Introtopentesting 150207164113 Conversion Gate02
-
Upload
probal-sil -
Category
Documents
-
view
221 -
download
0
Transcript of Introtopentesting 150207164113 Conversion Gate02
-
7/25/2019 Introtopentesting 150207164113 Conversion Gate02
1/23
Introduction to Penetration
Testing
-
7/25/2019 Introtopentesting 150207164113 Conversion Gate02
2/23
Table of Contents
Overview
Enumeration
Tool Output
Do We Stop Here? Custom Scripts
Wpscan
Online esearc!
Testing E"ploitation
PHP #$I
Code E"ecution% &es Please'
-
7/25/2019 Introtopentesting 150207164113 Conversion Gate02
3/23
Overview
T!is session will cover t!e mindset Ifollow w!en approac!ing a webapplication
I am going to s!ow w!ere man(mig!t stop% and w!at !appens w!en(ou pus! furt!er
T!ese t(pes of tec!ni)ues can beapplied to an( web application
-
7/25/2019 Introtopentesting 150207164113 Conversion Gate02
4/23
Overview Cont*
Tools #everaged+ ,map
W!atweb
Wpscan
Wget
Custom scripts
-urp Suite
,etcat .oogle
-
7/25/2019 Introtopentesting 150207164113 Conversion Gate02
5/23
/et!odolog( Overview
Pre0Engagement 1ctivities Hammer out all t!e details to conduct t!e test
2Sc!edule% Scoping% ules of Engagement% $ormalPermission% etc*3
Information .at!ering and econnaissance Depends on t(pe of test and information (ou are given
2Organi4ation name% CID% list of 5#s% source code%etc*3
1utomated Testing /anual Testing and 6alidation
eporting
emediation Support
-
7/25/2019 Introtopentesting 150207164113 Conversion Gate02
6/23
/et!odologies Cont*
Penetration Testing E"ecutionStandard 2PTES3+ !ttp+77www*pentest0standard*org7inde"*
p!p7/ain8Page
http://www.pentest-standard.org/index.php/Main_Pagehttp://www.pentest-standard.org/index.php/Main_Pagehttp://www.pentest-standard.org/index.php/Main_Pagehttp://www.pentest-standard.org/index.php/Main_Page -
7/25/2019 Introtopentesting 150207164113 Conversion Gate02
7/23
/indset is 9e(
T!in: li:e an attac:er and see t!ingst!roug! a di;erent lens+ 5pload an avatar? Hmmm add code?
Download a report? Hmm director( traversalfor anot!er
-
7/25/2019 Introtopentesting 150207164113 Conversion Gate02
8/23
Enumeration
Nmap+
WhatWeb+
-
7/25/2019 Introtopentesting 150207164113 Conversion Gate02
9/23
Do We Stop Here?
Hmmm?
-
7/25/2019 Introtopentesting 150207164113 Conversion Gate02
10/23
Custom Scripts
Web 1pplication testing re)uirescustom scripting*reall( no wa(getting around it+
-
7/25/2019 Introtopentesting 150207164113 Conversion Gate02
11/23
Custom Scripts Cont*
/a:ing web re)uests wit! a scripting languageisn=t too di@cult
C!ec: out tutorials online and tr( to automateweb re)uests
/a:ing a tool for C6E0ABA0A is a good use
case because (ou need to ma:e a POST re)uestand modif( several !eader values If (ou can write a tool for t!is C6E% it demonstrates
concepts t!at can be applied to man( di;erent C6Es
-
7/25/2019 Introtopentesting 150207164113 Conversion Gate02
12/23
Wpscan
Wpscan+
-
7/25/2019 Introtopentesting 150207164113 Conversion Gate02
13/23
Wpscan
Do we stop !ere?
-
7/25/2019 Introtopentesting 150207164113 Conversion Gate02
14/23
Wpscan + PluginEnumeration
Wpscan+ 00enumerate p
-
7/25/2019 Introtopentesting 150207164113 Conversion Gate02
15/23
Online esearc!
-
7/25/2019 Introtopentesting 150207164113 Conversion Gate02
16/23
Online esearc! Cont*
Hmm% our web server doesn=trespond w!en we re)uestF7wordpress7wp7wp0content7G
Do we stop !ere?
-
7/25/2019 Introtopentesting 150207164113 Conversion Gate02
17/23
Testing E"ploitation
&ea% lets grap F7etc7passwdG
-
7/25/2019 Introtopentesting 150207164113 Conversion Gate02
18/23
PHP #$I
Cool% so we can #$I% do we stop now?
-
7/25/2019 Introtopentesting 150207164113 Conversion Gate02
19/23
PHP #$I,ow W!at?
W!at can be done wit! a PHP #$I?
It depends on w!at function is leading to t!e #$Ivulnerabilit( 2include23% read
-
7/25/2019 Introtopentesting 150207164113 Conversion Gate02
20/23
Code E"ecution? &es%Please'
-
7/25/2019 Introtopentesting 150207164113 Conversion Gate02
21/23
Code E"ecution? &es%Please'
e)uest+
-
7/25/2019 Introtopentesting 150207164113 Conversion Gate02
22/23
Demo
-
7/25/2019 Introtopentesting 150207164113 Conversion Gate02
23/23
Summar(
Tools ma( not give (ou t!e answer
6er( eas( to !it a !urdle and )uit
&ou need to be curious7creative andconstantl( pus! to get more information
Con