Presentation is loading. Please wait.

Presentation is loading. Please wait.

Penetration Testing Social Engineering Attack and Web-based Exploitation CIS 6395, Incident Response Technologies Fall.

Published byJeffry Lindsey Modified over 6 years ago

Similar presentations

Presentation on theme: "Penetration Testing Social Engineering Attack and Web-based Exploitation CIS 6395, Incident Response Technologies Fall."— Presentation transcript:

1 Penetration Testing Social Engineering Attack and Web-based Exploitation
CIS 6395, Incident Response Technologies Fall 2016, Dr. Cliff Zou

2 Acknowledgement Some contents are from the book:
“The Basics of Hacking and Penetration Testing: Ethical Hacking and Penetration Testing Made Easy”, Second Edition

3 SET: Social Engineering Attack
Kali Linux has a toolset for social engineering attack Similar to Metasploit toolkit in term of comprehensiveness A good webpage tutorial: kali-linux/ A good YouTube video tutorial:

4 SET: Social Engineering Attack
setoolkit Select 1, social engineering attack

5 SET: Social Engineering Attack
We first focus on website attack where SET clones a fake webserver with ‘credential haverster attack’ to obtain victim’s login credential Put attack’s machine IP address here for setting malicious fake webserver

6 SET: Social Engineering Attack
Put target webserver’s URL here for clone Then, a user who connects to might think He is connecting to the real facebook.com! And his login input will pass To the attacker’s machine!

7 SET: Social Engineering Attack
If a user inputs his facebook.com account information in the fake website, the login information (by HTTP POST method) will be recorded down by SET! When I input username: and password: cnt5410l in the webpage, On the Kali Linux:

8 SET for Web Server Attack
Besides credential harversting, SET can set up malicious web server for drive-by download attack: Put attack’s IP address here for fake webserver

9 SET for Web Server Attack
Now the malicious webserver is up and running On victim’s IE browser, facebook.com shows up with Java Applet warning:

10 Basic of Web Hacking Analyze response from webserver and inspect for vulnerabilities: Web Server vulnerability scanner Intercept request as they leave your browser by using intercepting web proxy Find all the web pages, directories, and other files that make the web appliation: Clone Find secrete information

11 Nikto: Web Server Vulnerability Scanner
Type the program: Kali# nikto

12 Nikto: Web Server Vulnerability Scanner
-h: target name or IP -p: port number to scan -p 80, 443; p OSVDB-xxx: google to find detail of each Attention: Do not try Nikto to sensitive web servers! It generates a flood of web probing traffic

13 webscarab: Web Spider and Interceptor
webscarab Configure Kali browser to use webscarab as proxy It serves as a proxy that intercepts and allows people to alter web browser web requests (both HTTP and HTTPS) and web server replies. [from Wikipedia]

14 webscarab: Web Spider and Interceptor
Configure Kali browser to use webscarab as proxy Configure Iceweasel’s Preference  Advanced  Network  Connection Setting…

15 webscarab: Web Spider and Interceptor
Connect to the targeted web server once Right click the URL on Webscarab’s summary, then click “Spider Tree” will spider the web server

16 Owasp-zap: Bringing it all together under one roof
Owasp-zap contains all web-based hacking toolkit: Intercepting proxy, sipdering, web vulnerability scanning owasp-zap

17 Owasp-zap Web vulnerability scanning
Input target web URL under the “quick start” panel Make sure you are given permission to scan the target webserver! Here we scan the metasploitable Linux VM

18 Owasp-zap Web vulnerability scanning But it takes LONG LONG time!
All scanning results will be housed in the “Alerts” tab for easy review

19 Owasp-zap Spidering a website: right click a target URL  “Attack”  “Spider..”

20 Owasp-zap Maybe most useful: Request/Response Intercepting
Check and see if a website can securely handle abnormal inputs What would the website do if I tried to order “-5” TV? What would the website do if I tried to get $2000 TV for $20? What if I sign in without providing username or password variables? Step 1: set break point for outgoing/incoming web traffic Step 2: Use the browser to visit the target website, the owasp- zap will pop up with the HTTP GET request shown up The web browser will hang there waiting for the Zap to continue to send request out Set break point

21 Owasp-zap Step 2: Use the browser to visit the target website, the owasp- zap will pop up with the HTTP GET request shown up The web browser will hang there waiting for the Zap to continue to send request out Step 3: Modify the Request content, then click “continue” The modified Request content will be sent to the target website.

