Saugat Adhikari

Saugat Adhikari 18029221
Module Code & Module Title

CC6051NI Ethical Hacking
Hacking into Cloud Systems
Assessment Weightage & Type

50% Individual Coursework
Year and Semester

2020-2021 Spring
Assignment Due Date: May 7, 2021

Assignment Submission Date: May 5, 2021
Word Count: 2290
I confirm that I understand my coursework needs to be submitted online via Google Classroom
under the relevant module page before the deadline in order for my assignment to be accepted
and marked. I am fully aware that late submissions will be treated as non-submission and a
mark of zero will be awarded.
Abstract
Cloud infrastructure is a collection of IT services delivered to a client over a network on a leased
basis with the option to scale up or down according to their needs. Often, Cloud Computing
systems are provided by a third-party vendor that manages the infrastructure. Cloud Computing
has the power to revolutionize the way we do business to remove the need for the industry to
invest in high-cost computing technology to use IT-based solutions and services. The growth of
cloud computing technology is hastening the pace at which businesses outsource computational
services or sell unused computational capital. Even though transitioning to the cloud remains a
financially appealing trend, there are several other factors that businesses must consider before
making the decision. Although some cloud storage security challenges are inherited from the
solutions used to build those services, many new security concerns are often raised, including
those relating to how the services are structured in the cloud.
This technical report delivers essential insight into the domain and sub-domains of cloud
computing and cloud deployment systems available in the current day and age. Besides that, a
detailed attack demonstration is performed based on a cloud system hack by exploiting an
Openfiler iSCSI SAN running server from a Kali Linux machine. The report also provides many
countermeasures against cloud system security concerns along with legal, ethical, and social
implications from these attacks.
Table of Contents
1. Introduction ............................................................................................................................. 1
1.1 Current Scenario............................................................................................................... 1
1.2 Problems and Issues ......................................................................................................... 3
1.3 Aims .................................................................................................................................. 5
1.4 Objectives ......................................................................................................................... 5
2. Background .............................................................................................................................. 6
2.1 Cloud Computing and its Timeline ................................................................................... 6
2.2 Cloud System Deployment Models .................................................................................. 8
2.3 Cloud System Service Models .......................................................................................... 9
2.4 Cloud System’s Security Concerns ................................................................................. 11
2.5 Literature Review ........................................................................................................... 12
2.5.1 Case Study ............................................................................................................... 12
2.5.2 Analysis ................................................................................................................... 13
3. Demonstration and Analysis .................................................................................................. 14
3.1 Attack Scenario............................................................................................................... 14
3.2 Practical Demonstration................................................................................................. 16
3.2.1 Openfiler iSCSI SAN Setup for cloud-like online-storage capability. ...................... 16
3.2.2 Server Exploitation with Metasploit Framework ......................................................... 16
3.3 Cloud System’s Security Threat Countermeasures ........................................................ 23
3.3.1 General Security Countermeasures ........................................................................ 23
3.3.2 Countermeasures for Challenges Inherited from Network Concept...................... 23
3.3.3 Countermeasures for CAS proposed threats .......................................................... 23
4. Conclusion ............................................................................................................................. 25
4.1 Ethical, Social, and Legal Issues ...................................................................................... 25
4.2 Impact of Electronic Transaction Act 2063 (Nepal) on Ethical Hacking ......................... 26
5. References ............................................................................................................................. 27
6. Appendix ................................................................................................................................ 28
A.1 Cloud Security Problem Domains ....................................................................................... 29
A.2 Evolution of Cloud Computing ............................................................................................ 29
A.3 Core Cloud Capabilities ....................................................................................................... 30
A.4 Cloud System Deployment Models ..................................................................................... 32
A.5 Potential Attacks against Cloud Systems ............................................................................ 33
A.5 Technical Analysis of Capital One Case ............................................................................... 34
A.6 Openfiler iSCSI SAN Setup ................................................................................................... 37
Table of Figures
Figure 1: No. of Data Center Regions of various Cloud Service Providers (Karimunnisa & Kompalli,
2019) ............................................................................................................................................... 2
Figure 2: Cloud Usage Statistics (Flaherty, 2020) ........................................................................... 2
Figure 3: Top Challenges holding back Cloud Projects (Coles et al., 2015) .................................... 3
Figure 4: Cloud Security Concerns (Flaherty, 2020)........................................................................ 4
Figure 5: Six Computing Paradigms (Prasad et al., 2012) ............................................................... 6
Figure 6: Timeline of Cloud Computing (GlobalData, 2020) ........................................................... 7
Figure 7: Cloud Computing Deployment Models (Qaisar & Khawaja, 2012) ................................. 8
Figure 8: Cloud Computing Service Models (Nazir, 2012) ............................................................ 10
Figure 9: Email reporting supposed leaked data belonging to Capital One (Ma, 2019) .............. 12
Figure 10: Diagram of the Capital One Attack (Neto et al., 2020) ................................................ 13
Figure 11: Attack Scenario ............................................................................................................ 14
Figure 12: Attacker IP address ...................................................................................................... 16
Figure 13: Nmap output on victim server ..................................................................................... 17
Figure 14: Detailed Nmap Output................................................................................................. 18
Figure 15: MSF console opened .................................................................................................... 19
Figure 16: List of exploits to use against open services on victim ................................................ 19
Figure 17: Exploit Options ............................................................................................................. 20
Figure 18: RHOST AND RPORT selection ....................................................................................... 20
Figure 19: List of compatible payloads shown.............................................................................. 21
Figure 20: Required payload selected and options are shown for verification............................ 21
Figure 21: Exploit command issued .............................................................................................. 22
Figure 22: Exploitation Successful ................................................................................................ 22
Figure 23: Unix reverse shell of the victim server ........................................................................ 22
Figure 24: Cloud Security Measures (Kong et al., 2018) ............................................................... 24
Figure 25: Essential Characteristics of Cloud Computing (Chandrasekaran, 2015) ..................... 32
Figure 26: List of attack steps mapped to MITRE ATT&CK Matrix (Neto et al., 2020) ................. 36
Figure 27: Open filer running as VM ............................................................................................. 37
Figure 28: Open filer web portal ................................................................................................... 38
Figure 29: Mounting two SCSI Hard Disks in Open filer................................................................ 39
Figure 30: Hard disks shown in Web Portal .................................................................................. 40
Figure 31: Volume Group .............................................................................................................. 40
Figure 32: Network ACL for iSCSI target ....................................................................................... 41
Figure 33: iSCSI Target service enabled and running.................................................................... 41
Figure 34: iSCSI Target details ....................................................................................................... 42

