da Vulnerability \u627e\u51fa\u76f8\u5c0d\u61c9\u7684\u65b9\u6cd5\u653b\u64ca Motive \u653b\u64ca\u89d2\u5ea6 religious(\u5b97\u6559),political(\u653f\u6cbb),etc\u2026 0x01 – A Threat Categories Network Threats Information gathering Sniffing and eavesdropping DNS\/ARP Poisoning MITM (Man-in-the-Middle Attack) DoS\/DDoS Password-based attacks Firewall and IDS attack Session Hijacking Host Threats Password cracking Malware attacks Footprinting Profiling Arbitrary code execution Backdoor access Privilege Escalation Code Execution Application Threats Injection Attacks Improper data\/input validation Improper error handling and exeception management Hidden-field manipulation Broken session management Cryptography issues SQL injection Phishing Buffer Overflow Information disclosure Security Misconfigurations 0x01 – B Attack Vectors APT – Advanced Persistent Threats \u96b1\u853d\u7684\u5a01\u8105\u884c\u70ba \u901a\u5e38\u662f\u96b1\u85cf\u5728\u7db2\u8def\u4e2d\u4e00\u6bb5\u6642\u9593 \u901a\u5e38\u6703\u900f\u904eZero day \u9032\u884c\u6ef2\u900f Cloud computing \/ Cloud based technologies \u96f2\u7684\u8a2d\u5b9a\u6709\u554f\u984c \u96f2\u4e4b\u9593\u7684\u4e92\u76f8\u653b\u64ca Viruses, worms, and malware \u77ed\u6642\u9593\u5feb\u901f\u611f\u67d3\u5927\u91cf\u4e3b\u6a5f Ransomware \u9650\u5236\u5c0d\u7cfb\u7d71\u548c\u6587\u4ef6\u7684\u5b58\u53d6 \u5e38\u898b\u7684\u52d2\u7d22\u75c5\u6bd2 Mobile Device threats Botnets Huge network of compromised systems used by an intruder to perform various network attacks Insider attacks Disgruntled employee can damage assets from inside. Phishing attacks Web Application Threats Attacks like SQL injection, XSS (Cross-site scripting)\u2026 IoT Threats 0x02 Classification of Attacks Passive Attacks \u76f4\u63a5\u63a5\u89f8\u76ee\u6a19\u7db2\u8def\uff0c\u4e3b\u8981\u70ba\u6514\u622a\u548c\u7db2\u8def\u76e3\u63a7 EX: sniffing \u3001 eavesdr...\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.yuyiares.com\/?p=237\" \/>\n<meta property=\"og:site_name\" content=\"Ares Vlog\" \/>\n<meta property=\"article:published_time\" content=\"2022-09-30T05:59:10+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2022-09-30T07:29:18+00:00\" \/>\n<meta name=\"author\" content=\"admin\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"\u4f5c\u8005:\" \/>\n\t<meta name=\"twitter:data1\" content=\"admin\" \/>\n\t<meta name=\"twitter:label2\" content=\"\u9810\u4f30\u95b1\u8b80\u6642\u9593\" \/>\n\t<meta name=\"twitter:data2\" content=\"4 \u5206\u9418\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.yuyiares.com\\\/?p=237#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.yuyiares.com\\\/?p=237\"},\"author\":{\"name\":\"admin\",\"@id\":\"https:\\\/\\\/www.yuyiares.com\\\/#\\\/schema\\\/person\\\/3d4db07eab24e08cc9eea662ef3053ac\"},\"headline\":\"CEH v11 Moudle 1 – Introduction\",\"datePublished\":\"2022-09-30T05:59:10+00:00\",\"dateModified\":\"2022-09-30T07:29:18+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.yuyiares.com\\\/?p=237\"},\"wordCount\":477,\"commentCount\":0,\"articleSection\":[\"CEH\",\"Research & Study\"],\"inLanguage\":\"zh-TW\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/www.yuyiares.com\\\/?p=237#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.yuyiares.com\\\/?p=237\",\"url\":\"https:\\\/\\\/www.yuyiares.com\\\/?p=237\",\"name\":\"CEH v11 Moudle 1 - Introduction - Ares Vlog\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.yuyiares.com\\\/#website\"},\"datePublished\":\"2022-09-30T05:59:10+00:00\",\"dateModified\":\"2022-09-30T07:29:18+00:00\",\"author\":{\"@id\":\"https:\\\/\\\/www.yuyiares.com\\\/#\\\/schema\\\/person\\\/3d4db07eab24e08cc9eea662ef3053ac\"},\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.yuyiares.com\\\/?p=237#breadcrumb\"},\"inLanguage\":\"zh-TW\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.yuyiares.com\\\/?p=237\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.yuyiares.com\\\/?p=237#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.yuyiares.com\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"CEH v11 Moudle 1 – Introduction\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.yuyiares.com\\\/#website\",\"url\":\"https:\\\/\\\/www.yuyiares.com\\\/\",\"name\":\"Ares Vlog\",\"description\":\"\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.yuyiares.com\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"zh-TW\"},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.yuyiares.com\\\/#\\\/schema\\\/person\\\/3d4db07eab24e08cc9eea662ef3053ac\",\"name\":\"admin\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"zh-TW\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/7a48eb75ce0e81d088764746bc78b3a75ae3f2fbe40d6f69bbc7cfd2fa004a03?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/7a48eb75ce0e81d088764746bc78b3a75ae3f2fbe40d6f69bbc7cfd2fa004a03?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/7a48eb75ce0e81d088764746bc78b3a75ae3f2fbe40d6f69bbc7cfd2fa004a03?s=96&d=mm&r=g\",\"caption\":\"admin\"},\"sameAs\":[\"https:\\\/\\\/www.yuyiares.com\"],\"url\":\"https:\\\/\\\/www.yuyiares.com\\\/?author=1\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"CEH v11 Moudle 1 - Introduction - Ares Vlog","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.yuyiares.com\/?p=237","og_locale":"zh_TW","og_type":"article","og_title":"CEH v11 Moudle 1 - Introduction - Ares Vlog","og_description":"\u9019\u4e00\u7ae0\u7bc0\u4e0d\u7528\u82b1\u592a\u591a\u6642\u9593\u3002 \u57fa\u672c\u4e0a\u8981\u8003CEH\u7684\u4eba\uff0c\u53ea\u9700\u8981\u6ce8\u610f\u898f\u7ae0\u90a3\u90e8\u5206\u5373\u53ef\uff0c\u5176\u4ed6\u61c9\u8a72\u90fd\u6709\u6982\u5ff5\u3002 0x00 \u8cc7\u5b89\u8981\u7d20 Elements of Information Security (\u8cc7\u8a0a\u5b89\u5168\u7684\u5143\u7d20) Confiedemtiality (\u4fdd\u5bc6\u6027) \u78ba\u8a8d”\u8cc7\u8a0a\u50c5\u8b93\u6709\u6b0a\u9650\u7684\u4eba\u5b58\u53d6” Integrity (\u5b8c\u6574\u6027) \u78ba\u4fdd”\u8cc7\u6599\u4e0d\u6703\u88ab\u975e\u6cd5\u6b0a\u9650\u7684\u4eba\u7ac4\u6539” Availability (\u53ef\u7528\u6027) \u78ba\u4fdd”\u7cfb\u7d71\u80fd\u5920\u88ab\u8a8d\u8b49\u7684\u4f7f\u7528\u8005\u6b63\u5e38\u4f7f\u7528” Authenticity (\u9451\u5225\u59d3) \u78ba\u4fdd”\u6587\u4ef6\u3001\u901a\u8a0a\u3001\u8cc7\u6599\u7684\u7279\u5fb5\u662f\u771f\u5be6\u4e14\u6b63\u78ba” Non-Requdiation (\u4e0d\u53ef\u5426\u8a8d\u6027) \u78ba\u4fdd”\u8a0a\u606f\u7684\u767c\u9001\u8005\u7121\u6cd5\u5426\u8a8d\u81ea\u5df1\u767c\u51fa\u7684\u8a0a\u606f” 