live hacking - quotium · microsoft powerpoint - sec411.ppt author: ofer created date: 2/10/2007...
TRANSCRIPT
![Page 1: Live Hacking - Quotium · Microsoft PowerPoint - SEC411.ppt Author: ofer Created Date: 2/10/2007 12:06:23 AM](https://reader033.vdocuments.us/reader033/viewer/2022060805/608a5a0840b09f4a0566d164/html5/thumbnails/1.jpg)
Live Hacking
Threats & Countermeasures in Action (SEC411)
Ofer Maor
CTO
Hacktics Ltd.
![Page 2: Live Hacking - Quotium · Microsoft PowerPoint - SEC411.ppt Author: ofer Created Date: 2/10/2007 12:06:23 AM](https://reader033.vdocuments.us/reader033/viewer/2022060805/608a5a0840b09f4a0566d164/html5/thumbnails/2.jpg)
Agenda
• Introduction to Application Hacking
• Demonstration of Attack Tool
• Common Web Application Attacks &
Countermeasures
• Live Bank Hacking Demo
• Questions & Answers
![Page 3: Live Hacking - Quotium · Microsoft PowerPoint - SEC411.ppt Author: ofer Created Date: 2/10/2007 12:06:23 AM](https://reader033.vdocuments.us/reader033/viewer/2022060805/608a5a0840b09f4a0566d164/html5/thumbnails/3.jpg)
About Hacktics
• Security Services Company
• Provides wide range of services with focus on the
application security field
• Relies on vast experience in application level
penetration testing and secure development
Hacktics offers unique expertise in the technology and methodology of application security, together with out of the box thinking abilities and a keen understanding of the operational patterns of Hackers.
![Page 4: Live Hacking - Quotium · Microsoft PowerPoint - SEC411.ppt Author: ofer Created Date: 2/10/2007 12:06:23 AM](https://reader033.vdocuments.us/reader033/viewer/2022060805/608a5a0840b09f4a0566d164/html5/thumbnails/4.jpg)
Introduction to
Application Hacking
![Page 5: Live Hacking - Quotium · Microsoft PowerPoint - SEC411.ppt Author: ofer Created Date: 2/10/2007 12:06:23 AM](https://reader033.vdocuments.us/reader033/viewer/2022060805/608a5a0840b09f4a0566d164/html5/thumbnails/5.jpg)
Overview
• Today, most organizations create, use and
externalize distributed applications implementing
business processes.
• The increasing numbers of such applications
combined with the improved security in the
infrastructure layer drives hackers to turn to
application attacks.
• According to Gartner, over 75% of attacks today
take place in the application layer.
![Page 6: Live Hacking - Quotium · Microsoft PowerPoint - SEC411.ppt Author: ofer Created Date: 2/10/2007 12:06:23 AM](https://reader033.vdocuments.us/reader033/viewer/2022060805/608a5a0840b09f4a0566d164/html5/thumbnails/6.jpg)
What Is Application Hacking?
• Taking advantage of application-level
vulnerabilities to attack the site
• Attacks relate to the semantics and meaning of
application messages, such as HTTP requests,
SQL Queries or proprietary requests.
• Differs from infrastructure attacks focusing on
identifying unauthorized services (port
scanning) and abusing known vulnerabilities.
![Page 7: Live Hacking - Quotium · Microsoft PowerPoint - SEC411.ppt Author: ofer Created Date: 2/10/2007 12:06:23 AM](https://reader033.vdocuments.us/reader033/viewer/2022060805/608a5a0840b09f4a0566d164/html5/thumbnails/7.jpg)
Application vs. Infrastructure
• Not easily replicated (no script kiddies!), though
still easily exploitable
• Target the organization’s core business
operations rather than technology
• Allows launching direct attacks rather than
needing to break several circles of defense
• Used by attackers with specific agenda
(criminals, industrial espionage, etc.).