Figure 35: iSCSI Initiator Properties .............................................................................................. 43
Figure 36: Adding the Openfiler portal IP address ....................................................................... 44
Figure 37: Advanced options on discover portal .......................................................................... 45
Figure 38: iSCSI target shown with status .................................................................................... 46
Figure 39: Connecting to iSCSI target ........................................................................................... 47
Figure 40: iSCSI Target successfully connected. ........................................................................... 47
Figure 41: Shared iSCSI SAN volume shown in disk management ............................................... 48
Figure 42: Openfiler Web Access from Windows 7 ...................................................................... 48
1. Introduction
1.1 Current Scenario
The Internet has been a driving force behind the creation of various technologies. Cloud
Computing is, without a doubt, one of the most often debated of all of them (Nazir, 2012). The
cloud infrastructure model has seen a massive change toward acceptance in recent years, and it
has become a standard in the information technology space because it offers huge cost savings
and innovative market opportunities to its customers and providers (Nazir, 2012). Recent
advances in the world of cloud computation have drastically altered both the way people
compute and the definition of computing power (Ahmed & Houssain, 2014). The services of a
cloud computing infrastructure are typically located on someone else's premise or network and
accessible directly by cloud users (Ahmed & Houssain, 2014). Cloud computing is a new way to
install and manage applications that companies like Google, IBM, Microsoft, and Amazon are
embracing. Several prototype technologies and frameworks have been developed, including the
IBM Blue Cloud architecture, Google App Engine, Amazon Cloud, and the Elastic Computing
Framework (Nazir, 2012). Figure 1: No. of Data Center Regions of various Cloud Service Providers
shows data center regions of different cloud service providers over the world.
By 2024, the percentage would have risen to over 90%. Spending on public cloud providers is
expected to increase by 73 percent between 2018 and 2021, from $160 billion to $277 billion
(RightScale, 2018).
Page | 1
Figure 1: No. of Data Center Regions of various Cloud Service Providers (Karimunnisa & Kompalli, 2019)
Figure 2: Cloud Usage Statistics (Flaherty, 2020)
Page | 2
1.2 Problems and Issues
Security is seen as a critical condition for cloud infrastructure consolidation to be a reliable and
practical multipurpose solution (Gonzalez et al., 2012). Cloud computing has a lot of potentials,
but the security risks that come with it are directly proportional to the benefits it provides
(Ahmed & Hossain, 2014). According to the study conducted by Cloud Security Alliance (CSA),
cybersecurity experts see the top security challenges plaguing cloud-based businesses:
ransomware replication (63 percent), advanced persistent threats (53%), hacked accounts
(43%), and insider threats (42%) (Coles et al., 2015).
Some of the main domains including various cloud security concerns are explained below:A.1
Cloud Security Problem Domains
Figure 3: Top Challenges holding back Cloud Projects (Coles et al., 2015)
Page | 3
Figure 4: Cloud Security Concerns (Flaherty, 2020)
Page | 4
1.3 Aims
The main aim of this report is to develop a technical report on the domain of Cloud Computing
and hacking into cloud systems with the demonstration of a simulated attack. The report is a
culmination of good literature, a detailed explanation of cloud computing and its security
concerns, proof of concept, and legal and ethical implications of these attacks.
1.4 Objectives
• To explore the vague domain of Cloud Computing and related systems.