22 WebGoat: A Vulnerable Platform for Web-based Attack Training
Concept is similar to Metasploitable Linux VM Developed by OWASP organization Built on top of J2EE, can be run on any OS Download the “Easy Run” code from: java -jar webgoat-container war- exec.jar In Kali Browser, type in URL: The webserver runs on 8080 port

Download ppt "Penetration Testing Social Engineering Attack and Web-based Exploitation CIS 6395, Incident Response Technologies Fall."

Similar presentations

©2009 Justin C. Klein Keane PHP Code Auditing Session 3 – Tools of the Trade & Crafting Malicious Input Justin C. Klein Keane

©2009 Justin C. Klein Keane PHP Code Auditing Session 3 – Tools of the Trade & Crafting Malicious Input Justin C. Klein Keane
WebGoat & WebScarab “What is computer security for $1000 Alex?”

WebGoat & WebScarab “What is computer security for $1000 Alex?”
Workshop 6: SSL/TLS The HTTPS stripping attacks Zhou Peng and Daoyuan Wu 25 April 2014.

Workshop 6: SSL/TLS The HTTPS stripping attacks Zhou Peng and Daoyuan Wu 25 April 2014.
1 Topic 1 – Lesson 3 Network Attacks Summary. 2 Questions ► Compare passive attacks and active attacks ► How do packet sniffers work? How to mitigate?

1 Topic 1 – Lesson 3 Network Attacks Summary. 2 Questions ► Compare passive attacks and active attacks ► How do packet sniffers work? How to mitigate?
For Removal Info: visit

For Removal Info: visit
1 Configuring Web services (Week 15, Monday 4/17/2006) © Abdou Illia, Spring 2006.

1 Configuring Web services (Week 15, Monday 4/17/2006) © Abdou Illia, Spring 2006.
The OWASP Foundation Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under.

The OWASP Foundation Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under.
MIS 5212.001 Week 3 Site:

MIS Week 3 Site:
Browser Exploitation Framework (BeEF) Lab

Browser Exploitation Framework (BeEF) Lab
 Proxy Servers are software that act as intermediaries between client and servers on the Internet.  They help users on private networks get information.

 Proxy Servers are software that act as intermediaries between client and servers on the Internet.  They help users on private networks get information.
W3af LUCA ALEXANDRA ADELA – MISS 1. w3af  Web Application Attack and Audit Framework  Secures web applications by finding and exploiting web application.

W3af LUCA ALEXANDRA ADELA – MISS 1. w3af  Web Application Attack and Audit Framework  Secures web applications by finding and exploiting web application.
Introduction to Application Penetration Testing

Introduction to Application Penetration Testing
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Basic Security Networking for Home and Small Businesses – Chapter 8.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Basic Security Networking for Home and Small Businesses – Chapter 8.
MIS 5212.001 Week 5 Site:

MIS Week 5 Site:
bWAPP – Bee Bug – Installation

bWAPP – Bee Bug – Installation
1 All Your iFRAMEs Point to Us Mike Burry. 2 Drive-by downloads Malicious code (typically Javascript) Downloaded without user interaction (automatic),

1 All Your iFRAMEs Point to Us Mike Burry. 2 Drive-by downloads Malicious code (typically Javascript) Downloaded without user interaction (automatic),
3-Protecting Systems Dr. John P. Abraham Professor UTPA.

3-Protecting Systems Dr. John P. Abraham Professor UTPA.
Kali Linx Attacks Jim Nasto. Window 8 Computer On my Windows 8 64 bit OS machine. I started using a Virtual Machine using Hyper V Manager and shared the.

Kali Linx Attacks Jim Nasto. Window 8 Computer On my Windows 8 64 bit OS machine. I started using a Virtual Machine using Hyper V Manager and shared the.
Security Scanners Mark Shtern. Popular attack targets Web – Web platform – Web application Windows OS Mac OS Linux OS Smartphone.

Security Scanners Mark Shtern. Popular attack targets Web – Web platform – Web application Windows OS Mac OS Linux OS Smartphone.
Web Applications Testing By Jamie Rougvie Supported by.

Web Applications Testing By Jamie Rougvie Supported by.

Similar presentations

Ads by Google