Presentation is loading. Please wait.

Presentation is loading. Please wait.

CANVAS Report for CTF Event at USAFA on 4/25/2007

Similar presentations


Presentation on theme: "CANVAS Report for CTF Event at USAFA on 4/25/2007"— Presentation transcript:

1 CANVAS Report for CTF Event at USAFA on 4/25/2007
Subject :Penetration Tools for Front Range Pen Test Exercise By Rajshri Vispute 9/22/2018 CANVAS REPORT/rvispute

2 Front Range Voting Machines (FRVM)
FRVM : Located in Denver, Colorado Created for : “Front Range Capture the Flag” Built using Web Interface To tally votes for political elections One person – one vote Front end – Web Server, Back end - MySQL 9/22/2018 CANVAS REPORT/rvispute

3 Voting Web Page Legitimate Serial No: 9000000-9000999
9/22/2018 CANVAS REPORT/rvispute

4 CANVAS REPORT/rvispute
Our Job Perform a complete system evaluation To find actual vulnerabilities Recommended solutions Submit the final report 9/22/2018 CANVAS REPORT/rvispute

5 CANVAS REPORT/rvispute
Rules to follow We cannot hack or attack any other teams We may not modify any software, hardware or data on other team’s servers/machines Keyboard time will be shared among members of our team If we violate any rule – we will be disqualified and asked to leave 9/22/2018 CANVAS REPORT/rvispute

6 CANVAS REPORT/rvispute
Information Provided One laptop to connect to Internet for looking up information and but not for transfer programs 1 Computer for a team of 3 members. Backtrack installed IP address Subnet Route 9/22/2018 CANVAS REPORT/rvispute

7 Procedure to find flags
nmap /24 – gives IP Address of server Go to IE and type View-Source Will get Image Directory – First flag Use Metasploit – WebDAV – will get command prompt. In Dir , Flag.txt file – Second flag From webpage , we will get admin.htm from where we can find admin.php 9/22/2018 CANVAS REPORT/rvispute

8 CANVAS REPORT/rvispute
Cont.. From C:\Inetpub\admin.php we obtain username/password info to (mysql server?) Use this info to login (where? Web server/fw/mysql server), here is Third flag Root password – hashes.txt Try IP address , enter root password works – Fourth flag Try to enter serial number like ‘;’ you will get SQL error which is hint. Login Mysql with mysql –u root – get access Show databases; - Here is Fifth Flag Most Vulnerable situation: If you enter 123 OR 1=1 in the serial number box- you are in… 9/22/2018 CANVAS REPORT/rvispute

9 CANVAS REPORT/rvispute
Our Recommendations Secure Mysql database from SQL Injection Need Host based IDS and firewalls Using 443 port number for web server instead of port 80 Putting the web server on a DMZ – damage to local computer only Use SNORT to protect or observe the network Encryption/decryption should use for serial numbers which is plain text 9/22/2018 CANVAS REPORT/rvispute

10 CANVAS REPORT/rvispute
Cont.. In Order to login to system – Digital Certificates or CAC cards should used. The system went down after being exploited – will create angry voters 9/22/2018 CANVAS REPORT/rvispute

11 CANVAS REPORT/rvispute
Our suggestions Should have knowledge of Backtrack – how to use different tools. Exploitation tutorials 9/22/2018 CANVAS REPORT/rvispute

12 CANVAS REPORT/rvispute
Who Won… Stephen Saroj Patil Did I missed anyone from UCCS 9/22/2018 CANVAS REPORT/rvispute

13 CANVAS REPORT/rvispute
What we learned Great learning experience Comments from Group members.. 9/22/2018 CANVAS REPORT/rvispute


Download ppt "CANVAS Report for CTF Event at USAFA on 4/25/2007"

Similar presentations


Ads by Google