Presentation is loading. Please wait.

Presentation is loading. Please wait.

CANVAS REPORT/rvispute 16/4/2016 CANVAS Report for CTF Event at USAFA on 4/25/2007 Subject :Penetration Tools for Front Range Pen Test Exercise By Rajshri.

Published byTheodore Owen Modified over 8 years ago

Similar presentations

Presentation on theme: "CANVAS REPORT/rvispute 16/4/2016 CANVAS Report for CTF Event at USAFA on 4/25/2007 Subject :Penetration Tools for Front Range Pen Test Exercise By Rajshri."— Presentation transcript:

1 CANVAS REPORT/rvispute 16/4/2016 CANVAS Report for CTF Event at USAFA on 4/25/2007 Subject :Penetration Tools for Front Range Pen Test Exercise By Rajshri Vispute

2 6/4/2016 CANVAS REPORT/rvispute 2 Front Range Voting Machines (FRVM) FRVM : Located in Denver, Colorado FRVM : Located in Denver, Colorado Created for : “Front Range Capture the Flag” Created for : “Front Range Capture the Flag” Built using Web Interface Built using Web Interface To tally votes for political elections To tally votes for political elections One person – one vote One person – one vote Front end – Web Server, Back end - MySQL Front end – Web Server, Back end - MySQL

3 6/4/2016 CANVAS REPORT/rvispute 3 Voting Web Page Legitimate Serial No: 9000000-9000999

4 6/4/2016 CANVAS REPORT/rvispute 4 Our Job Perform a complete system evaluation Perform a complete system evaluation To find actual vulnerabilities To find actual vulnerabilities Recommended solutions Recommended solutions Submit the final report Submit the final report

5 6/4/2016 CANVAS REPORT/rvispute 5 Rules to follow We cannot hack or attack any other teams We cannot hack or attack any other teams We may not modify any software, hardware or data on other team’s servers/machines We may not modify any software, hardware or data on other team’s servers/machines Keyboard time will be shared among members of our team Keyboard time will be shared among members of our team If we violate any rule – we will be disqualified and asked to leave If we violate any rule – we will be disqualified and asked to leave

6 6/4/2016 CANVAS REPORT/rvispute 6 Information Provided One laptop to connect to Internet for looking up information and but not for transfer programs One laptop to connect to Internet for looking up information and but not for transfer programs 1 Computer for a team of 3 members. 1 Computer for a team of 3 members. Backtrack installed (Can use nmap,, autoscan, metasploit) Backtrack installed (Can use nmap,, autoscan, metasploit) IP address IP address Subnet Subnet Route Route

7 6/4/2016 CANVAS REPORT/rvispute 7 Procedure to find flags nmap 192.168.104.0/24 – gives IP Address of server nmap 192.168.104.0/24 – gives IP Address of server Go to IE and type http://192.168.111.249/ Go to IE and type http://192.168.111.249/http://192.168.111.249/ View-Source View-Source Will get Image Directory – First flag Will get Image Directory – First flag Use Metasploit – WebDAV – will get command prompt. Use Metasploit – WebDAV – will get command prompt. In Dir, Flag.txt file – Second flag In Dir, Flag.txt file – Second flag From webpage, we will get admin.htm from where we can find admin.php From webpage, we will get admin.htm from where we can find admin.php

8 6/4/2016 CANVAS REPORT/rvispute 8 Cont.. From C:\Inetpub\admin.php we obtain username/password info to (mysql server?) From C:\Inetpub\admin.php we obtain username/password info to (mysql server?) Use this info to login (where? Web server/fw/mysql server), here is Third flag Use this info to login (where? Web server/fw/mysql server), here is Third flag Root password – hashes.txt Root password – hashes.txt Try ssh@root IP address, enter root password Try ssh@root IP address, enter root password works – Fourth flag works – Fourth flag Try to enter serial number like ‘;’ you will get SQL error which is hint. Try to enter serial number like ‘;’ you will get SQL error which is hint. Login Mysql with mysql –u root – get access Login Mysql with mysql –u root – get access Show databases; - Here is Fifth Flag Show databases; - Here is Fifth Flag Most Vulnerable situation: If you enter 123 OR 1=1 in the serial number box- you are in… Most Vulnerable situation: If you enter 123 OR 1=1 in the serial number box- you are in…

9 6/4/2016 CANVAS REPORT/rvispute 9 Our Recommendations Secure Mysql database from SQL Injection Secure Mysql database from SQL Injection Need Host based IDS and firewalls Need Host based IDS and firewalls Using 443 port number for web server instead of port 80 Using 443 port number for web server instead of port 80 Putting the web server on a DMZ – damage to local computer only Putting the web server on a DMZ – damage to local computer only Use SNORT to protect or observe the network Use SNORT to protect or observe the network Encryption/decryption should use for serial numbers which is plain text Encryption/decryption should use for serial numbers which is plain text

10 6/4/2016 CANVAS REPORT/rvispute 10 Cont.. In Order to login to system – Digital Certificates or CAC cards should used. In Order to login to system – Digital Certificates or CAC cards should used. Unnecessary ports should be closed Unnecessary ports should be closed The system went down after being exploited – will create angry voters The system went down after being exploited – will create angry voters

11 6/4/2016 CANVAS REPORT/rvispute 11 Our suggestions Should have knowledge of Backtrack – how to use different tools. Should have knowledge of Backtrack – how to use different tools. Exploitation tutorials Exploitation tutorials

12 6/4/2016 CANVAS REPORT/rvispute 12 Who Won… Stephen Roux Stephen Roux Saroj Patil Saroj Patil Did I missed anyone from UCCS? Did I missed anyone from UCCS?

