12 nitrile coated gloves(polyester shell) xingyu gloves 2015
EC521: Cybersecurity OpenVAS Team Members: Yingchao Zhu; Chen Qian; Xingyu Wu; XuZhuo Zhang; Igibek...
-
Upload
brandon-leonard -
Category
Documents
-
view
232 -
download
6
Transcript of EC521: Cybersecurity OpenVAS Team Members: Yingchao Zhu; Chen Qian; Xingyu Wu; XuZhuo Zhang; Igibek...
EC521: Cybersecurity OpenVAS
Team Members: Yingchao Zhu; Chen Qian; Xingyu Wu; XuZhuo Zhang;
Igibek Koishybayev;
1
OpenVAS Vulnerability Test
EC521: Cybersecurity OpenVAS
Agenda
• What we have done?• How OpenVAS work?• Mailbox• Browser• Web application with XSS vulnerabilities• What to do next…
2
EC521: Cybersecurity OpenVAS
What we have done?• We were divided into 4 parts and each in charge of
web server, web application, mailbox, and web browser.• learning the basic protocols that running on the
contemporary Internet(basic knowledge charging)• Research (a lot of reading): –OpenVAS – documentation–How to setup and run the OpenVAS–Understanding the vulnerability of Mailbox
• Coding–Web Application–Writing scripts
3
What we have done?
• Build up the working environment• Kali linux OS(set up on virtual machine)• install openVAS in Kali linux
• Find and study(then maybe audit) open source files to set up our targets(i.e. mailbox etc.)
• Use openVAS to give initial test scan to these targets
• Then figure out how we can utilize these vulnerability
4
EC521: Cybersecurity OpenVAS
DEMO - OpenVAS
5
OpenVAS
• Source Packages Installation
• NVT sync, Add admin/user• GSA: https://localhost:9392/
EC521: Cybersecurity OpenVAS8
EC521: Cybersecurity OpenVAS9
EC521: Cybersecurity OpenVAS10
EC521: Cybersecurity OpenVAS11
EC521: Cybersecurity OpenVAS12
EC521: Cybersecurity OpenVAS13
EC521: Cybersecurity OpenVAS14
Target – Xampp/DVWA
EC521: Cybersecurity OpenVAS15
XAMPP's name is an acronym for:
• X (to be read as "cross", meaning cross-platform)• Apache HTTP Server• MySQL• PHP• Perl
xampp
DVWA
• Damn Vulnerable Web App (DVWA) is a PHP/MySQL web application that is damn vulnerable. Its main goals are to be an aid for security professionals to test their skills and tools in a legal environment, help web developers better understand the processes of securing web applications and aid teachers/students to teach/learn web application security in a class room environment.
EC521: Cybersecurity OpenVAS16
EC521: Cybersecurity OpenVAS17
EC521: Cybersecurity OpenVAS18
EC521: Cybersecurity OpenVAS19
EC521: Cybersecurity OpenVAS20
EC521: Cybersecurity OpenVAS21
Webmail Vulnerability
EC521: Cybersecurity OpenVAS
Webmail vulnerability
Mail Server Set-Up Environment (Local)• OS : CentOS-6.5• SMTP : Postfix-2.6 + Sasl• IMAP/POP3 : Dovecot-2.0• Web : Apache-2.2• Webmail : Openwebmail-2.30 (perl)/
Squirrelmail-1.4.22 (php)
22
EC521: Cybersecurity OpenVAS
Webmail vulnerability
Postfix• Configure : main.cf• Enable Sasl : smtpd_sasl_auth_enable = yes
Dovecot• Protocol = pop3(port: 110)
imap(port: 143)• Netstat –tulpn | grep dovecot
23
EC521: Cybersecurity OpenVAS
Webmail vulnerability
Openwebmail • http://www.openwebmail.org/• Online Demo http://openwebmail.amcpl.net/
• Install openwebmail-2.30.tar.gz
24
EC521: Cybersecurity OpenVAS
Openwebmail Vulnerbilities
25
EC521: Cybersecurity OpenVAS
Openwebmail Ver. 2.30
26
EC521: Cybersecurity OpenVAS
Webmail vulnerability
Apache • Httpd config : /etc/httpd/conf/httpd.conf
set directory• Serv. restart : /etc/init.d/httpd restart
• localhost/cgi-bin/openwebmail/openwebmail.pl
27
EC521: Cybersecurity OpenVAS28
EC521: Cybersecurity OpenVAS29
EC521: Cybersecurity OpenVAS30
EC521: Cybersecurity OpenVAS31
First Try
EC521: Cybersecurity OpenVAS
Webmail vulnerability
Next…• Keep digging vulnerabilities (Maybe elder ver.)• Patches & Penetration (Burpsuite)• Localhost =>LAN
32
EC521: Cybersecurity OpenVAS33
Web Application (Blackboard)
EC521: Cybersecurity OpenVAS
DEMO: Web Application (Blackboard)
Description: Blackboard is the web application used by students to post their homework solutions, which vulnerable to XSS and CSRF attack.
34
EC521: Cybersecurity OpenVAS
DEMO: Web Application (Blackboard)
Story on behalf: You (hacker) don’t know solution to the homework and want to steal the solutions from others. Also you want to steal final exam questions from teacher in a such way that no one will find out that it was you. (i.e. like a ninja)
35
EC521: Cybersecurity OpenVAS
DEMO: Web Application (Blackboard)
Mission: 1. Steal the solutions from “nerd”;2. Make “badguy” to steal final exam q/a for
you;3. Be the smartest guy (ninja, hacker) in the
class;
36
EC521: Cybersecurity OpenVAS
DEMO: Web Application (Blackboard)
Wait a minute…where is OpenVAS???
We will make security assessment on our web application using OpenVAS. (in near future)
37
EC521: Cybersecurity OpenVAS
What to do next…
• Write plugins– OpenVAS
• Integrate everything• Modify the php code in DVWA, do the openvas scan
again, compare the report • Local => LAN; Penetration (Burpsuite) and Patches
38
EC521: Cybersecurity OpenVAS
Questions?
39