Presentation is loading. Please wait.

Presentation is loading. Please wait.

MIS 5212.001 Week 4 Site:

Published byCarol Cooper Modified over 9 years ago

Similar presentations

Presentation on theme: "MIS 5212.001 Week 4 Site:"— Presentation transcript:

1 MIS 5212.001 Week 4 Site: http://community.mis.temple.edu/mis5212sec001s16/ http://community.mis.temple.edu/mis5212sec001s16/

2  Introduction  In the news  Introduction to Ruby  Modules  Scripting  Next Week 2MIS 5212.001

3  Submitted  http://www.bbc.com/news/business-35438159 (HSBC online banking attacked http://www.bbc.com/news/business-35438159  http://www.securityweek.com/firefox-warns-password- requests-over-http http://www.securityweek.com/firefox-warns-password- requests-over-http  http://www.motherjones.com/politics/2016/01/govern ments-expensive-cybersecurity-system-disaster-says- new-report http://www.motherjones.com/politics/2016/01/govern ments-expensive-cybersecurity-system-disaster-says- new-report  http://www.itnews.com/article/3027680/security/ident ity-theft-victim-this-site-helps-you-reclaim-your-life.html http://www.itnews.com/article/3027680/security/ident ity-theft-victim-this-site-helps-you-reclaim-your-life.html  http://www.armytimes.com/story/military- tech/cyber/2016/01/29/cloud-cyber-policy-documents- trickle-out-dod/79518898/ http://www.armytimes.com/story/military- tech/cyber/2016/01/29/cloud-cyber-policy-documents- trickle-out-dod/79518898/  http://www.reuters.com/article/us-israel-tech-cyber- idUSKCN0V422D http://www.reuters.com/article/us-israel-tech-cyber- idUSKCN0V422D MIS 5212.0013

4  Submitted  https://nakedsecurity.sophos.com/2016/01/27/critical-java- bug-found-in-paypal-servers/ https://nakedsecurity.sophos.com/2016/01/27/critical-java- bug-found-in-paypal-servers/  http://www.forbes.com/sites/stevemorgan/2016/01/31/help -wanted-1000-cybersecurity-jobs-at-opm-post-hack-hiring- approved-by-dhs/#3b65b8502cd2 http://www.forbes.com/sites/stevemorgan/2016/01/31/help -wanted-1000-cybersecurity-jobs-at-opm-post-hack-hiring- approved-by-dhs/#3b65b8502cd2  http://www.forbes.com/sites/stevemorgan/2016/01/30/why -j-p-morgan-chase-co-is-spending-a-half-billion-dollars-on- cybersecurity/#1596e9ca2a7f http://www.forbes.com/sites/stevemorgan/2016/01/30/why -j-p-morgan-chase-co-is-spending-a-half-billion-dollars-on- cybersecurity/#1596e9ca2a7f  https://www.hackread.com/malware-infected-android- gaming-apps-on-play-store https://www.hackread.com/malware-infected-android- gaming-apps-on-play-store  http://www.ehackingnews.com/2015/10/danske-bank-fixes- several.html#sthash.eGxqbDJG.dpuf http://www.ehackingnews.com/2015/10/danske-bank-fixes- several.html#sthash.eGxqbDJG.dpuf  http://m.reviewjournal.com/news/las-vegas/new-smart-gun- technology-uses-fingerprint-recognition-childproof-firearms http://m.reviewjournal.com/news/las-vegas/new-smart-gun- technology-uses-fingerprint-recognition-childproof-firearms MIS 5212.0014