• To understand various security concerns related to Cloud systems.
• To provide a comprehensive analysis of the selected case study.
• To demonstrate an attack on the web server by exploiting UnrealIRCD vulnerability.
• To explore the social, ethical, and legal issues that arise from the above attack
demonstration.
• To analyze the impact of the Electronic Transactions Act 2063 B.S. (ETA) on Ethical
Hacking.
Page | 5
2. Background
2.1 Cloud Computing and its Timeline
Cloud computing is an older phenomenon that evolved from large-scale distributed computing.
Cloud computing, on the other hand, would be a disruptive technology in the area of computer
science and information technology (Prasad et al., 2012). This system depicts the IT industry's
evolution from hardware to software, software to services, and decentralized service to
centralized service (Prasad et al., 2012). Figure 5: Six Computing Paradigms demonstrates the six
phases of computing paradigms from Mainframe Computing to Cloud Computing.
Figure 5: Six Computing Paradigms (Prasad et al., 2012)
Page | 6
Figure 6: Timeline of Cloud Computing (GlobalData, 2020)
A detailed description on the evolution of Cloud Computing: A.2 Evolution of Cloud Computing
A detailed description of Cloud system’s Capabilities: A.3 Core Cloud Capabilities
Page | 7
2.2 Cloud System Deployment Models
Based on the operational configuration and the provisioning site, deployment models explain
how cloud systems should be delivered or made accessible to consumers (Chandrasekaran,
2015).
Figure 7: Cloud Computing Deployment Models (Qaisar & Khawaja, 2012)
A Detailed description on various types of Cloud deployment models: A.4 Cloud System
Deployment Models
Page | 8
2.3 Cloud System Service Models
The three kinds of services with which the cloud-based computing resources are available to end
customers are as follows:
• Software as a Service (SaaS): With the potential exception of restricted user-specific

device configurations, the customer can use the provider's software running on a cloud
platform, including network, servers, operating systems, storage, and even individual
application features (Chandrasekaran, 2015). Customer relationship management (CRM),
business intelligence analytics, and online accounting services are examples of typical
technologies available as a service (Chandrasekaran, 2015).
• Platform as a Service (PaaS): The customer is given the right to install consumer-
generated or purchased software created with programming languages, libraries,
services, and technologies funded by the vendor onto the cloud infrastructure
(Chandrasekaran, 2015). In most cases, the customer is responsible for the services
rendered. Google App Engine and Microsoft Azure Services are two examples of PaaS
providers (Chandrasekaran, 2015).
• Infrastructures as a Service (IaaS): The user is given the right to provision processing,
storage, networks, and other basic computing services on a pay-per-use basis, allowing
him or her to deploy and run any program, including operating systems and applications
(Chandrasekaran, 2015). A common example of a big IaaS provider is Amazon Web
Services (AWS).
Page | 9
Figure 8: Cloud Computing Service Models (Nazir, 2012)
Page | 10
2.4 Cloud System’s Security Concerns
If the environment moves toward cloud computing, it becomes more complex, and attackers
attempt to keep up. Some potential attacks on cloud computing are as follows:
• Denial of Service (DoS) Attacks

• Cloud Malware Injection Attack
• Side-Channel Attacks
• Authentication Attacks
Detailed description about these attacks can be found here: A.5 Potential Attacks against Cloud
Systems
Page | 11
2.5 Literature Review
2.5.1 Case Study
Despite its significant investment in IT technology, Capital One revealed in July 2019 that
confidential consumer data had been assessed by an outside individual. The data breach of US
bank Capital One took place on March 22 and 23, 2019, which was the result of unauthorized
access to their cloud-based servers hosted at Amazon Web Service (AWS) (Neto et al., 2020).
However, the breach was only discovered on July 19, which resulted in a data breach that
affected 106 million customers (100 million in the US and 6 million in Canada) (Neto et al., 2020).
Since the indictment is available online, including the FBI investigative summary (US District Court
at Seattle, 2019), the Capital One case stands out in this study and there is a lot of public
knowledge available on the case. In addition, many cybersecurity advisory firms released blog
posts detailing the incident's technical details.
After reporting the data leak, Capital One's stock dropped 5.9%, dropping a total of 15% in the
next two weeks (Neto et al., 2020). Only days after the violation was made public, a class-action
lawsuit was filed claiming undisclosed damages. Capital One received an e-mail from an outsider
telling them that data from their clients was available on a GitHub page, according to the FBI
lawsuit lodged with the Seattle court (US District Court at Seattle, 2019).
Figure 9: Email reporting supposed leaked data belonging to Capital One (Ma, 2019)
Page | 12
2.5.2 Analysis
After reviewing the Seattle Court's archives, cloud protection firm CloudSploit released an
explanation of the event on its corporate site, claiming that access to the compromised domain
was made possible by a Server-Side Request Forgery (SSRF) attack enabled by a configuration
flaw in Capital One's Web Application Firewall (WAF) solution (Neto et al., 2020). A server is
tricked into executing commands on behalf of a remote user in an SSRF attack, allowing the user
to even use the server as a proxy for his or her requests and gain access to non-public endpoints
(Neto et al., 2020).
Figure 10: Diagram of the Capital One Attack developed in the case study depicts the summary
of the overall attack and how a vulnerable server was accessed and commands were executed
by the attacker. After successful command execution, the attacker was able to access sensitive
information stored in AWS S3 buckets.
Figure 10: Diagram of the Capital One Attack (Neto et al., 2020)
Detailed Technical analysis of the Capital One Data Breach Case can be found here: A.5
Technical Analysis of Capital One Case
Page | 13
3. Demonstration and Analysis
3.1 Attack Scenario
Figure 11: Attack Scenario
For the attack demonstration, the topology is seen in Figure 11: Attack Scenario will be used. For
our penetration testing, the following tool and Operating Systems will be used as described
below:
Page | 14
• Operating Systems:
I. Openfiler (Linux) (Server - Victim): Openfiler makes deploying and managing

