P aul Asadoorian Founder & CEO, PaulDotCom Enterprises POST Exploitation Going Beyond The Happy Dance Carlos.

Slides:



Advertisements
Similar presentations
Friendly hacking Penetration testing vs. hacking Kamil Golombek Tel
Advertisements

Backdoors, Trojans and Rootkits CIS 413 This presentation is an amalgam of presentations by Mark Michael, Randy Marchany and Ed Skoudis. I have edited.
Computer Basics Hit List of Items to Talk About ● What and when to use left, right, middle, double and triple click? What and when to use left, right,
Computer security Viruses Hacking Backups
Hacking Techniques & Intrusion Detection Ali Al-Shemery arabnix [at] gmail.
Armitage and Metasploit Penetration Testing Lab
Your Users, Friend or Foe? Matthew Sullivan IT Security Manager, the University of Canberra Creator, the Spam and Open Relay Blocking System (SORBS)
Penetration Testing & Countermeasures Paul Fong & Cai Yu CS691 5 May 2003.
Hands-On Ethical Hacking and Network Defense Second Edition Chapter 5 Port Scanning.
Hands-On Ethical Hacking and Network Defense Chapter 5 Port Scanning.
Hands-On Ethical Hacking and Network Defense Chapter 5 Port Scanning Last updated
Offensive Security Part 1 Basics of Penetration Testing
ITP 457 Network Security Network Hacking 101. Hacking Methodology (review) 1. Gather target information 2. Identify services and ports open on the target.
Hacker, Cracker?! Are they the same? No!!! Hacker programmers intensely interested in the arcane and recondite workings of any computer operating system.
Vulnerability Analysis Borrowed from the CLICS group.
Hands-On Ethical Hacking and Network Defense Second Edition Chapter 6 Enumeration.
SM3121 Software Technology Mark Green School of Creative Media.
Click to edit Master subtitle style Chapter 17: Troubleshooting Tools Instructor:
Creating and Using Podcasts Stanford University Continuing Studies CS 43 Mark Branom
NDSU IT Security Theresa Semmens Chief Information Technology Security Officer Jeff Gimbel Senior Security Analyst.
2440: 141 Web Site Administration Remote Web Server Access Tools Instructor: Enoch E. Damson.
Chapter 2: Installing and Upgrading to Windows Server 2008 R2 BAI617.
Stuart Cunningham - Computer Platforms COMPUTER PLATFORMS Computer & Network Security & User Support & Training Week 11.
the protection of computer systerms and information from harm, theft, and unauthorized use. Computer hardware is typically protected by the same.
Malicious Code Brian E. Brzezicki. Malicious Code (from Chapter 13 and 11)
P aul Asadoorian Founder & CEO, PaulDotCom Enterprises POST Exploitation: Going Beyond The Happy Dance Carlos.
What are the risks to the data when we store all our work on computer? By Jessica Mann.
0Gold 11 0Gold 11 LapLink Gold 11 Firewall Service How Connections are Created A Detailed Overview for the IT Manager.
Penetration Testing Training Day Penetration Testing Tools and Techniques – pt 1 Mike Westmacott, IRM plc Supported by.
GOLD UNIT 4 - IT SECURITY FOR USERS (2 CREDITS) Rebecca Pritchard.
Thoughts on Firewalls: Topologies, Application Impact, Network Management, Tech Support and more Deke Kassabian, April 2007.
Viruses Hackers Backups Stuxnet Portfolio Computer viruses are small programs or scripts that can negatively affect the health of your computer. A.
Network Security Chapter 11 powered by DJ 1. Chapter Objectives  Describe today's increasing network security threats and explain the need to implement.
GOLD UNIT 4 - IT SECURITY FOR USERS (2 CREDITS) Kamran Didcote.
General rules 1. Rule: 2. Rule: 3. Rule: 10. Rule: Ask questions ……………………. 11. Rule: I do not know your skill. If I tell you things you know, please stop.
Hacking Windows 9X/ME. Hacking framework Initial access physical access brute force trojans Privilege escalation Administrator, root privileges Consolidation.
Vulnerability Scanning Vulnerability scanners are automated tools that scan hosts and networks for known vulnerabilities and weaknesses Credentialed vs.
TCOM Information Assurance Management System Hacking.
Network Management Workshop Apricot 2010 Kuala Lumpur Managing network configuration with RANCID.
Frontline Enterprise Security
Page 1 Printing & Terminal Services Lecture 8 Hassan Shuja 11/16/2004.
Brownie Girl Guides Guide to Computer Security Part1 Confused with viruses? Look no further and listen then ;)
CTC228 Nov Today... Catching up with group projects URLs and DNS Nmap Review for Test.
Information Security In the Corporate World. About Me Graduated from Utica College with a degree in Economic Crime Investigation (ECI) in Spring 2005.
Hands-On Ethical Hacking and Network Defense
Integrity Check As You Well Know, It Is A Violation Of Academic Integrity To Fake The Results On Any.
Page 1 Viruses. Page 2 What Is a Virus A virus is basically a computer program that has been written to perform a specific set of tasks. Unfortunately,
“Candidates were not advantaged by defining every type of operating system provided as examples in the explanatory notes of the standard. Candidates who.
Penetration Testing By Blaze Sterling. Roadmap What is Penetration Testing How is it done? Penetration Testing Tools Kali Linux In depth included tools.
© ExplorNet’s Centers for Quality Teaching and Learning 1 Describe applications and services. Objective Course Weight 5%
 Terms:  “Security”: is a system’s ability to provide services while maintaining the five IA pillars  “Attack”: an action that violates one of the.
Lecture 12 Page 1 CS 136, Spring 2009 Network Security: Firewalls CS 136 Computer Security Peter Reiher May 12, 2009.
SCADA NETWORK SECURITY BY LICET 4-AUG-12.
Lecture 9 Page 1 CS 236 Online Firewalls What is a firewall? A machine to protect a network from malicious external attacks Typically a machine that sits.
Tactical Meterpreter Scripting Carlos PerezDarkoperatorCarlos_perez[at]darkoperator.com DarkoperatorCarlos_perez[at]darkoperator.com.
Intro to Ethical Hacking
CHAPTER 4 Methodology.
Penetration Testing: Concepts,Attacks and Defence Stratagies
Click to edit Master subtitle style
Network Exploitation Tool
Common Operating System Exploits
CIT 480: Securing Computer Systems
Module 36 (Expanding Your Control of Windows Victims)
SSH SSH is “Secure SHell” Secure, compressed, widely supported, fast
Validating Your Information Security Program (ISP 3 of 3)
Implementing Client Security on Windows 2000 and Windows XP Level 150
IP Addresses & Ports IP Addresses – identify a device on a network
Ethical Hacker Pro IT Fundamentals Pro
Presentation transcript:

P aul Asadoorian Founder & CEO, PaulDotCom Enterprises POST Exploitation Going Beyond The Happy Dance Carlos Perez HP / PaulDotCom

Who am I? I had this really boring slide about who I am Then I realized that’s not really who I am What follows is the “Powerpoint” version of “a little about me”...

Podcast Present ~ 200 episodes Awards, blah Thursdays 7PM EST

Hack Naked Why Hack Naked?

Beer

Computer Destruction

PaulDotCom John “Father John” Strand Paul “Salad Shooter” Asadoorian Larry “Dirty Uncle” Pesce Mick “Jr. Salad Shooter” Douglas Carlos “Dark0perator” Perez Mike “The Original Intern” Perez Darren “Girly Mustache” Wigley ? “Byte_Bucket” Mark Baggett

“Hail Nessus!” My day job: I work for Tenable Network Security as a “Product Evangelist” I use Tenable products and write blogs, publish podcasts, teach courses, and produce videos Hail Nessus !

I Hacked The Gibson Do the happy dance!

Hacking the Gibson is quite the accomplishment Congratulations, your penetration test has begun Like sex, the importance is on what happens after you get in

“POST-Exploitation” This is actually a really bad term as it doesn’t accurately describe the process The process begins with a penetration tester, or attacker, getting shell or remote command execution on the system From there, there are several things that must be done in order to make it worth your while and your clients money!

STOP! Some say they don’t need to exploit anything They also say they don’t need you to go further In general, these are the exceptions and likley have an advanced and well-defined security program In every test, you should tell you client something they didn’t know about their network

Categories Local Enumeration Network Enumeration Privilege Escelation Pivoting MiTM Attacks Hiding & Covering Your Tracks

Focus We will focus on the local and network enumeration Automation in this space needs some work This is where Carlos comes in :)

Local Enumeration Accounts & Passwords List defenses - Firewall, A/V, etc.. General System Information - Screen capture, video screen capture - Open ports, file shares, running processes - Registry / configuration data - Device data - Mic, webcam, USB, Wireless

The Trick Being able to do this across multiple platforms Windows - Has great coverage, especially in Metasploit thanks to Carlos Linux - Not too much exists to automate OS X - Seems to want to behave differently thank Linux/UNIX - Each release changes the commands!

Local Enum - Manual Without advanced Cylon technology, the following is still done manually: - Go through file system and shares look for good stuff - Backup files, configuration files, clear-text password files

Re-Configure The System Change settings - DNS, hosts file Disable defenses - Drop shields, disable anti- virus Add file shares Add access methods (RDP, VNC, Telnet)

Network Enumeration Packet sniffing Port scanning

Windows Enumeration Examples

Linux Enumeration Examples

OS X Enumeration Examples

Don’t Forget: Presentations: Radio: Live Stream: Forum: Mailing List: Webcasts: Insider:

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.