Presentation is loading. Please wait.

Presentation is loading. Please wait.

Common Operating System Exploits

Published byJasper Warren Modified over 6 years ago

Similar presentations

Presentation on theme: "Common Operating System Exploits"— Presentation transcript:

1 Common Operating System Exploits
CSE Adrien Ibarra

2 This isn’t about “hacking”
This is more of a general overview, with an emphasis on some of the more prolific and easy- to-understand exploits, from the point of view of the operating system. *“Penetration Testing” or “Pen-Testing”*

3 1. Terminology Root Default user who has access to all commands and files. Buffer Overflow Overrun boundaries of a buffer during during execution allowing you to access data in other areas of memory.

4 1. Terminology Privilege Escalation Utilizing a bug in the OS to allow for access to resources that you do not have the credentials for. Zero days (0-day, O-day) A vulnerability that is unknown to the creator of the OS. Ports Form of endpoint communication for an OS. One of the easiest areas to exploit.

5 1. Terminology Shell Code Actual payload that will be injected into OS that takes advantage of exploit. Nmap Network scanner that provides immense amount of useful such as port scanning and OS Detection. Enumeration The process of finding out as much information about a computer before an exploit is attempted or found.

6 1.5 Ports NEVER USE TELNET - USE SSH
If you are using File Transfer Protocol (FTP) for example make sure to use SFTP to ensure there is no plain-text delivery. Close any ports that are not being used as they are susceptible to attacks. Basically, block everything and allow necessary ports. But, this is not perfect.

7 1.75 ShellCode

8 “Apple computers are secure because people are too focused on
making exploits for Windows.” Tip Nah.

9 “If I stay on top of my updates and I am security conscious, I’ll be fine.
Tip Nah.

10 2. Apple Keychain Dump Intentional, but extremely powerful
Apple has some of the simplest exploits available, shown by a combination of these two methods: Keychain Dump Intentional, but extremely powerful Single-User Mode Gives you the ability to reset master login password from a terminal before startup (Command-S before startup) -fsc

11 3. Windows Windows is the most popular operating system, thus, has an incredible amount of exploits. Let’s take a look at exploits that you can do today.

12 3. Windows Lotus Notes Privilege Escalation:
Works on versions between 8.5 and 9 Allows you to enter monitor mode through Notes diagnostics tool Monitor mode allows you access to all network data From here you can kill all processes, detach without killing, collect system info, or run process in privileged mode

13 3. Windows

14 3. Android Android is the most popular mobile phone OS, and therefore, has one of the most dangerous and easily exploitable bugs, ever. Blue Borne

15 3. Android BlueBorne: Utilizes buffer underflow - sending data slower than it can be read Exploit poses as a device that can be connected to, and executes shellcode before the connection can be confirmed. This allows for full access and control of your device as if you are using it

16 3. Android

17 You are never completely safe, however, you can make optimal choices to protect you from the average wanna-be “hacker”. Tip Disable Bluetooth when not in use Tip Deny access to all ports, opening only the absolute necessary Tip Disable Single-User Mode

18 Questions? Extra Resources if we have time: Rubber Ducky Exploit-DB
Metasploit

Download ppt "Common Operating System Exploits"

Similar presentations

Part 2 Penetration Testing. Review 2-minute exercise: RECON ONLY Find 3x IP addresses at the U.S. Merchant Marine Academy Google: “U.S. Merchant Marine.

Part 2 Penetration Testing. Review 2-minute exercise: RECON ONLY Find 3x IP addresses at the U.S. Merchant Marine Academy Google: “U.S. Merchant Marine.
1 Defining System Security Policies. 2 Module - Defining System Security Policies ♦ Overview An important aspect of Network management is to protect your.

1 Defining System Security Policies. 2 Module - Defining System Security Policies ♦ Overview An important aspect of Network management is to protect your.
A Complete Tool For System Penetration Testing Presented By:- Mahesh Kumar Sharma B.Tech IV Year Computer Science Roll No. :- CS09047.

