Transcript Offensive Security Part 1 Powerpoints
Dennis (Linuz) Maldonado
Dennis Maldonado, AKA Linuz My Blog: http://kernelmeltdown.org/blog/ Tutorials/Walkthroughs News and Events Recordings/Powerpoints Twitter https://twitter.com/dennismald IRC irc.freenode.net -- #CougarCS Email [email protected]
A vulnerability is a weakness in a computer system that an attacker can take advantage of.
Vulnerability assessment is the act of identifying vulnerabilities for a specific computer or network.
An exploit is the code that allows the attacker to take advantage of the vulnerability.
A payload is code or a program that runs after an exploit is successfully executed.
A backdoor a method of bypassing normal authentication.
A shell allows us to interface with a system, typically through a command line.
Information Gathering
Information on the server Any web server?
Nmap
Vulnerability Identification
Nmap version scans/OS scans Other scanning tools
Exploitation
Bruteforcing Remote Exploits
Post Exploitation
Reverse shells Persistence Anti-Forensics Etc…
BackTrack Linux 5 R2/R3 – Our attacker machine Nmap Network Scanner – Used for identifying ports and services our victim is running Metasploit Framework – Used for exploiting, generating the payload, and establishing a session with our victim.
Metasploit is an open-source framework used for Security development and testing Information gathering and fingerprinting Exploitation/Penetration testing Payload generation and encoding Fuzzing And much more…
Port Scan/Version scans Fingerprint / Open Ports Exploit + Payload Reverse Shell alpapacas
...
Set up a firewall
Windows Firewall Comodo Personal Firewall
Install and update your Anti-Virus
Microsoft Security Essentials Nod32
Keep your system up to date
Actually apply that flash update
Be cautious
Watch where you internet Don’t just download anything!
Kernel Meltdown Blog Learn how to use Linux
Download BackTrack Linux Learn networking and the tools Use the command line interface
Online Resources
Metasploit Unleashed (Metasploit Guide) Also check out some forums Security Tube
Security Podcasts
Security Now by Steve Gibson PaulDotCom Security Weekly Others…
Come talk to me
BackTrack-Linux
http://www.backtrack-linux.org/
The Metasploit Project
http://www.metasploit.com/
Nmap
http://nmap.org/
Metasploit Unleashed
http://www.offensive-security.com/metasploit-unleashed/Main_Page
Security Tube
http://www.securitytube.net/