5  Submitted  http://www.technewsworld.com/story/83023.html (CA to propose ban encrypted smartphones) http://www.technewsworld.com/story/83023.html  http://www.databreachtoday.com/ddos-attack-slams- hsbc-a-8835?rf=2016-02-01- edbt&mkt_tok=3RkMMJWWfF9wsRonuarNcO%2FhmjT EU5z16e8pXa%2B%2FlMI%2F0ER3fOvrPUfGjI4ATsJrN6 %2BTFAwTG5toziV8R7DALc16wtwQWRLl http://www.databreachtoday.com/ddos-attack-slams- hsbc-a-8835?rf=2016-02-01- edbt&mkt_tok=3RkMMJWWfF9wsRonuarNcO%2FhmjT EU5z16e8pXa%2B%2FlMI%2F0ER3fOvrPUfGjI4ATsJrN6 %2BTFAwTG5toziV8R7DALc16wtwQWRLl  http://www.securityweek.com/oil-and-gas-industry- increasingly-hit-cyber-attacks-report http://www.securityweek.com/oil-and-gas-industry- increasingly-hit-cyber-attacks-report  http://www.tripwire.com/company/research/tripwire- 2016-energy-survey-oil-and-gas/ http://www.tripwire.com/company/research/tripwire- 2016-energy-survey-oil-and-gas/  http://www.zdnet.com/article/google-chrome-gets- ready-to-mark-all-http-sites-as-bad/ http://www.zdnet.com/article/google-chrome-gets- ready-to-mark-all-http-sites-as-bad/ MIS 5212.0015

6  What I noted  Not an article, but information on last weeks Air Force “Cyber Weapon”  It’s their firewall! By declaring it a “Weapon” it prioritizes funding  http://betanews.com/2016/01/30/stop-using- microsoft-edges-inprivate-mode-if-you-value-your- privacy/ http://betanews.com/2016/01/30/stop-using- microsoft-edges-inprivate-mode-if-you-value-your- privacy/  http://betanews.com/2016/01/30/lg-g3-snap- vulnerability-leaves-owners-at-risk-of-data-theft/ http://betanews.com/2016/01/30/lg-g3-snap- vulnerability-leaves-owners-at-risk-of-data-theft/ MIS 5212.0016

7  Metasploit is primarily written in Ruby  The book “Metasploit” also uses a lot of PowerShell in it’s examples  We are not going to try and make you either Ruby or PowerShell developers here tonight  Rather, we will look at some of the basic structure and steps you might go through to modify modules for you own purposes. MIS 5212.0017

8  Interactive Ruby Shell (IRB or irb) is a REPL for programming in the object-oriented scripting language Ruby.  The program is launched from a command line and allows the execution of Ruby commands with immediate response, experimenting in real-time. It features command history, line editing capabilities, and job control, and is able to communicate directly as a shell script over the Internet and interact with a live server. MIS 5212.0018 Source: https://www.ruby-lang.org/en/documentation/quickstart/

9  Example MIS 5212.0019

10  Hello World  Calculator MIS 5212.00110

11  Use up arrow and edit + to *  Square MIS 5212.00111

12  Square Root MIS 5212.00112

13  Math is a built-in module for mathematics. Modules serve two roles in Ruby. This shows one role: grouping similar methods together under a familiar name. Math also contains methods like sin() and tan().  Next is a dot. What does the dot do? The dot is how you identify the receiver of a message. What’s the message? In this case it’s sqrt(9), which means call the method sqrt, shorthand for “square root” with the parameter of 9.  The result of this method call is the value 3.0. You might notice it’s not just 3. That’s because most of the time the square root of a number won’t be an integer, so the method always returns a floating-point number. MIS 5212.00113

14 MIS 5212.00114 Source: http://www.techotopia.com/index.php/Ruby_Math_Functions_and_Methods

15  Defining the method “Hi” as a shortcut to “Hello World”  Now, when we type hi ruby knows we mean Hello World MIS 5212.00115

16  Lets say we want to customize a bit. Say Hello to one person  Note the error. That was me not remember to use “input” MIS 5212.00116

17  Holding Spots in a String  What’s the #{name} bit? That’s Ruby’s way of inserting something into a string. The bit between the braces is turned into a string (if it isn’t one already) and then substituted into the outer string at that point. MIS 5212.00117

