Beruflich Dokumente
Kultur Dokumente
University of Oviedo
29 de marzo de 2013
Important Concepts I
Ethical Hack Refers to a computer security expert, who specializes in penetration testing and in other testing methodologies to ensure the security of an organizations information systems. Security Audit Is a manual or systematic measurable technical assessment of a system or application. Penetration Testing ( Pentesting ) Is a method of evaluating the security of a computer system or network by simulating an attack from malicious outsiders and malicious insiders.
2 / 20
Important Concepts II
0-day Is an attack that exploits a previously unknown vulnerability in a computer application, the developers have had zero days to address and patch the vulnerability. Vulnerability Refers to the inability to withstand the effects of a hostile environment. Exploit Is a piece of software or sequence of commands that takes advantage of a bug, glitch or vulnerability in order to cause unintended or unanticipated behaviour to occur on computer software, hardware, or something electronic.
3 / 20
Whats BackTrack?
BackTrack is based on the Debian GNU/Linux distribution aimed at digital forensics and penetration testing use. The current version is BackTrack 5 R3, now based on Ubuntu 10.04 (Lucid) LTS, which is itself based on Debian. BackTrack is a penetration testing and security auditing platform with advanced tools identify, detect and exploit any vulnerabilities uncovered in the target network enviroment.
5 / 20
BackTrack Desktop
6 / 20
BackTrack provides users with easy access to a comprehensive and large collection of security-related tools ranging,includes many well known security tools: Metasploit. RFMON ( Injection capable wireless drivers ). Aircrack-ng. Gerix ( Wi Cracker ). Nmap. Ophcrack ( Bruter Force Pass ). Ettercap. Wireshark ( Trafc Analizer ). BeEF ( Browser Exploitation Framework ). Nessus. OWASP Security Framework. Cisco OCS Mass Scanner, a fast scanner for Cisco routers. ...
7 / 20
Whats MetaSploit?
Metasploit is a tool, was completely written in the Ruby, for developing and executing exploit code against a remote target machine. Metasploit can be used to test the vulnerability of computer systems to protect them or to break into remote systems. Since the acquisition of the Metasploit Framework, Rapid7 has added two open core proprietary editions called Metasploit Express and Metasploit Pro. Metasploit runs on Unix ( including Linux and Mac OS X ) and on Windows.
8 / 20
Metasploit Framework
9 / 20
10 / 20
The basic steps for exploiting a system using the Framework include:
Choosing and conguring an exploit (code that enters a target system by taking advantage of one of its bugs; about 900 different exploits for Windows, Unix/Linux and Mac OS X systems are included). Checking whether the intended target system is susceptible to the chosen exploit (optional). Choosing and conguring a payload (code that will be executed on the target system upon successful entry). Choosing the encoding technique to encode the payload so that the intrusion-prevention system (IPS) will not catch the encoded payload. Executing the exploit.
11 / 20
Virtual Box https://www.virtualbox.org/wiki/Downloads BackTrack 5 R3 http://www.backtrack-linux.org/downloads Windows XP SP3 Internet is your friend ;-)
12 / 20
Exploits: exploit/windows/smb/ms08_067_netapi ( Windows ) exploit/windows/leformat/adobe_pdf_embedded_exe ( Adobe Reader 8.x - 9.x ) Payload: windows/meterpreter/reverse_tcp ( Windows ) windows/meterpreter/bind_tcp ( Windows )
13 / 20
Probe it!
14 / 20
15 / 20
16 / 20
17 / 20
Kali Linux
What is the difference between BackTrack and Kali? Switch to Debian and an FHS-compliant system. Repositories synchronize with the Debian repositories 4 times a day Complete exibility in generating your own updated Kali ISOs, with any desktop environment you like. Ability to seamlessly upgrade future major version of Kali. Ability to Bootstrap a Kali Installation/ISO directly from our repositories. Can quickly and easily get the required sources of each tool, then modify and rebuild them with a couple of commands.
18 / 20
El lado del Mal - Chema Alonso ( elladodelmal.com ) SbD - Alejandro Ramos ( securitybydefault.com ) Pentester.es - Jose Selvi ( pentester.es ) 48 Bits - Ruben Santamarta ( 48bits.com ) Tavis Ormandy Blog - Tavis Ormandy [http://taviso.decsystem.org] ( blog.cmpxchg8b.com )
19 / 20
Bibliografy
Wikipedia Net Market Share ( http://www.netmarketshare.com ) BackTrack 4: Assuring Security by Penetration Testing by Shakeel Ali & Tedi Heriyanto. Metasploit: The Penetration Testers Guide by David Kennedy. Metasploit para Pentesters by Pablo Gonzlez Prez & Chema Alonso. Kali Linux ( http://www.kali.org )
20 / 20