Mano ‘dash4rk’ Paul r3c0n to r00t - Security and Soul
whois [Querying whois.org] Name: manoranjan paul > mano paul [IDENTITY] Primary: Follower of Jesus Christ (Christian) DOB: 09/ [TECHNICAL] Advisor: (ISC) 2, Software Assurance Books: The 7 Qualities of Highly Secure Software; Official (ISC) 2 Guide to CSSLP CEO: SecuRisk Solutions [OTHER] Researcher: Shark Biology (dash4rk) Creds: CSSLP, CISSP, MCSD, MCAD, CompTIA Network+, ECSA Record created on Record expires on tbd Database last updated on wen u c me, tweet
What is the topic/series about? Security – Pentesting processes from r3c0n to r00t – Intro to security tools in the Kali Linux OS Soul – Exploits that impact the soul – Intro to tools in the Bible and the protection in Jesus Christ 3 It is one thing to get r00ted in security; It is far worse to get r00ted in life
Agenda Teach Security Teach Christ Teach Security In Christ 4
Security -- getting r00ted in security -- Teach Security
Pentesting? Answers the question: – Can some entity penetrate your security defenses? Attestation of your overall security posture Before ogres do Attest Security Controls (safeguards, countermeasures) 6
Pentesting? (contd.) Rules of engagement – Scope defined – Get out of Jail card Structured process – Discovery to Exploit to Post-exploitation Internal/External scenarios 7
Pentesting – what it is NOT? 8
In the “r3c0n to r00t” series I will cover the various tools in the Kali Linux pentest distro/OS to perform the 3 steps pentest process – Step 1: r3c0n – Step 2: r3sili3ncy attestation – Step 3: r00t 9
What is Kali Linux? Debian based OS distro – dpkg –i file.deb Favorite OS for pentesters and forensics Trivia – Other Names – Kali – Backtrack – Whax – Whoppix – Knoppix 300+ security tools 10
Tools, Tools, and more Tools 11
Step 1: r3c0n Identify live hosts Enumerate Discover Gather Info/Intelligence 12
r3c0n - Quotes Know your enemy – The Art of War; Sun Tzu Know your victim – Mano ‘dash4rk’ Paul 13
r3c0n Tool Categories Identification – Live host – IDS/IPS Scanning – Network Fingerprinting – OS – Services Analysis – DNS – OSINT – Route – SMB – SMTP – SNMP – SSL – Telephony – Traffic – VoIP – VPN 14
Step 2: r3sili3ncy attestation Evaluate attack surface Analyze vulnerability Check exploit 15
r3sili3ncy attestation - Quotes The art of being wise is the art of knowing what to overlook. – American Philosopher and Psychologist, William James ( ) The art of being wise is the art of knowing what to look over. – Mano ‘dash4rk’ Paul (19.. – Forever) 16
Step 3: r00t Run exploit Getting pwn3d 17
Tell me, and I’ll forget Show me, and I may remember Involve me, and I’ll understand 18
Demo Step 1: r3c0n – 1.a. Who is out there alive? Live host identification – netdiscover – 1.b. What can we find out about the living? 1.b.1. Scanning (enumeration, discovery) – dmitry – nmap – zenmap – dnmap_server – dnmap_client 1.b.2. Fingerprinting – miranda 19
Demo (contd.) Step 2: r3sili3ncy attestation – Is the system vulnerable to exploitation? metasploit framework (check) Step 3: r00t – Getting pwn3d? metasploit framework (run exploit) 20
Soul -- getting r00ted in life -- Teach Christ
r3c0n of the living Who is out there alive? – Identification of the living (live hosts) Jesus said, “I am the resurrection and the life; Anyone who believes in me will live, even after dying.” (John 11:25; NLT) Those who believe in Jesus shall live (now) and eternally; they are the ones who are spiritually alive. (John 3:16) The devil is not interested in those who are spiritually dead 22
Scan What can we find out about the living? – The bad: Your adversary the devil is like a roaring lion (in r3c0n), seeking whom he may devour (exploit) (1 Peter 5:8) – The good: The eyes of the Lord search the whole earth (in r3c0n) to strengthen those whose hearts are fully committed to him (2 Chronicles 16:9a ; NLT) 23
Fingerprint Whose fingerprint is on you? – The d3v1l’s For you are the children of your father the devil, and you love to do the evil things he does. He was a murderer from the beginning. He has always hated the truth, because there is no truth in him. When he lies, it is consistent with his character; for he is a liar and the father of lies. (John 8:44; NLT) – God’s For I hold you by your right hand — I, the Lord your God. And I say to you, ‘Don’t be afraid. I am here to help you. … I am the Lord, your Redeemer. I am the Holy One of Israel.’ (Isaiah 41:13,14b; NLT) 24
r3sili3ncy attestation Is our life vulnerable to exploitation? – No one is righteous; no not one (Romans 3:10) – All are vulnerable. All have sinned and have fallen short of the glory of God (i.e., vulnerable and exploitable) - Romans 3:23 The wages of sin is death (getting r00ted/pwn3d) - Romans 6:
r00t – getting pwn3d Who 0wns you? – Are you r00ted by the devil? a slave to sin – Sin is crouching at the door, eager to control you. But you must subdue it and be its master.” (Genesis 4:7; NLT) – Are you r00ted in Christ Jesus? a servant of the Savior and Lord – And now, just as you accepted Christ Jesus as your Lord, you must continue to follow him. Let your roots grow down into him, and let your lives be built on him. Then your faith will grow strong in the truth you were taught, and you will overflow with thankfulness. (Colossians 2:6-7; NLT) 26
The conclusion of the matter No own wants to be pwn3d! To avoid security – one must implement security controls To avoid your soul from getting pwn3d (soul one MUST be r00ted in the one life control – Jesus Christ! 27
Points to Ponder Teach Security In Christ
Discussion Points Would you consider yourself alive or dead (spiritually)? – Born once, die twice – Born twice, die once If you are alive, you are the target! Are you r00ted by the devil (slave to sin) or are you r00ted in Christ Jesus? All who call on the name of the Lord Jesus Christ shall be saved [i.e., not have their soul (Joel 2:32) 29
Closing Thoughts 30 try { if (uLikedThisPresentationAndMtg) { subscribeVia (); followAndTweet(); getLinkedIn(); Us(); // } else { giveFeedback(); // } catch(Temptations t) { r00tedIn(God JesusChrist); } finally { ThankUandGodBless(); }
Standards Pre-engagement activities Intelligence Gathering Threat Modeling Vulnerability Analysis Exploitation Post Exploitation Reporting
Process Anatomy of an Attack - The 5Ps Probe Penetrate Persist Propagate Paralyze Official (ISC) 2 Guide to CSSLP - The 4Rs Reconnaissance – Enumeration & Discovery Resiliency Attestation – Attack & Exploitation Removal of Evidence (Cleanup) & Restoration Reporting & Recommendations 32 perspective defender’s perspective