18  You can also use this to make sure that someone’s name is properly capitalized:  A couple of other tricks to spot here. One is that we’re calling the method without parentheses again. If it’s obvious what you’re doing, the parentheses are optional. The other trick is the default parameter World. What this is saying is “If the name isn’t supplied, use the default name of "World"”. MIS 5212.00118

19  Defining a class  The new keyword here is class. This defines a new class called Greeter and a bunch of methods for that class. Also notice @name. This is an instance variable, and is available to all the methods of the class. As you can see it’s used by say_hi and say_bye. MIS 5212.00119

20 MIS 5212.00120

21  Use.instance_methods to say methods available  Lots of inherited (Ancestry) methods are also listed MIS 5212.00121

22  To see just the methods we defined (filter out inherited methods) us.instance_methods (false)  What methods will greeter respond to?  "to_s" (meaning convert something to a string, a method that’s defined by default for every object). MIS 5212.00122

23  Lets add name  Using attr_accessor defined two new methods for us, name to get the value, and name= to set it. MIS 5212.00123

24  After ours change we get: MIS 5212.00124

25  I’ll show snippets here.  Full text will be loaded to blog MIS 5212.00125

26  Save to root and run by typing  “ruby [file_name]  In my case “ruby Unir5212.rb” MIS 5212.00126

27  Lines in the script beginning with # are comments and are ignored by the interpreter  The first line is a special case and tells the interpreter how to und the script  “say_hi” looks at @names to make decisions MIS 5212.00127

28  Now lets look at looping  From the script  “each” is a method that accepts a block of code then runs that block of code for every element in a list, and the bit between do and end is just such a block. The variable between pipe characters is the parameter for this block. MIS 5212.00128

29  If you were doing this in C it might look like this: for (i=0; i<number_of_elements; i++) { do_something_with(element[i]); } MIS 5212.00129

30  “say_bye” doesn’t use do list  Instead, it tests to see is a list exists “if @names.nil? Or does @names not exist. If so, just use “…” MIS 5212.00130

31  Now we move from Ruby back to Metasploit  Metasploit is written in Ruby  Ruby is the language used in the modules through out Metasploit MIS 5212.00131

32  Here is what the start of this module looks like: MIS 5212.00132

33  The previous page has some interesting lines to consider  “require ‘msf/core’”  Module will include all functionality from Metasploit’s core libraries  “class Metasploit3, Msf::Exploit::Remote  Defines this as an “Exploit” module  “include Msf::Exploit::Remote::SMB::Client”  Pulls in the SMB Client module that includes functionality to handle client interaction MIS 5212.00133

34  Grab a module close to what you want to do  Tweak it to get the functionality you need  This may involve sharpening your coding skills first MIS 5212.00134

35  Depending on the Exploit, you may need to know:  MSSQL  Oracle  PowerShell  Bash  Etc… MIS 5212.00135

36  Modifying the tools is one of the distinguishing skills in top flight Consultants  Lots of people can run nmap, Nessus, and Metasploit, but to distinguish yourself in the field, this needs to be your jumping off point. Please Note: I’m not saying I am any good at this, there’s a reason I’m teaching the course instead of consulting ;-) MIS 5212.00136

37  For Metasploit, scripting is basically modules for meterpreter  Same concept as earlier, but specific to meterpreter sessions  This is also a point where the book contains older information  Scripts are no longer being accepted for Metasploit  Script functionality is being ported to modules. MIS 5212.00137

38  Metasploit is constantly evolving  To stay on top you may want to follow on twitter:  HD Moore @hdmoore  Metasploit Project @metasploit  Andréz LAMOUROUX @DarkOperator  Check in on Rapid7 and DarkOperator  https://community.rapid7.com/welcome https://community.rapid7.com/welcome  http://www.darkoperator.com/ http://www.darkoperator.com/ MIS 5212.00138