networked storage a breeze. Once you install Openfiler, you'll have a versatile
networked storage solution that can export your data using a variety of industry-
standard storage networking protocols. It will be used for enabling iSCSI data
transfer and for maintaining a Storage Area Network (SAN).
II. Kali Linux (Attacker): A machine with Kali Linux will be used to execute the attack
on the server.
III. Windows 7 (Victim): A machine with Windows 7 will be used for accessing the
iSCSI storage and Open filer web portal; for administrative purposes.
• Tools:
I. Metasploit Framework: It will be used as a Penetration Testing framework and for

exploiting the vulnerabilities.
II. iSCSI Initiator: This will be used in Windows 7 to access the iSCSI target configured
from the Open filer.
Page | 15
3.2 Practical Demonstration
3.2.1 Openfiler iSCSI SAN Setup for cloud-like online-storage capability.
Detailed Description on Openfiler iSCSI SAN setup to replicate cloud-like online-storage

capability can be found here: A.6 Openfiler iSCSI SAN Setup
3.2.2 Server Exploitation with Metasploit Framework
Step 1: Use Nmap to scan the victim IP and determine running OS, services, and port numbers.
Figure 12: Attacker IP address
Page | 16
Figure 13: Nmap output on victim server
As seen in the above Figure 13: Nmap output on victim server, the server is running on
Linux_kernel 2.6 and following port and services are open:
Port 22 – SSH
Port 111 – rpcbind
Port 3260 – iscsi
Port 5989 – webm-https
Page | 17
Figure 14: Detailed Nmap Output
Step 2: After the reconnaissance on services and ports, use Metasploit Framework to exploit
found vulnerabilities
Page | 18
Figure 15: MSF console opened
• From Metasploit console interface, we will find an exploit to use against the open
services: ssh, rpcbind, wbem-https and iscsi. To do so, “search unreal” command will be
used as shown in Figure 16: List of exploits to use against open services on victim.
Figure 16: List of exploits to use against open services on victim
• Choose “unreal_ircd_3281_backdoor” as exploit and use ‘show options’ command to

display exploit module options as shown in Figure 17: Exploit Options.
Page | 19
Figure 17: Exploit Options
• Set the Victim server’s Ip address (‘set RHOST 192.168.1.157’) and Remote Port number
(‘set RPORT 446’) and issue ‘show options’ command to verify the input as shown in
Figure 18: RHOST AND RPORT selection.
Figure 18: RHOST AND RPORT selection
Page | 20
• From the compatible list payload options, payload named ‘cmd/Unix/bind_perl’ will be
used and the ‘show options’ command will be issued to display information as shown in
Figure 19: List of compatible payloads shown and Figure 20: Required payload selected
and options are shown for verification.
Figure 19: List of compatible payloads shown
Figure 20: Required payload selected and options are shown for verification
Page | 21
• Finally, the exploitation of the sever will begin with the ‘exploit’ command and a backdoor
will be created for enabling a reverse shell into the victim machine as shown in Figure 21:
Exploit command issued, Figure 22: Exploitation Successful, and Figure 23: Unix reverse
shell of the victim server.
Figure 21: Exploit command issued
Figure 22: Exploitation Successful
Figure 23: Unix reverse shell of the victim server
The penetration research performed above on an iSCSI SAN cloud system server (PC1) that allows
online storage has shown how a cloud system can be hacked using Kali Linux and Metasploit 4.5.0
basic tools and commands to break applied security and obtain access to files or information
stored on server drives via the internet.
Page | 22
3.3 Cloud System’s Security Threat Countermeasures
There are a variety of ways that cloud storage can help with security. Qualys Guard, for example,
is a collection of items that are used to identify network flaws. It is used by over 200 businesses
in the Forbes Global 2000, indicating that it has gained widespread recognition (Ashktorab &
Taghizadeh, 2012). So, in addition to both of aforementioned risks, there are several strategies
for enhancing defense to an optimal degree. These strategies are the subject of this section.
3.3.1 General Security Countermeasures
• Architecture Security
• Data Security
• Protection from attacks at various levels
• Using Mirage Image Management System
• Using Client Based Privacy Manager
• Transparent Cloud Protection System (TCPS) (Ashktorab & Taghizadeh, 2012)
3.3.2 Countermeasures for Challenges Inherited from Network Concept
• Active content filtering techniques against SQL injection and XSS attacks
• Endpoint Separation and evaluation of software security, virtualization, and server
processes against MITM attacks
• Domain Name System Security Extensions (DNSSEC) against DNS attacks
• Monitoring of guest VMs and hypervisor architecture
• Usage of next-generation Intrusion Detection and Prevention Systems (Ashktorab &
Taghizadeh, 2012)
3.3.3 Countermeasures for CAS proposed threats
• Confronting Abuse and Nefarious Use of Cloud Computing

