SlideShare uma empresa Scribd logo

Practical exploitation and social engineering

Transferir como PPTX, PDF
Tiago Henriques
Tiago Henriques

Just4meeting 2011 - Practical exploitation and cyberstalking!

Tecnologia
1 de 53
Practical Exploitation: Introduction to Metasploit, Social Engineering and a few other tools
Speakers BSc, MSc, CEH, CHFI,thought I was going to be a PhD decided to become a ninja instead. BSc, MSc -Now works for ABBAN Breaking servers, sip trunks, and doing research into VoIP and IMS
Synopsis – wrong order, all content Introduction to practical exploitation Introduction to cyberstalking Introduction to Metasploit (short) History of metasploit Modules Exploits Payloads Tools Metasploit fundamentals Vulnerability Scanning MSF Databases commands Client side exploits Post Exploitation Meterpreter Armitage Social Engineering SET Types of attacks Infection Media Practical workshop Ps: I know you have high hopes that it will go by this order, but it wont, we are not that organized, and apologize in advance.
Workshop During the practical workshop, you will work in pairs, you will be given an IP address to a virtual machine. The objective of this workshop is very simple PWN the living crap out of these virtual machines using techniques that were taught to you during this presentation and read the file password.txt located at Windows/System32 or /home/just4meeting (depending if you get a windows box or a linux box), and sucessfully create your own account on the remote system.
Seriouz Business When presenting, we like to talk about both the fun side of things and the bit about serious implications these “fun things” can have in life. During this presentation you will hear a bit about cyberstalking and how these tools work from a cyberstalker perspective and a victim. To write this part of the presentation we worked along side with the brand new UK National Center for Cyberstalking Research, they are cool people and provided us with lots of data and information. http://www.beds.ac.uk/nccr/news
Practical exploitation Q:What do we call practical exploitation? On the interwebz you can find many definitions created by “security professionals”, we are not (security professionals), so here is our definition of practical exploitation: Get root and learn how to use current tools to automate and increase the speed when doing a penetration test. Understand how to use the tools past a script kiddie level – aka being able to extend the tool code if needed or combine multiple tools to achieve a target (!!root!!)
Cyberstalking Q: What is CYBERSTALKING? A: Cyberstalking is the use of internet and/or other electronic means to stalk or harass an individual. However cyberstalking can be legal and illegal. (To be explained further)
Cyberstalking Q: Who practices cyberstalking? You Me
Cyberstalking “I’VE NEVER CYBERSTALKED!!!!one!!!eleven!!”
Cyberstalking Remember when 2 slides back we said cyberstalking could be both legal and illegal ? This is what we meant... Lets go through a scenario where Cyberstalking would be legal!
Cyberstalking Meet Tiago: As you can see, Tiago is ur average 23 year old stud, he likes to go out and party, when he does so he meetssssssssssssss
Cyberstalking GIRLS! However....
Cyberstalking Tiago has certain things he likes in girls and things he dislikes! Tiago like more then 500million people has a facebook account So Tiago goes and does a bit of Cyberstalking to decide which girls he wants to be friends with or not. Or even possible future girlfriends.
Cyberstalking Even without adding these girls to facebook he gets plenty information sometimes to decide if he wants to go further with them.
Cyberstalking So, as you can see this is an example of a situation where cyberstalking is perfectly acceptable and legal. You access public information about someone that is in the “cyber” world. This is also an action done sometimes by companies that are considering hiring a certain person, to get some background information on the person.
Cyberstalking HOWEVER
Cyberstalking – Scenario 2 Tiago also knows his way around computers and specifically security and the tools used in infosec. He also knows how to check securitytube and common security websites for different types of attacks. BLACKHAT ON!
Cyberstalking – Scenario 2 Analyzing the profiles Tiago decides he wants to go further and know a bit too much about one of these girls.
Profiling Tiago starts by getting all sorts of information he can on this girl that might be useful in any way: From the facebook profile we get that: Her name is Anna Konova She is both a Chelsea and Barça fan She likes Burberry, fashion events, dominoes pizza, and something called SIFE Her favorite music: MJ, Lady gaga, Beyoncé, Alicia Keys, Cheryl Cole Using the information collected from this facebook profile we go to google...
Profiling <<- OH LOOK THE SIFE THING Quite a few results lets have a look at a few....
Profiling From the facebook profile we get that: Her name is Anna Konova She is both a Chelsea and Barça fan She likes Burberry, fashion events, dominoes pizza, and something called SIFE Her favorite music: MJ, Lady gaga, Beyoncé, Alicia Keys, Cheryl Cole From twitter we get 0 From linkedIN: Project manager at Innovate Went to University of Bedfordshire Is looking for new career opportunities etc etc etc SIFE - SIFE is an international non-profit organization that works with leaders in business and higher education to mobilize university students to make a difference in their communities while developing the skills to become socially responsible business leaders.
Going over the line How can all this simple, easily accesible information help Tiago cyberstalk someone? Well let me introduce you to METASPLOIT.
DEMO 1 – PDF + Email DEMO
DEMO 1 – PDF + Email As you can see it wasn’t an attack hard to setup and easily a real life scenario. For those of you that find that attack complicated, we have something for you later on....
A bit more on cyberstalking.... Following we will present some data that was provided to us by the Research Center!  coz stats are always fun n giggles!
Stats Harrasser – Environment where they are first met
Stats Harrasser – Description
Stats Fears experienced by those who are harassed
Stats Consequences on those being harrased
Types of attacks ,[object Object]
Posting false profiles
Posing as the victim and attacking others
Discrediting in online communities
Discrediting victim in workplace
Direct threats through email/instant messaging
Constructing websites targeting the victim
Transferring attack to victim’s relatives
Use of the victim’s image
Provoking others to attack the victim
Following the victim in cyberspace,[object Object]
Metasploit Exploitation framework Lots of other tools and utilities First written in PERL Then changed to RUBY (THANK GOD) 3 versions – Pro, Express, free
Metasploit nowadays... We wont be able to look at all the different components so we will try to focus on the more commonly used ones.
Metasploit - Starting
Metasploit - Interaction There are many ways a user can access metasploit features: ,[object Object]
msfGUI
msfWEB
Armitage,[object Object]
Metasploit - MSFGui
Metasploit - MSFWeb
Metasploit - Armitage
Metasploit – Main Modules Exploits – Main module – used to pwn shit! :] Encoders – Used to transform raw versions of payloads Payload – Used to connect to the shit u pwn!
Metasploit – Quick Intro Step 1 – Open msfconsole Step 2 – Choose exploit Step 3 – Configure exploit and payload Step 4 – exploit!
Metasploit – Intro DEMO DEMO 0