0x01 \u653b\u64ca Attacks \u653b\u64ca = Motive \u52d5\u6a5f(Goal \u76ee\u6a19) + Method \u65b9\u6cd5 + Vulnerability \u6f0f\u6d1e \u653b\u64ca\u8981\u6709 \u653b\u64ca\u65b9\u7684”\u65b9\u6cd5\u3001\u52d5\u6a5f” \u8207 \u9632\u79a6\u65b9\u7684\u6f0f\u6d1e \u00a0 Implementation Error \u21d2 \u900f\u904e\u8a2d\u5b9a\u6d41\u7a0b\u4f86\u9632\u79a6 Security Cap \u21d2 \u53ea\u80fd\u900f\u904e\u906e\u853d\u6f0f\u6d1e \u6839\u64da Vulnerability \u627e\u51fa\u76f8\u5c0d\u61c9\u7684\u65b9\u6cd5\u653b\u64ca Motive (\u4ee5\u653b\u64ca\u89d2\u5ea6) religious(\u5b97\u6559),political(\u653f\u6cbb),etc\u2026 Vulnerability Design flow \u21d2 \u53ef\u4ee5\u900f\u904e\u66f4\u65b0\u4fee\u88dc\u6f0f\u6d1e Method \u6839\u64da Vulnerability \u627e\u51fa\u76f8\u5c0d\u61c9\u7684\u65b9\u6cd5\u653b\u64ca Motive \u653b\u64ca\u89d2\u5ea6 religious(\u5b97\u6559),political(\u653f\u6cbb),etc\u2026 0x01 – A Threat Categories Network Threats Information gathering Sniffing and eavesdropping DNS\/ARP Poisoning MITM (Man-in-the-Middle Attack) DoS\/DDoS Password-based attacks Firewall and IDS attack Session Hijacking Host Threats Password cracking Malware attacks Footprinting Profiling Arbitrary code execution Backdoor access Privilege Escalation Code Execution Application Threats Injection Attacks Improper data\/input validation Improper error handling and exeception management Hidden-field manipulation Broken session management Cryptography issues SQL injection Phishing Buffer Overflow Information disclosure Security Misconfigurations 0x01 – B Attack Vectors APT – Advanced Persistent Threats \u96b1\u853d\u7684\u5a01\u8105\u884c\u70ba \u901a\u5e38\u662f\u96b1\u85cf\u5728\u7db2\u8def\u4e2d\u4e00\u6bb5\u6642\u9593 \u901a\u5e38\u6703\u900f\u904eZero day \u9032\u884c\u6ef2\u900f Cloud computing \/ Cloud based technologies \u96f2\u7684\u8a2d\u5b9a\u6709\u554f\u984c \u96f2\u4e4b\u9593\u7684\u4e92\u76f8\u653b\u64ca Viruses, worms, and malware \u77ed\u6642\u9593\u5feb\u901f\u611f\u67d3\u5927\u91cf\u4e3b\u6a5f Ransomware \u9650\u5236\u5c0d\u7cfb\u7d71\u548c\u6587\u4ef6\u7684\u5b58\u53d6 \u5e38\u898b\u7684\u52d2\u7d22\u75c5\u6bd2 Mobile Device threats Botnets Huge network of compromised systems used by an intruder to perform various network attacks Insider attacks Disgruntled employee can damage assets from inside. Phishing attacks Web Application Threats Attacks like SQL injection, XSS (Cross-site scripting)\u2026 IoT Threats 0x02 Classification of Attacks Passive Attacks \u76f4\u63a5\u63a5\u89f8\u76ee\u6a19\u7db2\u8def\uff0c\u4e3b\u8981\u70ba\u6514\u622a\u548c\u7db2\u8def\u76e3\u63a7 EX: sniffing \u3001 eavesdr...","og_url":"https:\/\/www.yuyiares.com\/?p=237","og_site_name":"Ares Vlog","article_published_time":"2022-09-30T05:59:10+00:00","article_modified_time":"2022-09-30T07:29:18+00:00","author":"admin","twitter_card":"summary_large_image","twitter_misc":{"\u4f5c\u8005:":"admin","\u9810\u4f30\u95b1\u8b80\u6642\u9593":"4 \u5206\u9418"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.yuyiares.com\/?p=237#article","isPartOf":{"@id":"https:\/\/www.yuyiares.com\/?p=237"},"author":{"name":"admin","@id":"https:\/\/www.yuyiares.com\/#\/schema\/person\/3d4db07eab24e08cc9eea662ef3053ac"},"headline":"CEH v11 Moudle 1 – Introduction","datePublished":"2022-09-30T05:59:10+00:00","dateModified":"2022-09-30T07:29:18+00:00","mainEntityOfPage":{"@id":"https:\/\/www.yuyiares.com\/?p=237"},"wordCount":477,"commentCount":0,"articleSection":["CEH","Research & Study"],"inLanguage":"zh-TW","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/www.yuyiares.com\/?p=237#respond"]}]},{"@type":"WebPage","@id":"https:\/\/www.yuyiares.com\/?p=237","url":"https:\/\/www.yuyiares.com\/?p=237","name":"CEH v11 Moudle 1 - Introduction - Ares Vlog","isPartOf":{"@id":"https:\/\/www.yuyiares.com\/#website"},"datePublished":"2022-09-30T05:59:10+00:00","dateModified":"2022-09-30T07:29:18+00:00","author":{"@id":"https:\/\/www.yuyiares.com\/#\/schema\/person\/3d4db07eab24e08cc9eea662ef3053ac"},"breadcrumb":{"@id":"https:\/\/www.yuyiares.com\/?p=237#breadcrumb"},"inLanguage":"zh-TW","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.yuyiares.com\/?p=237"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/www.yuyiares.com\/?p=237#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.yuyiares.com\/"},{"@type":"ListItem","position":2,"name":"CEH v11 Moudle 1 – Introduction"}]},{"@type":"WebSite","@id":"https:\/\/www.yuyiares.com\/#website","url":"https:\/\/www.yuyiares.com\/","name":"Ares Vlog","description":"","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.yuyiares.com\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"zh-TW"},{"@type":"Person","@id":"https:\/\/www.yuyiares.com\/#\/schema\/person\/3d4db07eab24e08cc9eea662ef3053ac","name":"admin","image":{"@type":"ImageObject","inLanguage":"zh-TW","@id":"https:\/\/secure.gravatar.com\/avatar\/7a48eb75ce0e81d088764746bc78b3a75ae3f2fbe40d6f69bbc7cfd2fa004a03?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/7a48eb75ce0e81d088764746bc78b3a75ae3f2fbe40d6f69bbc7cfd2fa004a03?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/7a48eb75ce0e81d088764746bc78b3a75ae3f2fbe40d6f69bbc7cfd2fa004a03?s=96&d=mm&r=g","caption":"admin"},"sameAs":["https:\/\/www.yuyiares.com"],"url":"https:\/\/www.yuyiares.com\/?author=1"}]}},"jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/www.yuyiares.com\/index.php?rest_route=\/wp\/v2\/posts\/237","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.yuyiares.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.yuyiares.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.yuyiares.com\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.yuyiares.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=237"}],"version-history":[{"count":5,"href":"https:\/\/www.yuyiares.com\/index.php?rest_route=\/wp\/v2\/posts\/237\/revisions"}],"predecessor-version":[{"id":251,"href":"https:\/\/www.yuyiares.com\/index.php?rest_route=\/wp\/v2\/posts\/237\/revisions\/251"}],"wp:attachment":[{"href":"https:\/\/www.yuyiares.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=237"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.yuyiares.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=237"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.yuyiares.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=237"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}