• Confronting Insecure Application Programming Interfaces
• Confronting Malicious Insiders
• Confronting Shared Technology Vulnerabilities
• Confronting Data Loss/Leakage
• Confronting Account, Service and Traffic Hijacking (Ashktorab & Taghizadeh, 2012)
Page | 23
Figure 24: Cloud Security Measures (Kong et al., 2018)
Page | 24
4. Conclusion
Cloud computing is a new development that combines a variety of emerging and computer
technology, such as the internet, networking, operating systems, hardware, applications,
middleware, virtualization, multi-tenancy, and so on (Dar & Ravindran, 2918). As a result of the
integration, these inventions are put to the best possible use. It is seeking a role in every area of
life, encouraging small and large-scale businesses and organizations by offering a forum on which
they can operate their programs with minimal costs and maximize benefits. As the saying goes,
"there are two sides of any coin." Cloud infrastructure has many benefits, but it still has many
drawbacks. These drawbacks are proving to be catastrophic, compromising the sensitive data of
cloud service customers (Dar & Ravindran, 2918). Data in Cloud Vendor Data Centers is extremely
vulnerable, and full-proof protection mechanisms must be given.
The penetration testing lab demonstrated in this report depicts the level of ease with which an
attacker can exploit vulnerabilities in a web server to access critical information and data. The
above attack was conducted in a simulated virtual environment to limit the damage, which could
be catastrophic in a real-time cloud system scenario.
4.1 Ethical, Social, and Legal Issues
The above attack demonstrates unauthorized access into the victim server by exploiting found
vulnerabilities. Ethics begins when certain elements within a moral system conflict; and defines
what persons are supposed to do when following standards of rights and wrongs. Many ethical
issues arrive from the above attack, such as performing active reconnaissance to discover
vulnerabilities in a victim machine is highly unethical. Similarly, the overall act of hacking into
cloud system arise several unethical implications.
Many hacking attacks of any size can impact negatively on society. From destroying the goodwill
of a company to accessing personal and sensitive information about individuals can arise from
these attacks. In the above context, hacking into cloud systems has led to the disclosure of
Page | 25
personal and financial information of several customers, which can directly or indirectly impact
the individual and society as a whole.
Finally, hacking into cloud systems violates a vast number of laws and regulations across the
globe. In the above case, accessing a server without authorization and interrupting its services is
extremely illegal and punishable by law.
But all the activities performed in this report are conducted only for study purposes and inside
a simulated virtual environment.
4.2 Impact of Electronic Transaction Act 2063 (Nepal) on Ethical Hacking
Cyberlaw varies by country and refers to topics relating to the internet and other information
media practices, such as anonymity and jurisdiction. Cyberlaw is crucial because, as the use of
the internet has grown, so has the number of crimes committed on the internet. It also protects
the end user's anonymity, preventing them from being a victim of cybercrime. The ETA 2063
(Electronic Transaction Act) deals with cybercrime problems and aids in the development and
implementation of cybercrime legislation. It has established various criteria such that those
found guilty of cybercrime can be charged per the crime scene. He or she will be imprisoned for
6 months to a total of three years and must pay the appropriate sentence for the offense.
Although the term “Ethical Hacking” suggests the activity to be ethical and not violate any rules
and regulations, it can still vary based on the cyber law of the governing region. Lack of proper
guidelines and highly surface information regarding hacking and its legal implication can land an
Ethical hacker on the bad side of the law. Hence, ETA must be revised to cope with the emerging
technology and must specify detailed guidelines for performing Vulnerability Assessment and
Penetration Testing (VAPT) on any company within Nepal.
Page | 26
5. References
Ahmed, M. & Hossain, M.A. (2014) CLOUD COMPUTING AND SECURITY ISSUES IN THE CLOUD.
International Journal of Network Security & Its Applications (IJNSA), 6(1), pp.25-37.
Ashktorab, V. & Taghizadeh, S. (2012) Security Threats and Countermeasures in Cloud
Computing. International Journal of Application or Innovation in Engineering & Management
(IJAIEM), 1(2), pp.234-46.
Chandrasekaran, K. (2015) Essentials of CLOUD COMPUTING. 1st ed. New York: CRC Press.
Chouhan, P. & Singh, R. (2016) Security Attacks on Cloud Computing With Possible Solution.
International Journal of Advanced Research in Computer Science and Software Engineering, 6(1),
pp.92-97.
Coles, C., Yeoh, J., Mishra, E. & Santos, L. (2015) Cloud Adoption Practices & Priorities Survey
Report. Survey Report. skyhigh.
Dar, A.R. & Ravindran, D.D. (2918) A COMPREHENSIVE STUDY ON CLOUD COMPUTING
PARADIGM. Internation Journal of Advance Research in Science and Engineering, 7(4), pp.235-44.
Flaherty, D. (2020) Working from Home in 2020: How Cloud Use Changed [Online]. Available
from: https://www.mcafee.com/blogs/enterprise/cloud-security/working-from-home-in-2020-
how-cloud-use-changed/ [Accessed 27 April 2020].
GlobalData. (2020) Cloud Computing – Thematic Research. Thematic Research. London:
GlobalData.
Gonzalez, N., Miers, C., Simplicio, M. & Redigolo, F. (2012) A quantitative analysis of current
security concerns and solutions for cloud computing. Journal of Cloud Computing: Advances,
Systems and Applications, 1(11), pp.1-18.
Hurwitz, J., Kaufman, M. & Halper, D.F. (2012) Cloud Services for Dummies. IBM Limited Edition
ed. New Jersey: John Wiley and Sons, Inc.
Karimunnisa, S. & Kompalli, D.V.S. (2019) Cloud Computing: Review on Recent Research Progress
and Issues. International Journal of Advanced Trends in Computer Science and Engineering, 8(2),
pp.216-22.
Kong, W., Lei, Y. & Ma, J. (2018) Data security and privacy information challenges in Cloud
Computing. Int. J. Computational Science and Engineering, 16(3), pp.215-20.
Ma, A. (2019) Capital One found out about its 106-million-customer data breach only because a
member of the public emailed it a tip [Online]. Available from:
https://www.businessinsider.com/capital-one-hack-data-breach-email-tip-off-2019-7 [Accessed
27 April 2020].
Page | 27
Nazir, M. (2012) Cloud Computing: Overview & Current Research Challenges. IOSR Journal of
Computer Engineering (IOSR-JCE), 8(1), pp.14-22.
Neto, N., Madnick, S. & Borges, N. (2020) A Case Study of the Capital One Data Breach. Working
Paper. Cambridge: MIT Massachusetts Institute of Technology (MIT).
Padhy, R.P. & Patra, M.R. (2012) Evolution of Cloud Computing and Enabling Technologies.
International Journal of Cloud Computing and Services Science (IJ-CLOSER), 1(4), pp.182-98.
Prasad, M.R., Naik, R.L. & Bapuji, V. (2012) Cloud Computing : Research Issues and Implications.
International Journal of Cloud Computing and Services Science (IJ-CLOSER) , 2(2), pp.134-40.
Qaisar, S. & Khawaja, K. (2012) CLOUD COMPUTING: NETWORK/SECURITY THREATS AND
COUNTERMEASURES. INTERDISCIPLINARY JOURNAL OF CONTEMPORARY RESEARCH IN
BUSINESS, 3(9), pp.1323-30.
RightScale. (2018) RightScale 2018 State of the Cloud Report. White Paper. Santa Monica:
RightScale.
Srinivas, J., Reddy, K.V. & Qyser, D.A.M. (2012) Cloud Computing Basics. International Journal of
Advanced Research in Computer and Communication Engineering, 1(5), pp.343-49.
6. Appendix
Page | 28
A.1 Cloud Security Problem Domains
I. Network Security: Issues with network communications and cloud computing system
setups (Gonzalez et al., 2012).
II. Interfaces: All problems relating to consumer, administrative, and programming