Recomendados

Hack the book Mini
Hack the book MiniHack the book Mini
Hack the book Mini
Khairi Aiman
 
BlueHat v18 || MSRC listens
BlueHat v18 || MSRC listensBlueHat v18 || MSRC listens
BlueHat v18 || MSRC listens
BlueHat Security Conference
 
Thane Barnier MACE 2016 presentation
Thane Barnier MACE 2016 presentationThane Barnier MACE 2016 presentation
Thane Barnier MACE 2016 presentation
Jeff Zahn
 
Backup-File Artifacts - OWASP Khartoum InfoSec Sessions 2016 - Mazin Ahmed
Backup-File Artifacts - OWASP Khartoum InfoSec Sessions 2016 - Mazin AhmedBackup-File Artifacts - OWASP Khartoum InfoSec Sessions 2016 - Mazin Ahmed
Backup-File Artifacts - OWASP Khartoum InfoSec Sessions 2016 - Mazin Ahmed
Mazin Ahmed
 
Bug Bounty Hunting for Companies & Researchers: Bounty Hunting in Sudan and A...
Bug Bounty Hunting for Companies & Researchers: Bounty Hunting in Sudan and A...Bug Bounty Hunting for Companies & Researchers: Bounty Hunting in Sudan and A...
Bug Bounty Hunting for Companies & Researchers: Bounty Hunting in Sudan and A...
Mazin Ahmed
 