A Complete Tool For System Penetration Testing Presented By:- Mahesh Kumar Sharma B.Tech IV Year Computer Science Roll No. :- CS09047.
Web Defacement Anh Nguyen May 6 th, 2010. Organization Introduction How Hackers Deface Web Pages Solutions to Web Defacement Conclusions 2.

Web Defacement Anh Nguyen May 6 th, Organization Introduction How Hackers Deface Web Pages Solutions to Web Defacement Conclusions 2.
System Security Scanning and Discovery Chapter 14.

System Security Scanning and Discovery Chapter 14.
Hacker, Cracker?! Are they the same? No!!! Hacker programmers intensely interested in the arcane and recondite workings of any computer operating system.

Hacker, Cracker?! Are they the same? No!!! Hacker programmers intensely interested in the arcane and recondite workings of any computer operating system.
Computer Security and Penetration Testing

Computer Security and Penetration Testing
Nikto LUCA ALEXANDRA ADELA. Nikto  Web server assessment tool  Written by Chris Solo and David Lodge  Released on December 27, 2001  Stable release:

Nikto LUCA ALEXANDRA ADELA. Nikto  Web server assessment tool  Written by Chris Solo and David Lodge  Released on December 27, 2001  Stable release:
Telnet/SSH: Connecting to Hosts Internet Technology1.

Telnet/SSH: Connecting to Hosts Internet Technology1.
Directory and File Transfer Services Chapter 7. Learning Objectives Explain benefits offered by centralized enterprise directory services such as LDAP.

Directory and File Transfer Services Chapter 7. Learning Objectives Explain benefits offered by centralized enterprise directory services such as LDAP.
Ana Chanaba Robert Huylo

Ana Chanaba Robert Huylo
MIS 5212.001 Week 2 Site:

MIS Week 2 Site:
Penetration Testing Training Day Penetration Testing Tools and Techniques – pt 1 Mike Westmacott, IRM plc Supported by.

Penetration Testing Training Day Penetration Testing Tools and Techniques – pt 1 Mike Westmacott, IRM plc Supported by.
Hands on with BackTrack Information gathering, scanning, simple exploits By Edison Carrick.

Hands on with BackTrack Information gathering, scanning, simple exploits By Edison Carrick.
CIS 450 – Network Security Chapter 14 – Specific Exploits for UNIX.

CIS 450 – Network Security Chapter 14 – Specific Exploits for UNIX.
REMOTE LOGIN. TEAM MEMBERS AMULYA GURURAJ 1MS07IS006 AMULYA GURURAJ 1MS07IS006 BHARGAVI C.S 1MS07IS013 BHARGAVI C.S 1MS07IS013 MEGHANA N. 1MS07IS050 MEGHANA.

REMOTE LOGIN. TEAM MEMBERS AMULYA GURURAJ 1MS07IS006 AMULYA GURURAJ 1MS07IS006 BHARGAVI C.S 1MS07IS013 BHARGAVI C.S 1MS07IS013 MEGHANA N. 1MS07IS050 MEGHANA.
Topics Network topology Virtual LAN Port scanners and utilities Packet sniffers Weak protocols Practical exercise.

Topics Network topology Virtual LAN Port scanners and utilities Packet sniffers Weak protocols Practical exercise.
Hacking Windows 9X/ME. Hacking framework Initial access physical access brute force trojans Privilege escalation Administrator, root privileges Consolidation.

Hacking Windows 9X/ME. Hacking framework Initial access physical access brute force trojans Privilege escalation Administrator, root privileges Consolidation.
1 Router Fundamentals (Ref. CCNA5 Introduction to Networks 2.1, 6.3)

1 Router Fundamentals (Ref. CCNA5 Introduction to Networks 2.1, 6.3)
Operating Systems Security

Operating Systems Security

Similar presentations

Ads by Google