interfaces for using and managing clouds are concentrated here (Gonzalez et al., 2012).
III. Data Security: Protection of data in terms of confidentiality, availability, and integrity
(which can be extended to any solution involving minimum protection levels, not just
cloud environments) (Gonzalez et al., 2012).
IV. Virtualization: Virtual machine isolation, hypervisor vulnerabilities, and other issues
associated with virtualization technologies (Gonzalez et al., 2012).
V. Governance: Issues with cloud infrastructure solutions' (losing) administrative and

security controls (Gonzalez et al., 2012).
A.2 Evolution of Cloud Computing
Page | 29
Prof. Ramnath Chellappa in Dallas, Texas, is credited with coining the word "cloud computing" in
1997, describing it as "a computing model where the parameters of computing can be defined
by economic rationale rather than technological limits alone” (Padhy & Patra, 2012).
Salesforce.com, which launched in 1999, was the first company to offer business software
through a single website. The services company paved the way for both niche and popular tech
companies to distribute applications over the Internet (Padhy & Patra, 2012).
Amazon expanded its cloud offerings in 2006. The first was its Elastic Compute Cloud (EC2), which
enabled users to connect to machines in the cloud and run their own applications. After that,
they released Simple Storage Service (S3) (Nazir, 2012). The pay-as-you-go concept was applied
to both consumers and the industry as a whole as a result of this, and it has since become
common practice.
The global public cloud services industry reached £78 billion in 2013, up 18.5% from 2012, with
IaaS (infrastructure-as-a-service) becoming the fastest growing market service (Padhy & Patra,
2012).
With the fast and continuing development of major global cloud data centers, cloud computing
will become more and more popular in the near future.
A.3 Core Cloud Capabilities
Regardless of the used model, some vital characteristics of cloud environment are as follows:
Page | 30
• Elasticity and self-service provisioning: A core advantage of a cloud system is that it offers
an elastic infrastructure (you can use only the services whenever you need them), which
allows customers to provision tools, such as computing or storage facilities, that they pay
for per-unit (Hurwitz et al., 2012).
• Billing and metering of service usage: A cloud provider must be able to monitor and
meter its use. As a result, a cloud environment comes with a built-in service that keeps
track of how much properties a client consumes. Customers are paying with the services
they use in a shared cloud. IT management in a private cloud may introduce a chargeback
system for departments that use services (Hurwitz et al., 2012).
• Workload Management: The cloud is a federated (distributed) network in which

resources are pooled so that they can collaborate. To do this, these services must be
designed to function as an interconnected, well-tuned environment with a multitude of
workloads (Hurwitz et al., 2012).
• Management Services: For cloud computing to be a well-managed network, several

management resources are needed. Security and governance are critical resources for
ensuring the safety of the apps and records. Since data can be moved between cloud
environments, data storage is often important (Hurwitz et al., 2012).
• Broad Network Access: Capabilities are accessible over the network through standard
frameworks that allow heterogeneous thin and thick user devices (e.g., cell phones,
computers, and personal digital assistants [PDAs]) to access them (Chandrasekaran,
2015).
Page | 31
Figure 25: Essential Characteristics of Cloud Computing (Chandrasekaran, 2015)
A.4 Cloud System Deployment Models
• Public Cloud (External Cloud): In basic words, public cloud systems are those that are
made accessible to customers over the Internet from a third-party service provider
Page | 32
(Srinivas et al., 2012). And if it may be free or relatively inexpensive to use, the word
"public" does not necessarily imply "free." A public cloud does not imply that a user's data
is accessible to the general public; instead, most public cloud providers have an access
management system for their customers (Srinivas et al., 2012).
• Private Cloud (Internal Cloud): Many of the advantages of a public cloud computing
system, such as elasticity and service-based computing, are available in a private cloud
(Srinivas et al., 2012). The distinction between a private cloud versus a public cloud is that
with a private cloud-based service, data and operations are handled within the enterprise
without network capacity constraints or security risks (Srinivas et al., 2012).
• Hybrid Cloud (Mixed Cloud): This cloud is made up of two or three different clouds
(public, private, and community). Essentially, it is a situation in which many cloud service
providers, either internal or external, are used (Qaisar & Khawaja, 2012).
• Community Cloud (Group Cloud): A community cloud is managed and used by a

consortium of organizations with similar goals, such as basic security specifications or a
joint purpose (Srinivas et al., 2012). Members of the network have shared links to the
cloud's data and software.
A.5 Potential Attacks against Cloud Systems
• Denial of Service (DoS) Attacks: According to the Cloud Security Alliance, the cloud is
more vulnerable to DoS threats because it is used by too many people, making it even
more damaging (Chouhan & Singh, 2016).
Page | 33
• Cloud Malware Injection Attack: An attacker attempts to insert a malicious service or

virtual machine into the cloud in a Cloud Malware Injection Attack. In this attack, the
attacker creates a malicious service implementation module (SaaS or PaaS) or virtual
machine instance (IaaS) and attempts to integrate it into the Cloud system (Chouhan &
Singh, 2016). The intruder must then act in such a way that it appears to the Cloud system
as a legitimate service, indicating that it is a new service deployment instance within the
valid instances (Chouhan & Singh, 2016).
• Side-Channel Attacks: By putting a malicious virtual machine close to a targeted cloud

server device and then initiating a side-channel attack, an attacker tries to penetrate the
cloud system (Chouhan & Singh, 2016). Side-channel attempts have arisen as a type of
successful security threat aimed at cryptographic algorithm implementation in systems
(Chouhan & Singh, 2016).
• Authentication Attacks: Authentication is a flaw in cloud storage systems that are often
used by hackers. The majority of sites only use basic login and password knowledge-based
verification, but financial institutions use a variety of secondary user authentication (such
as mutual hidden queries, site keys, virtual keyboards, and so on) to make phishing
attempts more challenging (Chouhan & Singh, 2016).
A.5 Technical Analysis of Capital One Case
Based on the reports from FBI, CloudSploit and the above case study, the following steps were
taken in the cyberattack:
Page | 34
Step 1: The FBI and Capital One discovered multiple accesses using anonymizing services like TOR
Network and VPN service provider IPredator, all of which were used to mask the malicious
accesses' root IP address.
Step 2: The SSRF attack permitted the attacker to fool the server into running commands as a
remote user, giving him access to a private server.
Step 3: Due to a WAF misconfiguration, the attacker was liable to mislead the firewall into
conveying instructions to the metadata service, which is a default back-end utility on the AWS
framework.
Step 4: The attacker was liable to mislead the server into demanding the access keys by mixing
the SSRF attack and the WAF misconfiguration with exposure to the metadata service providing
provisional privileges for such an area.
Step 5: Finally, the attacker copied approximately 30 GB of Capital One credit application data
from these buckets to the attacker's local computer using the AWS sync button.
Page | 35
Figure 26: List of attack steps mapped to MITRE ATT&CK Matrix (Neto et al., 2020)
Page | 36
A.6 Openfiler iSCSI SAN Setup
Step 1: Install Open filer Linux in VMware and Run the virtual machine.
Firstly, Log into Openfiler ESA and access the Web administrator GUI from the provided link
(http://192.168.1.157:446/).
Figure 27: Open filer running as VM
After visiting the site, login with proper credentials and enter as an administrator. Here, various
functionalities of Open filer can be seen, such as, Storage Status, Clusters, Networks, Services and
so on.
Page | 37
Figure 28: Open filer web portal
Page | 38
Step 2: Add Required number of Hard Drives into the Open filer Linux VM.
Figure 29: Mounting two SCSI Hard Disks in Open filer
As seen in the Figure 29: Mounting two SCSI Hard Disks in Open filer, two SCSI Hard Disks of each
8 GB have been added into the Open filer Linux VM. After adding those drives, they will be
displayed under Block Devices in the Open filer Web GUI. Simply, create partition on those
displayed drives and add all of them into a single Volume Group.
Page | 39
Figure 30: Hard disks shown in Web Portal
As seen in Figure 31: Volume Group, a single Volume Group named sharedopenfiler has been
created with iSCSI file system type and has a volume size of 15GB.
Figure 31: Volume Group
Page | 40
Figure 32: Network ACL for iSCSI target
In order to access the iSCSI target from required clients in the network, a new access list must be
created that will allow all IP address within the provided network to access the iSCSI target
volume. Thus, creating a Storage Area Network (SAN) and replicating a cloud system with online-
storage capability.
Figure 33: iSCSI Target service enabled and running
Figure 33: iSCSI Target service enabled and running demonstrates the iSCSI service running, which
means any client can now access the iSCSI target from within the allowed network.
Page | 41
Figure 34: iSCSI Target details
iSCSI Target: iqn.2006-01.com.openfiler:tsn.0898f1367479
Page | 42
Step 3: Setting up Windows 7 machine with authenticated iSCSI SAN cloud system
Prior to further steps, make sure that the Windows machine is within the allowed network range.
Then, open the iSCSI initiator tool.
Figure 35: iSCSI Initiator Properties
After opening the above window, go to Discovery tab and add a new discover portal with
Openfiler IP address and port number. Also make sure to go into advanced options, to select
Microsoft iSCSI Initiator as Local Adapter and enter the Initiator IP (Windows 7 IP).
Page | 43
Figure 36: Adding the Openfiler portal IP address
Page | 44
Figure 37: Advanced options on discover portal
As seen in Figure 38: iSCSI target shown with status, after proper authentication of the discovered
portal the iSCSI target from the Open filer is shown as a target. But it is still inactive and required
connection for active state.
Page | 45
Figure 38: iSCSI target shown with status
Page | 46
Figure 39: Connecting to iSCSI target
Simply connect to the shown iSCSI target and the target will be mounted on the Windows
machine as shown in Figure 41: Shared iSCSI SAN volume shown in disk management.
Figure 40: iSCSI Target successfully connected.
Page | 47
Figure 41: Shared iSCSI SAN volume shown in disk management
Figure 42: Openfiler Web Access from Windows 7
Page | 48
Page | 49

Saugat Adhikari

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Saugat Adhikari

Uploaded by

Copyright:

Available Formats

Saugat Adhikari 18029221

Module Code & Module Title

Hacking into Cloud Systems

Assessment Weightage & Type

Year and Semester

Assignment Due Date: May 7, 2021

Figure 34: iSCSI Target details ....................................................................................................... 42

1.1 Current Scenario

Figure 2: Cloud Usage Statistics (Flaherty, 2020)

1.2 Problems and Issues

Figure 4: Cloud Security Concerns (Flaherty, 2020)

• To explore the vague domain of Cloud Computing and related systems.

2.1 Cloud Computing and its Timeline

Figure 5: Six Computing Paradigms (Prasad et al., 2012)

Figure 6: Timeline of Cloud Computing (GlobalData, 2020)

2.2 Cloud System Deployment Models

Figure 7: Cloud Computing Deployment Models (Qaisar & Khawaja, 2012)

2.3 Cloud System Service Models

• Software as a Service (SaaS): With the potential exception of restricted user-specific

Figure 8: Cloud Computing Service Models (Nazir, 2012)

2.4 Cloud System’s Security Concerns

• Denial of Service (DoS) Attacks

2.5 Literature Review

2.5.1 Case Study

3. Demonstration and Analysis

3.1 Attack Scenario

Figure 11: Attack Scenario

I. Openfiler (Linux) (Server - Victim): Openfiler makes deploying and managing

I. Metasploit Framework: It will be used as a Penetration Testing framework and for

3.2 Practical Demonstration

3.2.1 Openfiler iSCSI SAN Setup for cloud-like online-storage capability.

Detailed Description on Openfiler iSCSI SAN setup to replicate cloud-like online-storage

3.2.2 Server Exploitation with Metasploit Framework

Figure 12: Attacker IP address

Figure 13: Nmap output on victim server

Port 111 – rpcbind

Port 3260 – iscsi

Port 5989 – webm-https

Figure 14: Detailed Nmap Output

Figure 15: MSF console opened

Figure 16: List of exploits to use against open services on victim

• Choose “unreal_ircd_3281_backdoor” as exploit and use ‘show options’ command to

Figure 17: Exploit Options

Figure 18: RHOST AND RPORT selection

Figure 19: List of compatible payloads shown

Figure 21: Exploit command issued

Figure 22: Exploitation Successful

Figure 23: Unix reverse shell of the victim server

3.3 Cloud System’s Security Threat Countermeasures

3.3.1 General Security Countermeasures

• Confronting Abuse and Nefarious Use of Cloud Computing

Figure 24: Cloud Security Measures (Kong et al., 2018)

4.1 Ethical, Social, and Legal Issues

4.2 Impact of Electronic Transaction Act 2063 (Nepal) on Ethical Hacking

A.1 Cloud Security Problem Domains

II. Interfaces: All problems relating to consumer, administrative, and programming

V. Governance: Issues with cloud infrastructure solutions' (losing) administrative and

A.2 Evolution of Cloud Computing

A.3 Core Cloud Capabilities

• Workload Management: The cloud is a federated (distributed) network in which

• Management Services: For cloud computing to be a well-managed network, several

Figure 25: Essential Characteristics of Cloud Computing (Chandrasekaran, 2015)

A.4 Cloud System Deployment Models