Thou shalt not
Thou shalt notThou shalt not
Thou shalt not
taftosterone
 
Hacker halted2
Hacker halted2Hacker halted2
Hacker halted2
samsniderheld
 
Who's that knocking on my firewall door?
Who's that knocking on my firewall door?Who's that knocking on my firewall door?
Who's that knocking on my firewall door?
Bruce Wolfe
 

Recomendados

Hack the book Mini
Hack the book MiniHack the book Mini
Hack the book Mini
Khairi Aiman
 
BlueHat v18 || MSRC listens
BlueHat v18 || MSRC listensBlueHat v18 || MSRC listens
BlueHat v18 || MSRC listens
BlueHat Security Conference
 
Thane Barnier MACE 2016 presentation
Thane Barnier MACE 2016 presentationThane Barnier MACE 2016 presentation
Thane Barnier MACE 2016 presentation
Jeff Zahn
 
Backup-File Artifacts - OWASP Khartoum InfoSec Sessions 2016 - Mazin Ahmed
Backup-File Artifacts - OWASP Khartoum InfoSec Sessions 2016 - Mazin AhmedBackup-File Artifacts - OWASP Khartoum InfoSec Sessions 2016 - Mazin Ahmed
Backup-File Artifacts - OWASP Khartoum InfoSec Sessions 2016 - Mazin Ahmed
Mazin Ahmed
 
Bug Bounty Hunting for Companies & Researchers: Bounty Hunting in Sudan and A...
Bug Bounty Hunting for Companies & Researchers: Bounty Hunting in Sudan and A...Bug Bounty Hunting for Companies & Researchers: Bounty Hunting in Sudan and A...
Bug Bounty Hunting for Companies & Researchers: Bounty Hunting in Sudan and A...
Mazin Ahmed
 
Thou shalt not
Thou shalt notThou shalt not
Thou shalt not
taftosterone
 
Hacker halted2
Hacker halted2Hacker halted2
Hacker halted2
samsniderheld
 
Who's that knocking on my firewall door?
Who's that knocking on my firewall door?Who's that knocking on my firewall door?
Who's that knocking on my firewall door?
Bruce Wolfe
 
Web bugs prez
Web bugs prezWeb bugs prez
Web bugs prez
GroupM
 
The Game of Bug Bounty Hunting - Money, Drama, Action and Fame
The Game of Bug Bounty Hunting - Money, Drama, Action and FameThe Game of Bug Bounty Hunting - Money, Drama, Action and Fame
The Game of Bug Bounty Hunting - Money, Drama, Action and Fame
Abhinav Mishra
 
Bug Bounty - Play For Money
Bug Bounty - Play For MoneyBug Bounty - Play For Money
Bug Bounty - Play For Money
Shubham Gupta
 
Security for javascript
Security for javascriptSecurity for javascript
Security for javascript
Hữu Đại
 
OSDC 2014: Michael Renner - Secure encryption in a wiretapped future
OSDC 2014: Michael Renner - Secure encryption in a wiretapped futureOSDC 2014: Michael Renner - Secure encryption in a wiretapped future
OSDC 2014: Michael Renner - Secure encryption in a wiretapped future
NETWAYS
 
Hackfest presentation.pptx
Hackfest presentation.pptxHackfest presentation.pptx
Hackfest presentation.pptx
Peter Yaworski
 
Hackers The Anarchists Of Our Time
Hackers The Anarchists Of Our TimeHackers The Anarchists Of Our Time
Hackers The Anarchists Of Our Time
Utkarsh Sengar
 
The Secret Life of a Bug Bounty Hunter – Frans Rosén @ Security Fest 2016
The Secret Life of a Bug Bounty Hunter – Frans Rosén @ Security Fest 2016The Secret Life of a Bug Bounty Hunter – Frans Rosén @ Security Fest 2016
The Secret Life of a Bug Bounty Hunter – Frans Rosén @ Security Fest 2016
Frans Rosén
 
