Attacks against privacy - plan for the lab
We will try to test the methods and tools that were described in the lecture. The lecturer will demo the tool and give students sufficient time for them to also install them so that they can actively participate.
Most likely we can not try out all of the methods and tools that were covered in the lecture. We list here the tools that we might use but the final decisions will be made in the lab based on the available time. Due to time constraints it is likely that we won't be able to do all of the tasks listed below. However, there will be a homework task where you can apply some of the tools or methods that we try out in the lab.
- Browser extensions that block tracking
- Copying of session cookies
- Viewing and removing metadata from photos with exiftool.
- Using OSINT tools to find information.
- search engines
- Shodan
- Spyse
- OSINT framework
- Maltego
- Illustration of a man-in-the-middle attack with Burp Suite.
- Caputring network traffic with Wireshark.
1. Task - block CNAME based tracking
Try to play with browser extensions and to block CNAME based tracking. Brave browser is supposed to block such tracking. Brave browser was recently found to be one of the most private browsers: Brave deemed most private browser in terms of 'phoning home' (2020). When coming back to the topic of CNAME blocking, uBlock for Firefox is also claimed to have this feature.
2. Task - session hijacking
Test for youself how easy it is to copy a session cookie from one browser to another. Thereby, it is possible to hijack even these session where the user was authenticated via two-factor authentication. Therefore it is imporant to prevent cookies from being leaked. You can test this approach with the courses.cs.ut.ee account after you have logged in from the top right corner of this page. You can view the cookies by pressing F12 in Google Chrome / Firefox and navigating to Storage -> Cookies in case of Firefox or Application -> Storage -> Cookies in Google Chrome.
Next, the old session cookie has to be deleted and a new one created. One way to create a new cookie is from browser's console window by entering the command: document.cookie="cookiename=cookievalue";
.
3. Task - viewing and removing EXIF data with exiftool
Download exiftool and see how it works. You can get sample data from https://github.com/ianare/exif-samples. Download some photos and view which kind of interesting information is available. Next, use exiftool to remove all metadata that is not directly tied with the photo. This can be done with the following command: exiftool.exe -all= name_of_foto.jpg
.
4. OSINT task - find information about the given image
Use different OSINT tools to find information about the given image.
- When was the image taken?
- Where was the image taken?
- Which camera was used to capture this foto?
- Does the historic whether data match the one seen on the image?
- What is the name of boat?
- From which website does this image originate from?
5. Task - try to use Burp Suite to intercept network traffic
First download and install Burp Suite. Next, try to interface it with your browser, preferably Firefox as it allows to configure a proxy that affects only Firefox. Once this is done, try to browser the web and intercept the queries, e.g. login to courses.cs.ut.ee. This illustrates what the corporate proxies are able to see in case the company you work for requires to monitor the TLS traffic of its employees. Once you have understood the basics we can solve some of the tasks from Burp Suite Academy (requires registration).
6. Task - Maltego
Maybe we will have time to briefly look at the functionalities offered by Maltego. However, registration is required to use this tool. In case you are interested you can view the video tutorials from youtube: https://www.youtube.com/c/MaltegoOfficial/videos.