2. Speakers BSc, MSc, CEH, CHFI,thought I was going to be a PhD decided to become a ninja instead. BSc, MSc -Now works for ABBAN Breaking servers, sip trunks, and doing research into VoIP and IMS
3. Synopsis – wrong order, all content Introduction to practical exploitation Introduction to cyberstalking Introduction to Metasploit (short) History of metasploit Modules Exploits Payloads Tools Metasploit fundamentals Vulnerability Scanning MSF Databases commands Client side exploits Post Exploitation Meterpreter Armitage Social Engineering SET Types of attacks Infection Media Practical workshop Ps: I know you have high hopes that it will go by this order, but it wont, we are not that organized, and apologize in advance.
4. Workshop During the practical workshop, you will work in pairs, you will be given an IP address to a virtual machine. The objective of this workshop is very simple PWN the living crap out of these virtual machines using techniques that were taught to you during this presentation and read the file password.txt located at Windows/System32 or /home/just4meeting (depending if you get a windows box or a linux box), and sucessfully create your own account on the remote system.
5. Seriouz Business When presenting, we like to talk about both the fun side of things and the bit about serious implications these “fun things” can have in life. During this presentation you will hear a bit about cyberstalking and how these tools work from a cyberstalker perspective and a victim. To write this part of the presentation we worked along side with the brand new UK National Center for Cyberstalking Research, they are cool people and provided us with lots of data and information. http://www.beds.ac.uk/nccr/news
6. Practical exploitation Q:What do we call practical exploitation? On the interwebz you can find many definitions created by “security professionals”, we are not (security professionals), so here is our definition of practical exploitation: Get root and learn how to use current tools to automate and increase the speed when doing a penetration test. Understand how to use the tools past a script kiddie level – aka being able to extend the tool code if needed or combine multiple tools to achieve a target (!!root!!)
7. Cyberstalking Q: What is CYBERSTALKING? A: Cyberstalking is the use of internet and/or other electronic means to stalk or harass an individual. However cyberstalking can be legal and illegal. (To be explained further)
10. Cyberstalking Remember when 2 slides back we said cyberstalking could be both legal and illegal ? This is what we meant... Lets go through a scenario where Cyberstalking would be legal!
11. Cyberstalking Meet Tiago: As you can see, Tiago is ur average 23 year old stud, he likes to go out and party, when he does so he meetssssssssssssss
13. Cyberstalking Tiago has certain things he likes in girls and things he dislikes! Tiago like more then 500million people has a facebook account So Tiago goes and does a bit of Cyberstalking to decide which girls he wants to be friends with or not. Or even possible future girlfriends.
14. Cyberstalking Even without adding these girls to facebook he gets plenty information sometimes to decide if he wants to go further with them.
15. Cyberstalking So, as you can see this is an example of a situation where cyberstalking is perfectly acceptable and legal. You access public information about someone that is in the “cyber” world. This is also an action done sometimes by companies that are considering hiring a certain person, to get some background information on the person.
17. Cyberstalking – Scenario 2 Tiago also knows his way around computers and specifically security and the tools used in infosec. He also knows how to check securitytube and common security websites for different types of attacks. BLACKHAT ON!
18. Cyberstalking – Scenario 2 Analyzing the profiles Tiago decides he wants to go further and know a bit too much about one of these girls.
19. Profiling Tiago starts by getting all sorts of information he can on this girl that might be useful in any way: From the facebook profile we get that: Her name is Anna Konova She is both a Chelsea and Barça fan She likes Burberry, fashion events, dominoes pizza, and something called SIFE Her favorite music: MJ, Lady gaga, Beyoncé, Alicia Keys, Cheryl Cole Using the information collected from this facebook profile we go to google...
20. Profiling <<- OH LOOK THE SIFE THING Quite a few results lets have a look at a few....
21. Profiling From the facebook profile we get that: Her name is Anna Konova She is both a Chelsea and Barça fan She likes Burberry, fashion events, dominoes pizza, and something called SIFE Her favorite music: MJ, Lady gaga, Beyoncé, Alicia Keys, Cheryl Cole From twitter we get 0 From linkedIN: Project manager at Innovate Went to University of Bedfordshire Is looking for new career opportunities etc etc etc SIFE - SIFE is an international non-profit organization that works with leaders in business and higher education to mobilize university students to make a difference in their communities while developing the skills to become socially responsible business leaders.
22. Going over the line How can all this simple, easily accesible information help Tiago cyberstalk someone? Well let me introduce you to METASPLOIT.
24. DEMO 1 – PDF + Email As you can see it wasn’t an attack hard to setup and easily a real life scenario. For those of you that find that attack complicated, we have something for you later on....
25. A bit more on cyberstalking.... Following we will present some data that was provided to us by the Research Center! coz stats are always fun n giggles!
41. Metasploit Exploitation framework Lots of other tools and utilities First written in PERL Then changed to RUBY (THANK GOD) 3 versions – Pro, Express, free
42. Metasploit nowadays... We wont be able to look at all the different components so we will try to focus on the more commonly used ones.
51. Metasploit – Main Modules Exploits – Main module – used to pwn shit! :] Encoders – Used to transform raw versions of payloads Payload – Used to connect to the shit u pwn!
55. Metasploit - Essentials use module- start configuring module show options - show configurable options set varnamevalue - set option exploit - launch exploit module run - launch non-exploit sessions –i n - interact with a session help command - get help for a command
59. Meterpreter Meterpreter is COOL Meterpreter is VERY COOL Meterpreter because of a thing called RAILGUN = Full access to windows API What does that mean? This is what it means... You cyberstalkers!
61. Back to seriouz This is all good fun, but shows how easy you can “pwn” and cyberstalk some1 or even be cyberstalked. Advices are the usual: Anti virus updated, Software updated, Firewalls up and running (However that probably wont do you much) 2 best advices I can give: Do not read PDF’s, or if u do read them inside google chrome (coz at least ur sandboxed n shit :D ) ANDDDDDDDDDDD
63. KUDOS FILIPE REIS!!!!!!! ONE ELEVEN!!!!! And more FILIPE REIS! He helped recording the demos and is awesome. Center for Research on Cyberstalking for the data provided The girls for accepting that we had to stay up late. Oh and Chris Bockermann, Bruno Morisson and Oli for allowing me to go home yesterday to write these slides instead of getting us drunk.