Secure coding - Balgan - Tiago Henriques
Secure coding - Balgan - Tiago HenriquesSecure coding - Balgan - Tiago Henriques
Secure coding - Balgan - Tiago Henriques
Tiago Henriques
 
Vulnerability, exploit to metasploit
Vulnerability, exploit to metasploitVulnerability, exploit to metasploit
Vulnerability, exploit to metasploit
Tiago Henriques
 
Enei
EneiEnei
Enei
Tiago Henriques
 
Talkj4mshare
Talkj4mshareTalkj4mshare
Talkj4mshare
Tiago Henriques
 
Confraria 28-feb-2013 mesa redonda
Confraria 28-feb-2013 mesa redondaConfraria 28-feb-2013 mesa redonda
Confraria 28-feb-2013 mesa redonda
Tiago Henriques
 
Country domination - Causing chaos and wrecking havoc
Country domination - Causing chaos and wrecking havocCountry domination - Causing chaos and wrecking havoc
Country domination - Causing chaos and wrecking havoc
Tiago Henriques
 
How to dominate a country
How to dominate a countryHow to dominate a country
How to dominate a country
Tiago Henriques
 
Data Privacy for Activists
Data Privacy for ActivistsData Privacy for Activists
Data Privacy for Activists
Greg Stromire
 
Get started with hacking
Get started with hackingGet started with hacking
Get started with hacking
Ham'zzah Mir-zza
 
Empowerment Technologies - Module 2
Empowerment Technologies - Module 2Empowerment Technologies - Module 2
Empowerment Technologies - Module 2
Jesus Rances
 
About the author - cover letter
About the author - cover letterAbout the author - cover letter
About the author - cover letter
Kenneth Kempf
 
So... you want to be a security consultant
So... you want to be a security consultant So... you want to be a security consultant
So... you want to be a security consultant
abnmi
 
Introduction to Cybersecurity | IIT(BHU)CyberSec
Introduction to Cybersecurity | IIT(BHU)CyberSecIntroduction to Cybersecurity | IIT(BHU)CyberSec
Introduction to Cybersecurity | IIT(BHU)CyberSec
YashSomalkar
 
Opsec for security researchers
Opsec for security researchersOpsec for security researchers
Opsec for security researchers
vicenteDiaz_KL
 

Mais conteúdo relacionado

Mais procurados

Web bugs prez
Web bugs prezWeb bugs prez
Web bugs prez
GroupM
 
Security for javascript
Security for javascriptSecurity for javascript
Security for javascript
Hữu Đại
 
OSDC 2014: Michael Renner - Secure encryption in a wiretapped future
OSDC 2014: Michael Renner - Secure encryption in a wiretapped futureOSDC 2014: Michael Renner - Secure encryption in a wiretapped future
OSDC 2014: Michael Renner - Secure encryption in a wiretapped future
NETWAYS
 
Hackers The Anarchists Of Our Time
Hackers The Anarchists Of Our TimeHackers The Anarchists Of Our Time
Hackers The Anarchists Of Our Time
Utkarsh Sengar
 

Mais procurados (8)

Web bugs prez
Web bugs prezWeb bugs prez
Web bugs prez
 
The Game of Bug Bounty Hunting - Money, Drama, Action and Fame
The Game of Bug Bounty Hunting - Money, Drama, Action and FameThe Game of Bug Bounty Hunting - Money, Drama, Action and Fame
The Game of Bug Bounty Hunting - Money, Drama, Action and Fame
 
Bug Bounty - Play For Money
Bug Bounty - Play For MoneyBug Bounty - Play For Money
Bug Bounty - Play For Money
 
Security for javascript
Security for javascriptSecurity for javascript
Security for javascript
 
OSDC 2014: Michael Renner - Secure encryption in a wiretapped future
OSDC 2014: Michael Renner - Secure encryption in a wiretapped futureOSDC 2014: Michael Renner - Secure encryption in a wiretapped future
OSDC 2014: Michael Renner - Secure encryption in a wiretapped future
 