13 6/4/2016 CANVAS REPORT/rvispute 13 What we learned Great learning experience Great learning experience Comments from Group members.. Comments from Group members..

Download ppt "CANVAS REPORT/rvispute 16/4/2016 CANVAS Report for CTF Event at USAFA on 4/25/2007 Subject :Penetration Tools for Front Range Pen Test Exercise By Rajshri."

Similar presentations

ITIS 1210 Introduction to Web-Based Information Systems Chapter 44 How Firewalls Work How Firewalls Work.

ITIS 1210 Introduction to Web-Based Information Systems Chapter 44 How Firewalls Work How Firewalls Work.
Hands-On Ethical Hacking and Network Defense Second Edition Chapter 5 Port Scanning.

Hands-On Ethical Hacking and Network Defense Second Edition Chapter 5 Port Scanning.
1 Web Servers / Deployment Alastair Dawes Original by Bhupinder Reehal.

1 Web Servers / Deployment Alastair Dawes Original by Bhupinder Reehal.
5-Network Defenses Dr. John P. Abraham Professor UTPA.

5-Network Defenses Dr. John P. Abraham Professor UTPA.
System and Network Security Practices COEN 351 E-Commerce Security.

System and Network Security Practices COEN 351 E-Commerce Security.
Firewall Security Chapter 8. Perimeter Security Devices Network devices that form the core of perimeter security include –Routers –Proxy servers –Firewalls.

Firewall Security Chapter 8. Perimeter Security Devices Network devices that form the core of perimeter security include –Routers –Proxy servers –Firewalls.
Network Security Testing Techniques Presented By:- Sachin Vador.

Network Security Testing Techniques Presented By:- Sachin Vador.
CS 591 DITSCAP1 E-voting DITSCAP Project UCCS POC: Edward Chow Boeing POC: Izzy Rodriguez Team: Samarpita Hurkute Kunal Bele Kunal Bele Shin Nam Shin Nam.

CS 591 DITSCAP1 E-voting DITSCAP Project UCCS POC: Edward Chow Boeing POC: Izzy Rodriguez Team: Samarpita Hurkute Kunal Bele Kunal Bele Shin Nam Shin Nam.
1 Chapter Overview Introduction to Windows XP Professional Printing Setting Up Network Printers Connecting to Network Printers Configuring Network Printers.

1 Chapter Overview Introduction to Windows XP Professional Printing Setting Up Network Printers Connecting to Network Printers Configuring Network Printers.
© 2010 VMware Inc. All rights reserved VMware ESX and ESXi Module 3.

© 2010 VMware Inc. All rights reserved VMware ESX and ESXi Module 3.
Advanced Networking for DVRs

Advanced Networking for DVRs
E-Commerce LAB#1 Samia alblwi1E-Commerce ( IS412) 2011.

E-Commerce LAB#1 Samia alblwi1E-Commerce ( IS412) 2011.
Port Knocking Software Project Presentation Paper Study – Part 1 Group member: Liew Jiun Hau (20086034) Lee Shirly (20095815) Ong Ivy (20095040)

Port Knocking Software Project Presentation Paper Study – Part 1 Group member: Liew Jiun Hau ( ) Lee Shirly ( ) Ong Ivy ( )
Penetration Testing Training Day Capture the Flag Training.

Penetration Testing Training Day Capture the Flag Training.
Lab How to Use WANem Last Update 2011.08.01 1.1.0 Copyright 2011 Kenneth M. Chipps Ph.D. www.chipps.com 1.

Lab How to Use WANem Last Update Copyright 2011 Kenneth M. Chipps Ph.D. 1.
 Prototype for Course on Web Security ETEC 550.  Huge topic covering both system/network architecture and programming techniques.  Identified lack.

 Prototype for Course on Web Security ETEC 550.  Huge topic covering both system/network architecture and programming techniques.  Identified lack.
Lecture 10 Intrusion Detection modified from slides of Lawrie Brown.

Lecture 10 Intrusion Detection modified from slides of Lawrie Brown.
Common Cyber Defenses Tom Chothia Computer Security, Lecture 18.

Common Cyber Defenses Tom Chothia Computer Security, Lecture 18.
Software Security Testing Vinay Srinivasan cell: +91 9823104620.

Software Security Testing Vinay Srinivasan cell:
Wireless Networks and the NetSentron By: Darren Critchley.

Wireless Networks and the NetSentron By: Darren Critchley.

Similar presentations

Ads by Google