Live Exploit

Live Exploit Using Open Source Tools

Chad Cravens

Open Source Systems

www.ossys.com

About The Speaker

1Open Source Systems – www.ossys.com

2007 - Graduate of New Mexico Institute of Mining and Technology(Scholarship for Service Recipient)

2007 – 2011 Federal Employee at SPAWAR(Space and Naval Warfare Systems Center)

2012 – Software Engineer at Small Wall St Firm2014 – Founded Open Source Systems

Chad CravensCharleston, SC

Software Fanatic

Stickler for Software Quality and Security!

Open Source Tools

2Open Source Systems – www.ossys.com

Steps of an Attack

3Open Source Systems – www.ossys.com

1. Network Reconnaissance (Nmap)a) Understand the Networkb) Map IP Addresses and Operating Systems / Servicesc) Search for Potentially Vulnerable Services

2. Service Reconnaissance (Nmap)a) Target a single machine and discovery potential vulnerabilitiesb) When a vulnerable service is discovered, find relevant CVE

3. Run the Exploit (Metasploit)a) Find the exploit in the metasploit databaseb) Use exploitc) Set exploit optionsd) Run exploit

4. Privilege Escalation and Install Backdoor (Metasploit)5. Run VNC for full UI control (Metasploit)6. Clean Up Activities (Metasploit)

Google Hacking

4Open Source Systems – www.ossys.com

Google Caches a LOT of Information!

You just need to know how to search for it….

Let’s search for database username / passwords

"DriverManager.getConnection" filetype:bak“mysqli_connect” filetype:bak

Shodan HQ

5Open Source Systems – www.ossys.com

Searches for non-standard web servers

Usually IoT Devices

Most are not secure… Let’s see this!

Additional Training

6Open Source Systems – www.ossys.com

Hack This Site!https://www.hackthissite.org/

OWASP WebGoathttps://www.owasp.org/index.php/Category:OWASP_WebGoat_Project

HoneyNet Challengeshttps://www.honeynet.org/challenges

Questions?

Open Source Systems – www.ossys.com

Thank you!

chad.cravens@ossys.com

7