![Page 8: Live Hacking - Quotium · Microsoft PowerPoint - SEC411.ppt Author: ofer Created Date: 2/10/2007 12:06:23 AM](https://reader033.vdocuments.us/reader033/viewer/2022060805/608a5a0840b09f4a0566d164/html5/thumbnails/8.jpg)
Vulnerabilities Mitigation
• No prepared patch to easily deploy
• Fixing the vulnerability requires recoding, turning
it into a costly procedure
• Design Mistake Fix Cost Increase (Gartner):
– 1x – During Design
– 6.5x – During Development
– 15x – During Testing
– 100x – After Deployment to Production
- DRAFT -
![Page 9: Live Hacking - Quotium · Microsoft PowerPoint - SEC411.ppt Author: ofer Created Date: 2/10/2007 12:06:23 AM](https://reader033.vdocuments.us/reader033/viewer/2022060805/608a5a0840b09f4a0566d164/html5/thumbnails/9.jpg)
Technical vs. Logical
• Technical flaws relate to the specific technical
implementation of the application
• Logical flaws relate to the way business
processes were developed, unrelated to the
development infrastructure
• New security features added to development
infrastructure help decrease the number of
technical flaws, whereas logical flaws are still a
prominent problem
![Page 10: Live Hacking - Quotium · Microsoft PowerPoint - SEC411.ppt Author: ofer Created Date: 2/10/2007 12:06:23 AM](https://reader033.vdocuments.us/reader033/viewer/2022060805/608a5a0840b09f4a0566d164/html5/thumbnails/10.jpg)
Web Application
Penetration Tool
![Page 11: Live Hacking - Quotium · Microsoft PowerPoint - SEC411.ppt Author: ofer Created Date: 2/10/2007 12:06:23 AM](https://reader033.vdocuments.us/reader033/viewer/2022060805/608a5a0840b09f4a0566d164/html5/thumbnails/11.jpg)
Application Hacking Techniques
• Applications expect the client to behave in a
certain predefined manner (only user controlled
data is validated)
• The client, however, can be easily controlled by
the malicious user (attacker)
• Easily done using friendly GUI based tools
– Interactive Interception Proxies
– Browser Plug-ins
– etc.
![Page 12: Live Hacking - Quotium · Microsoft PowerPoint - SEC411.ppt Author: ofer Created Date: 2/10/2007 12:06:23 AM](https://reader033.vdocuments.us/reader033/viewer/2022060805/608a5a0840b09f4a0566d164/html5/thumbnails/12.jpg)
Interception Proxy Demo
![Page 13: Live Hacking - Quotium · Microsoft PowerPoint - SEC411.ppt Author: ofer Created Date: 2/10/2007 12:06:23 AM](https://reader033.vdocuments.us/reader033/viewer/2022060805/608a5a0840b09f4a0566d164/html5/thumbnails/13.jpg)
Common Web Application
Attacks & Countermeasures
(With Live Demo!)
![Page 14: Live Hacking - Quotium · Microsoft PowerPoint - SEC411.ppt Author: ofer Created Date: 2/10/2007 12:06:23 AM](https://reader033.vdocuments.us/reader033/viewer/2022060805/608a5a0840b09f4a0566d164/html5/thumbnails/14.jpg)
Topics
• Reconnaissance (Active/Passive)
• Parameter Tampering
• Session Hijacking
• Scripts Injection
• Cross Site Scripting
• Flow Bypassing (Forceful Browsing)
• SQL Injection
![Page 15: Live Hacking - Quotium · Microsoft PowerPoint - SEC411.ppt Author: ofer Created Date: 2/10/2007 12:06:23 AM](https://reader033.vdocuments.us/reader033/viewer/2022060805/608a5a0840b09f4a0566d164/html5/thumbnails/15.jpg)
Passive Reconnaissance
• Understanding the Application
• Requests Monitoring
• Structure & Flow Mapping
• Searching Code for Comments
• Identifying Development Infrastructure
• Retrieving Internet Resources
• Google Hacking
![Page 16: Live Hacking - Quotium · Microsoft PowerPoint - SEC411.ppt Author: ofer Created Date: 2/10/2007 12:06:23 AM](https://reader033.vdocuments.us/reader033/viewer/2022060805/608a5a0840b09f4a0566d164/html5/thumbnails/16.jpg)
Active/Malicious Reconnaissance
• Generate Exceptions & Errors
• Unreferenced URLs
– Default Components
– Administrative Interfaces
– Configuration/Log Files
• Source Code Disclosure
– Known Vulnerabilities
– Backup/Old Files
– File Access Components
![Page 17: Live Hacking - Quotium · Microsoft PowerPoint - SEC411.ppt Author: ofer Created Date: 2/10/2007 12:06:23 AM](https://reader033.vdocuments.us/reader033/viewer/2022060805/608a5a0840b09f4a0566d164/html5/thumbnails/17.jpg)
Active/Malicious Reconnaissance
• Result of Failing Key Secure Design Principles:
– Input Validation
– Exception Management
• Mitigation:
– Properly handle all exceptions
– Disable detailed error messages, if present
– Avoid storing any redundant files/information on
production machines
![Page 18: Live Hacking - Quotium · Microsoft PowerPoint - SEC411.ppt Author: ofer Created Date: 2/10/2007 12:06:23 AM](https://reader033.vdocuments.us/reader033/viewer/2022060805/608a5a0840b09f4a0566d164/html5/thumbnails/18.jpg)
Parameter Tampering
• Overview
– The basic, most simple form of application level
attack
– Is targeted directly at the business logic of the application
– Often does not require much knowledge of application
attacks and can be achieved with no tools
![Page 19: Live Hacking - Quotium · Microsoft PowerPoint - SEC411.ppt Author: ofer Created Date: 2/10/2007 12:06:23 AM](https://reader033.vdocuments.us/reader033/viewer/2022060805/608a5a0840b09f4a0566d164/html5/thumbnails/19.jpg)
Parameter Tampering
• The Problem
– Attackers may alter the value of parameters sent from the browser which were assumed by the developers to
remain as is
• Potential Damage
– Attacker may gain access to unauthorized data,
commit unauthorized transactions, go out of normal value boundaries, etc.