Hackfest presentation.pptx
Hackfest presentation.pptxHackfest presentation.pptx
Hackfest presentation.pptx
 
Hackers The Anarchists Of Our Time
Hackers The Anarchists Of Our TimeHackers The Anarchists Of Our Time
Hackers The Anarchists Of Our Time
 
The Secret Life of a Bug Bounty Hunter – Frans Rosén @ Security Fest 2016
The Secret Life of a Bug Bounty Hunter – Frans Rosén @ Security Fest 2016The Secret Life of a Bug Bounty Hunter – Frans Rosén @ Security Fest 2016
The Secret Life of a Bug Bounty Hunter – Frans Rosén @ Security Fest 2016
 

Destaque

Secure coding - Balgan - Tiago Henriques
Secure coding - Balgan - Tiago HenriquesSecure coding - Balgan - Tiago Henriques
Secure coding - Balgan - Tiago Henriques
Tiago Henriques
 
Confraria 28-feb-2013 mesa redonda
Confraria 28-feb-2013 mesa redondaConfraria 28-feb-2013 mesa redonda
Confraria 28-feb-2013 mesa redonda
Tiago Henriques
 
How to dominate a country
How to dominate a countryHow to dominate a country
How to dominate a country
Tiago Henriques
 

Destaque (7)

Secure coding - Balgan - Tiago Henriques
Secure coding - Balgan - Tiago HenriquesSecure coding - Balgan - Tiago Henriques
Secure coding - Balgan - Tiago Henriques
 
Vulnerability, exploit to metasploit
Vulnerability, exploit to metasploitVulnerability, exploit to metasploit
Vulnerability, exploit to metasploit
 
Enei
EneiEnei
Enei
 
Talkj4mshare
Talkj4mshareTalkj4mshare
Talkj4mshare
 
Confraria 28-feb-2013 mesa redonda
Confraria 28-feb-2013 mesa redondaConfraria 28-feb-2013 mesa redonda
Confraria 28-feb-2013 mesa redonda
 
Country domination - Causing chaos and wrecking havoc
Country domination - Causing chaos and wrecking havocCountry domination - Causing chaos and wrecking havoc
Country domination - Causing chaos and wrecking havoc
 
How to dominate a country
How to dominate a countryHow to dominate a country
How to dominate a country
 

Semelhante a Practical exploitation and social engineering

About the author - cover letter
About the author - cover letterAbout the author - cover letter
About the author - cover letter
Kenneth Kempf
 
So... you want to be a security consultant
So... you want to be a security consultant So... you want to be a security consultant
So... you want to be a security consultant
abnmi
 
OpenTechTalks: Ethical hacking with Kali Linux (Tijl Deneut, UGent)
OpenTechTalks: Ethical hacking with Kali Linux (Tijl Deneut, UGent)OpenTechTalks: Ethical hacking with Kali Linux (Tijl Deneut, UGent)
OpenTechTalks: Ethical hacking with Kali Linux (Tijl Deneut, UGent)
Avansa Mid- en Zuidwest
 
Secure encryption in a wiretapped future
Secure encryption in a wiretapped futureSecure encryption in a wiretapped future
Secure encryption in a wiretapped future
Michael Renner
 
New text document
New text documentNew text document
New text document
sleucwnq
 
New text document
New text documentNew text document
New text document
sleucwnq
 
Beginning Ethical Hacking with Python.pdf
Beginning Ethical Hacking with Python.pdfBeginning Ethical Hacking with Python.pdf
Beginning Ethical Hacking with Python.pdf
IndianArmy38
 
Beginning Ethical Hacking with Python.pdf
Beginning Ethical Hacking with Python.pdfBeginning Ethical Hacking with Python.pdf
Beginning Ethical Hacking with Python.pdf
IndianArmy38
 

Semelhante a Practical exploitation and social engineering (20)

Data Privacy for Activists
Data Privacy for ActivistsData Privacy for Activists
Data Privacy for Activists
 
Get started with hacking
Get started with hackingGet started with hacking
Get started with hacking
 
Empowerment Technologies - Module 2
Empowerment Technologies - