Hacking Multifactor Authentication
What Is Covered in This Book?
Hacking Multifactor Authentication contains 25 chapters separated into three parts:
Part I: Introduction Part I discusses authentication basics and the problems that MFA is trying to solve. It includes the background facts you’ll need to know to understand why MFA is a favored authentication solution and how it is hacked.
Chapter 1: Logon Problems Chapter 1 covers the central problems that MFA is trying to solve. MFA didn’t come out of the blue. Password and single-factor solutions failed so often that better and improved authentication solutions were invented. Learn about the prob- lems MFA is trying to solve.
Chapter 2: Authentication Basics Authentication isn’t one process—it’s a series of connected processes with a multitude of different components. Any of the steps and components can be hacked. To understand how MFA can be hacked, you first have to understand how authentication works with or without MFA involved. Chapter 2 provides that foundation.
Chapter 3: Types of Authentication Chapter 3 covers dozens of types of authentication, describes how they differ from one another, and examines the inherent strengths and weaknesses of each type of solution.
Chapter 4: Usability vs. Security Security is always a trade-off between user-friendliness and security. MFA is no exception. The most secure options will often not be tolerated
by end users. Chapter 4 covers the fundamental challenges of good security and when good security actually becomes so onerous that it becomes bad security. The best secu- rity options are good trade-offs between usability and security. Find out when that line
is crossed.
Part II: Hacking MFA This part of the book covers the various ways to hack and attack various MFA solutions. Mitigations and defenses for each of the attacks are detailed in each chapter.
Chapter 5: Hacking MFA in General Chapter 5 begins by explaining the very high-level ways that MFA can be hacked, with a summary of the various techniques. Every MFA solution is susceptible to multiple hacking attacks and are covered in the rest of the chap- ters of this section.
Chapter 6: Access Control Token Tricks Chapter 6 starts off by discussing, in detail, one of the most popular, decades-long, MFA hacking methods: that of compromising the resulting access control token. Chapter 6 shows multiple ways in which access control tokens can be compromised.
Chapter 7: Endpoint Attacks A compromised device or computer can be attacked in hun- dreds of different ways, including bypassing or hijacking MFA solutions. A compromised endpoint cannot be trusted. Chapter 7 discusses several popular endpoint attacks.
Chapter 8: SMS Attacks Chapter 8 covers multiple Short Message Service (SMS) attacks, including subscriber identity module (SIM) hacks. For years now, the U.S. government has said that SMS should not be used for strong authentication and yet the most common MFA solutions on the Internet involve SMS. Learn why that shouldn’t be the case.
Chapter 9: One-Time Password Attacks One-time password (OTP) solutions are among the most popular MFA solutions, and they are good but not unhackable. Chapter 9 covers the various types of OTP solutions and how to hack them.
Chapter 10: Subject Hjack Attacks Unlike most of the other MFA attacks described in this book, subject hijack attacks are not very popular. In fact, they have not been know- ingly accomplished in a single public attack. Still, they can be done, and simply knowing about them and how they can be accomplished is an important lesson. Chapter 10 covers one specific type of subject hijack attack on the world’s most popular corporate authenti- cation platform, in enough detail, that you will likely be worried about them forever.
Chapter 11: Fake Authentication Attacks Chapter 11 covers a type of MFA attack that can be used successfully against most MFA solutions. It involves taking the end user to a bogus web page and faking the entire authentication transaction, accepting anything the end user types in or provides, as successful. Learn how fake authentication attacks can be prevented.
Chapter 12: Social Engineering Attacks Social engineering attacks are responsible for the most malicious breaches of any of the hacker attack methods. Social engineering can be used to get around any MFA solution. Chapter 12 covers many of the popular social engi- neering attack methods against popular MFA solutions.
Chapter 13: Downgrade/Recovery Attacks Most of the popular MFA solutions allow a lesser secure method to be used to recover the associated account in the event of a problem with the primary MFA method. Chapter 13 covers how to use downgrade/ recovery attacks to bypass and disable legitimate MFA solutions.
Chapter 14: Brute-Force Attacks Many MFA solutions require users to type in PINs and other codes and do not have a mitigating “account lockout” feature enabled to pre- vent an attacker from guessing over and over until they find that information. In fact, it is so common for relatively new MFA solutions to forget this important safety feature, as Chapter 14 shows, that it is almost more commonplace than not.
Chapter 15: Buggy Software Security software is as buggy as any other software. MFA solutions are no exception. Chapter 15 discusses why we have buggy software and gives dozens of examples of buggy MFA solutions, including a single bug that led to tens of millions of MFA devices being immediately vulnerable.
Chapter 16: Attacks Against Biometrics There is not a biometric MFA solution that cannot be hacked or a biometric trait that cannot be mimicked. Chapter 16 describes many such attacks, including attacks against facial and fingerprint recognition, and dis- cusses mitigations against copying and reuse attacks.
Chapter 17: Physical Attacks A common security dogma says that if an attacker has physical access of your device, it’s game over. This is especially true of MFA devices. Chapter 17 will cover multiple physical attacks, ranging from using a multimillion-dollar electron microscope to using a $5 can of compressed air.
Chapter 18: DNS Hijacking Chapter 18 discusses how hijacking the name resolution service attached to an MFA solution can lead to the whole solution failing. Some MFA solution providers dispute whether this sort of attack should be considered a real attack against the MFA solution since it doesn’t attack the MFA solution directly but allows MFA compromises.
Chapter 19: API Abuses Many MFA solutions have application programming interfaces (APIs). Chapter 19 shows how APIs can be used to compromise a single MFA scenario or a million victims at the same time.
Chapter 20: Miscellaneous MFA Hacks Chapter 20 details several other MFA attacks that don’t fit neatly in the other chapters or that made it in this book at the last second.
Chapter 21: Test: Can You Spot the Vulnerabilities? I’m going to test you. This chapter introduces a real-world, very secure MFA solution that is used by one of the largest com- panies in the world. After I describe how it works, most readers will think that it is pretty unhackable. But it is hackable, and I want you to use what you’ve learned in the previous chapters to find those potential vulnerabilities.
Part III: Looking Forward This last part of the book discusses how to better design MFA solu- tions and what the future of authentication may look like.
Chapter 22: Designing a Secure Solution Perhaps one of the most important tasks fac- ing the world today is how to allow voters to remotely securely cast votes online in free elections. Chapter 22 discusses the ways remote voting can go wrong and what a secure, remote MFA voting solution might look like.
Chapter 23: Selecting the Right MFA Solution Chapter 23 covers how you and your organization can pick the right MFA solution, one that appropriately balances usability and security and that works in most of your critical security scenarios. There is no one perfect MFA solution, but Chapter 23 helps you pick the best solution for you and your organization.
Chapter 24: The Future of Authentication The authentication of the future is probably going to look a lot different than the choices we have today. It’s likely to look a lot differ- ent than the perfect MFA solutions we designed in Chapter 22 and the one you picked in Chapter 23. Find out why the future is different from what we have today.
Chapter 25: Takeaway Lessons Chapter 25 closes the book by summarizing the most important lessons learned in the previous chapters, all tidied up in one place for easy referencing.
Appendix: List of MFA Vendors Appendix lists over 115 different MFA vendors and includes a link to a Microsoft Excel spreadsheet which lists the different MFA vendors which lists their basic features to help you explore and choose an MFA solution.
Download link: https://www25.zippyshare.com/v/awfrKrzY/file.html