![Page 20: Live Hacking - Quotium · Microsoft PowerPoint - SEC411.ppt Author: ofer Created Date: 2/10/2007 12:06:23 AM](https://reader033.vdocuments.us/reader033/viewer/2022060805/608a5a0840b09f4a0566d164/html5/thumbnails/20.jpg)
Parameter Tampering
• Result of Failing Key Secure Design Principles:
– Input Validation
– Authentication
– Authorization
– Session Management
• Mitigation:
– Never trust user submitted data
– Check authenticity and authorization for every
operation performed.
![Page 21: Live Hacking - Quotium · Microsoft PowerPoint - SEC411.ppt Author: ofer Created Date: 2/10/2007 12:06:23 AM](https://reader033.vdocuments.us/reader033/viewer/2022060805/608a5a0840b09f4a0566d164/html5/thumbnails/21.jpg)
Session Hijacking
• Overview
– Session Hijacking is an attack in which the attacker successfully takes control over a user’s session, after
obtaining a valid session identifier
• Potential Damage
– Through this attack the attacker is able to gain
access to the system as if the attacker was authenticated to it, without ever knowing the
authentication credentials of the attacked user
![Page 22: Live Hacking - Quotium · Microsoft PowerPoint - SEC411.ppt Author: ofer Created Date: 2/10/2007 12:06:23 AM](https://reader033.vdocuments.us/reader033/viewer/2022060805/608a5a0840b09f4a0566d164/html5/thumbnails/22.jpg)
Session HijackingHacker’s request was accepted
as it contained a valid cookie
![Page 23: Live Hacking - Quotium · Microsoft PowerPoint - SEC411.ppt Author: ofer Created Date: 2/10/2007 12:06:23 AM](https://reader033.vdocuments.us/reader033/viewer/2022060805/608a5a0840b09f4a0566d164/html5/thumbnails/23.jpg)
Session Hijacking
• Result of Failing Key Secure Design Principles:
– Proper Session Management
– Input Validation
• Mitigation:
– Always use a reliable session management
mechanism (such as the one in ASP/ASP.Net)
– Protect your site from script attacks…
![Page 24: Live Hacking - Quotium · Microsoft PowerPoint - SEC411.ppt Author: ofer Created Date: 2/10/2007 12:06:23 AM](https://reader033.vdocuments.us/reader033/viewer/2022060805/608a5a0840b09f4a0566d164/html5/thumbnails/24.jpg)
Scripts Injection
• Overview
– A way to perform script-based attacks without being limited by browser security
– The attacker takes advantage of a component in the
system which displays to users information previously inserted by other users
– The attacker embeds a script into the input, which is
then executed on the browsers of other users
![Page 25: Live Hacking - Quotium · Microsoft PowerPoint - SEC411.ppt Author: ofer Created Date: 2/10/2007 12:06:23 AM](https://reader033.vdocuments.us/reader033/viewer/2022060805/608a5a0840b09f4a0566d164/html5/thumbnails/25.jpg)
The script, now from the web
site’s domain, was now able to
access sensitive information
and send it to the attacker
Scripts Injection
![Page 26: Live Hacking - Quotium · Microsoft PowerPoint - SEC411.ppt Author: ofer Created Date: 2/10/2007 12:06:23 AM](https://reader033.vdocuments.us/reader033/viewer/2022060805/608a5a0840b09f4a0566d164/html5/thumbnails/26.jpg)
Scripts Injection
• The Problem
– No input validation takes place when data is received
– No output sanitation is performed when data is sent back to other users
• Potential Damage
– Cookie Theft � Session Hijacking (Simple Exploit)
– Taking over entire browsing session (viewing users data and performing operations on their behalf)
– Improved Phishing Attacks
![Page 27: Live Hacking - Quotium · Microsoft PowerPoint - SEC411.ppt Author: ofer Created Date: 2/10/2007 12:06:23 AM](https://reader033.vdocuments.us/reader033/viewer/2022060805/608a5a0840b09f4a0566d164/html5/thumbnails/27.jpg)
Cross Site Scripting (XSS)
• Overview
– Similar to Scripts Injection, Cross Site Scripting takes advantage of the same principal of making the remote
server send the malicious script to the client
– Unlike with Scripts Injection, however, the client is part of the attack process, as the script itself is not
permanently stored on the remote system
– The key elements of the problem, as well as the potential damage and mitigation are identical to those
of the scripts injection attack.
![Page 28: Live Hacking - Quotium · Microsoft PowerPoint - SEC411.ppt Author: ofer Created Date: 2/10/2007 12:06:23 AM](https://reader033.vdocuments.us/reader033/viewer/2022060805/608a5a0840b09f4a0566d164/html5/thumbnails/28.jpg)
The script, sent by the attacked client to the
server was then received again by the client,
now with the proper security context, and
was able to send the cookie to the attacker
Cross Site Scripting (XSS)
![Page 29: Live Hacking - Quotium · Microsoft PowerPoint - SEC411.ppt Author: ofer Created Date: 2/10/2007 12:06:23 AM](https://reader033.vdocuments.us/reader033/viewer/2022060805/608a5a0840b09f4a0566d164/html5/thumbnails/29.jpg)
A Search page:
<HTML><TITLE>Search Results</TITLE><BODY>
<%
SearchTerm = Request.QueryString(“SearchStr”)
‘ Querying DB Based on the Search Term
If SearchRS.EOF Then ‘Search yielded no results
Response.Write(“No results found for “)
Response.Write(SearchTerm)
Else
‘ Display all records
End If
%>
</BODY></HTML>
XSS Code Example
![Page 30: Live Hacking - Quotium · Microsoft PowerPoint - SEC411.ppt Author: ofer Created Date: 2/10/2007 12:06:23 AM](https://reader033.vdocuments.us/reader033/viewer/2022060805/608a5a0840b09f4a0566d164/html5/thumbnails/30.jpg)
<HTML><TITLE>Search Results</TITLE><BODY>
No results found for XXX
</BODY></HTML>
XSS Code ExampleWith input string XXX, the result is:
![Page 31: Live Hacking - Quotium · Microsoft PowerPoint - SEC411.ppt Author: ofer Created Date: 2/10/2007 12:06:23 AM](https://reader033.vdocuments.us/reader033/viewer/2022060805/608a5a0840b09f4a0566d164/html5/thumbnails/31.jpg)
<HTML><TITLE>Search Results</TITLE><BODY>
No results found for <SCRIPT>Alert(‘Test’)</SCRIPT>
</BODY></HTML>
XSS Code ExampleHowever, with a script injected, the result is:
![Page 32: Live Hacking - Quotium · Microsoft PowerPoint - SEC411.ppt Author: ofer Created Date: 2/10/2007 12:06:23 AM](https://reader033.vdocuments.us/reader033/viewer/2022060805/608a5a0840b09f4a0566d164/html5/thumbnails/32.jpg)
Scripts Injection/XSS
• Result of Failing Key Secure Design Principles:
– Input Validation
– Output Sanitation
• Mitigation:
– The “Quick and Dirty” way – prevent users from
inserting HTML meta characters such as <, >, ;, etc.
– Better yet, perform HTML encoding of all non alphanumeric characters, such as:
• < � <
• > � >
• “ � "
• etc.
![Page 33: Live Hacking - Quotium · Microsoft PowerPoint - SEC411.ppt Author: ofer Created Date: 2/10/2007 12:06:23 AM](https://reader033.vdocuments.us/reader033/viewer/2022060805/608a5a0840b09f4a0566d164/html5/thumbnails/33.jpg)
Flow Bypassing
• Overview
– Common Logical Attack (Using Forceful Browsing Techniques)
– Useful against step-based applications such as
wizards or redirection-based applications
– Allows attackers to overcome specific authentication or authorization mechanisms
![Page 34: Live Hacking - Quotium · Microsoft PowerPoint - SEC411.ppt Author: ofer Created Date: 2/10/2007 12:06:23 AM](https://reader033.vdocuments.us/reader033/viewer/2022060805/608a5a0840b09f4a0566d164/html5/thumbnails/34.jpg)
Flow Bypassing
• The Problem
– Specific operations which require more than one request to be completed to not properly enforce the
flow of the operation
• Potential Damage
– Attacker can use this to overcome specific requests in
the flow that relate to security, allowing
• Authentication Circumvention
• Authorization Circumvention
• Operation Validity Verification
• etc.
![Page 35: Live Hacking - Quotium · Microsoft PowerPoint - SEC411.ppt Author: ofer Created Date: 2/10/2007 12:06:23 AM](https://reader033.vdocuments.us/reader033/viewer/2022060805/608a5a0840b09f4a0566d164/html5/thumbnails/35.jpg)
Flow Bypassing
• Result of Failing Key Secure Design Principles:
– Authentication
– Authorization
– Session Management
• Mitigation:
– Enforce flow of multi-step operations
– Rely on session for storing flow information
– Reverify authorization when committing the operation
![Page 36: Live Hacking - Quotium · Microsoft PowerPoint - SEC411.ppt Author: ofer Created Date: 2/10/2007 12:06:23 AM](https://reader033.vdocuments.us/reader033/viewer/2022060805/608a5a0840b09f4a0566d164/html5/thumbnails/36.jpg)
SQL Injection
• Overview
– Most powerful web application attack – targeting the data itself
– Takes advantage of common usage of Dynamic SQL
Queries
– Allows an attacker to maliciously modify the query sent by the application to the server
![Page 37: Live Hacking - Quotium · Microsoft PowerPoint - SEC411.ppt Author: ofer Created Date: 2/10/2007 12:06:23 AM](https://reader033.vdocuments.us/reader033/viewer/2022060805/608a5a0840b09f4a0566d164/html5/thumbnails/37.jpg)
SQL Injection
• The Problem
– When using Dynamic SQL, the syntax and parameters are concatenated together, thus allowing injection of
SQL syntax through parameters
• Potential Damage
– Access of Unauthorized Data
– Data Alteration
– Server Takeover
– Denial of Service (Server Availability/Data Destruction)
– More…
![Page 38: Live Hacking - Quotium · Microsoft PowerPoint - SEC411.ppt Author: ofer Created Date: 2/10/2007 12:06:23 AM](https://reader033.vdocuments.us/reader033/viewer/2022060805/608a5a0840b09f4a0566d164/html5/thumbnails/38.jpg)
SQL Injection – Code Sample I
…SqlStr = "SELECT UserID FROM Users WHERE Username = '" & Request.QueryString("User") & "' AND Password = '" & Request.QueryString("Pass") & "'"
Set MyConn = Server.CreateObject(“ADODB.Connection”)MyConn.Open “my_conn”, “dbuser”, “dbpass”
Set AuthRS = Server.CreateObject(“ADODB.Recordset”)AuthRS.Open SqlStr, MyConn
If LoginRS.EOF ThenResponse.Write("Invalid Login")
Else‘ Perform Authenticated Code…
End If…
Login Page Code:
![Page 39: Live Hacking - Quotium · Microsoft PowerPoint - SEC411.ppt Author: ofer Created Date: 2/10/2007 12:06:23 AM](https://reader033.vdocuments.us/reader033/viewer/2022060805/608a5a0840b09f4a0566d164/html5/thumbnails/39.jpg)
SQL Injection – Code Sample I– When normal users log in, the following query is
created:
– However, an attacker can type in x’ OR ‘1’=‘1 as
the password, yielding the following query:
– Returning a non empty record set, the attacker is logged on
SELECT * FROM Users WHERE Username = ‘HackHackHackHack’AND Password = ‘TicsTicsTicsTics’
SELECT * FROM Users WHERE Username = ‘HackHackHackHack’AND Password = ‘XXXX’’’’ OROROROR ‘‘‘‘1111’’’’====‘‘‘‘1111’
![Page 40: Live Hacking - Quotium · Microsoft PowerPoint - SEC411.ppt Author: ofer Created Date: 2/10/2007 12:06:23 AM](https://reader033.vdocuments.us/reader033/viewer/2022060805/608a5a0840b09f4a0566d164/html5/thumbnails/40.jpg)
SQL Injection – Code Sample II
Data Retrieval Code:
…SqlStr = "SELECT * FROM Packages WHERE Desc LIKE " &
"'%" & Request.QueryString("SearchStr") & "%'"
Set MyConn = Server.CreateObject(“ADODB.Connection”)MyConn.Open “my_conn”, “dbuser”, “dbpass”
Set PkgsRS = Server.CreateObject(“ADODB.Recordset”)Pkgs.Open SqlStr, MyConn
If LoginRS.EOF ThenResponse.Write(“No Packages Match Search.”)
Else‘ Display all vacation packages information
End If…
![Page 41: Live Hacking - Quotium · Microsoft PowerPoint - SEC411.ppt Author: ofer Created Date: 2/10/2007 12:06:23 AM](https://reader033.vdocuments.us/reader033/viewer/2022060805/608a5a0840b09f4a0566d164/html5/thumbnails/41.jpg)
SQL Injection – Code Sample II– With a normal search, the query received is:
– The attacker, however, can add a UNION SELECT statement to the parameter, turning the
query into the following one:
SELECT * FROM Products WHERE ProdDesc LIKE ‘%IosIosIosIos%’
SELECT * FROM Products WHERE ProdDesc LIKE ‘%XXXXXXXXXXXX’’’’ UNIONUNIONUNIONUNION
SELECTSELECTSELECTSELECT Username, PasswordUsername, PasswordUsername, PasswordUsername, PasswordFROMFROMFROMFROM Users Users Users Users --------%’
![Page 42: Live Hacking - Quotium · Microsoft PowerPoint - SEC411.ppt Author: ofer Created Date: 2/10/2007 12:06:23 AM](https://reader033.vdocuments.us/reader033/viewer/2022060805/608a5a0840b09f4a0566d164/html5/thumbnails/42.jpg)
SQL Injection
• Result of Failing Key Secure Design Principles:
– Input Validation
– Authorization
– Cryptography
– Sensitive Data Access Limitations
• Mitigation:
– The “Quick and Dirty” way – perform input validation to
remove meta character, and turn every single quote into double quote
– Better yet, avoid using dynamic SQL.
User Parameterized Queries instead
![Page 43: Live Hacking - Quotium · Microsoft PowerPoint - SEC411.ppt Author: ofer Created Date: 2/10/2007 12:06:23 AM](https://reader033.vdocuments.us/reader033/viewer/2022060805/608a5a0840b09f4a0566d164/html5/thumbnails/43.jpg)
SQL Injection
…// Defining the Query with @PkgID as its parameterString StrQry = “SELECT * FROM Packages Where PkgID = @PkgID”;
// Creating the connection and the SQL CommandSqlConnection MyConn = new SqlConnection(ConnectionString);SqlCommand MyQry = new SqlCommand(StrQry, MyConn);
// Creating and setting the parameterMyQry.Parameters.Add(new SqlParameter(“@PkgID”, SqlDbType.Int));MyQry.Parameters[“@PkgID”].Value = Request.QueryString[“PkgID”];
// And ExecuteMyConn.Open();SqlDataReader SqlDR = MyCmd.ExecuteReader();…
Using Parameterized Queries in C#
![Page 44: Live Hacking - Quotium · Microsoft PowerPoint - SEC411.ppt Author: ofer Created Date: 2/10/2007 12:06:23 AM](https://reader033.vdocuments.us/reader033/viewer/2022060805/608a5a0840b09f4a0566d164/html5/thumbnails/44.jpg)
skating- Ice CenterRockefeller
אחד המקו מות היפים
יורקי הניובחורף
![Page 45: Live Hacking - Quotium · Microsoft PowerPoint - SEC411.ppt Author: ofer Created Date: 2/10/2007 12:06:23 AM](https://reader033.vdocuments.us/reader033/viewer/2022060805/608a5a0840b09f4a0566d164/html5/thumbnails/45.jpg)
Volare
147 West 4th StreetNew York, New York
10012-1010
מסעדה איטלקית קטנה ונה דרת
![Page 46: Live Hacking - Quotium · Microsoft PowerPoint - SEC411.ppt Author: ofer Created Date: 2/10/2007 12:06:23 AM](https://reader033.vdocuments.us/reader033/viewer/2022060805/608a5a0840b09f4a0566d164/html5/thumbnails/46.jpg)
Thank You!Thank You!
For Additional Information:
Email:
Web: www.hacktics.com