39  https://community.rapid7.com/community/ metasploit/blog/2016/01/22/weekly- metasploit-wrapup https://community.rapid7.com/community/ metasploit/blog/2016/01/22/weekly- metasploit-wrapup MIS 5212.00139

40  http://www.coresecurity.com/core-impact- pro http://www.coresecurity.com/core-impact- pro MIS 5212.00140

41  http://immunitysec.com/products/canvas/ http://immunitysec.com/products/canvas/ MIS 5212.00141

42  We spent almost all of our time in the open source Metasploit Framework due to licensing  Metasploit Pro looks just as good and works just as well as the commercial products just mentioned MIS 5212.00142

43  In the news  Introduction to WebGoat  Exam will be postponed one week. MIS 5212.00143

44 ? MIS 5212.00144

Download ppt "MIS 5212.001 Week 4 Site:"

Similar presentations

Introducing JavaScript

Introducing JavaScript
Introduction to PHP MIS 3501, Fall 2014 Jeremy Shafer

Introduction to PHP MIS 3501, Fall 2014 Jeremy Shafer
MIS 5212.001 Week 4 Site:

MIS Week 4 Site:
The Web Warrior Guide to Web Design Technologies

The Web Warrior Guide to Web Design Technologies
Hands-On Ethical Hacking and Network Defense Second Edition Chapter 5 Port Scanning.

Hands-On Ethical Hacking and Network Defense Second Edition Chapter 5 Port Scanning.
Modules and Objects Introduction to Computing Science and Programming I.

Modules and Objects Introduction to Computing Science and Programming I.
Working with JavaScript. 2 Objectives Introducing JavaScript Inserting JavaScript into a Web Page File Writing Output to the Web Page Working with Variables.

Working with JavaScript. 2 Objectives Introducing JavaScript Inserting JavaScript into a Web Page File Writing Output to the Web Page Working with Variables.
XP 1 Working with JavaScript Creating a Programmable Web Page for North Pole Novelties Tutorial 10.

XP 1 Working with JavaScript Creating a Programmable Web Page for North Pole Novelties Tutorial 10.
SUNY Morrisville-Norwich Campus-Week 12 CITA 130 Advanced Computer Applications II Spring 2005 Prof. Tom Smith.

SUNY Morrisville-Norwich Campus-Week 12 CITA 130 Advanced Computer Applications II Spring 2005 Prof. Tom Smith.
Guide To UNIX Using Linux Third Edition

Guide To UNIX Using Linux Third Edition
Guide To UNIX Using Linux Third Edition

Guide To UNIX Using Linux Third Edition
MIS 5212.001 Week 3 Site:

MIS Week 3 Site:
Introduction to C Programming

Introduction to C Programming
Chapter 11 ASP.NET JavaScript, Third Edition. 2 Objectives Learn about client/server architecture Study server-side scripting Create ASP.NET applications.

Chapter 11 ASP.NET JavaScript, Third Edition. 2 Objectives Learn about client/server architecture Study server-side scripting Create ASP.NET applications.
Introduction to JavaScript. Aim To enable you to write you first JavaScript.

Introduction to JavaScript. Aim To enable you to write you first JavaScript.
Reading Data in Web Pages tMyn1 Reading Data in Web Pages A very common application of PHP is to have an HTML form gather information from a website's.

Reading Data in Web Pages tMyn1 Reading Data in Web Pages A very common application of PHP is to have an HTML form gather information from a website's.
Introduction to Python

Introduction to Python
PHP meets MySQL.

PHP meets MySQL.
Client Scripting1 Internet Systems Design. Client Scripting2 n “A scripting language is a programming language that is used to manipulate, customize,

Client Scripting1 Internet Systems Design. Client Scripting2 n “A scripting language is a programming language that is used to manipulate, customize,
Unit 3: Java Data Types Math class and String class.

Unit 3: Java Data Types Math class and String class.

Similar presentations

Ads by Google