Live Exploit - Chad Cravens
-
Upload
it-ology -
Category
Technology
-
view
98 -
download
1
Transcript of Live Exploit - Chad Cravens
About The Speaker
1Open Source Systems – www.ossys.com
2007 - Graduate of New Mexico Institute of Mining and Technology(Scholarship for Service Recipient)
2007 – 2011 Federal Employee at SPAWAR(Space and Naval Warfare Systems Center)
2012 – Software Engineer at Small Wall St Firm2014 – Founded Open Source Systems
Chad CravensCharleston, SC
Software Fanatic
Stickler for Software Quality and Security!
Steps of an Attack
3Open Source Systems – www.ossys.com
1. Network Reconnaissance (Nmap)a) Understand the Networkb) Map IP Addresses and Operating Systems / Servicesc) Search for Potentially Vulnerable Services
2. Service Reconnaissance (Nmap)a) Target a single machine and discovery potential vulnerabilitiesb) When a vulnerable service is discovered, find relevant CVE
3. Run the Exploit (Metasploit)a) Find the exploit in the metasploit databaseb) Use exploitc) Set exploit optionsd) Run exploit
4. Privilege Escalation and Install Backdoor (Metasploit)5. Run VNC for full UI control (Metasploit)6. Clean Up Activities (Metasploit)
Google Hacking
4Open Source Systems – www.ossys.com
Google Caches a LOT of Information!
You just need to know how to search for it….
Let’s search for database username / passwords
"DriverManager.getConnection" filetype:bak“mysqli_connect” filetype:bak
Shodan HQ
5Open Source Systems – www.ossys.com
Searches for non-standard web servers
Usually IoT Devices
Most are not secure… Let’s see this!
Additional Training
6Open Source Systems – www.ossys.com
Hack This Site!https://www.hackthissite.org/
OWASP WebGoathttps://www.owasp.org/index.php/Category:OWASP_WebGoat_Project
HoneyNet Challengeshttps://www.honeynet.org/challenges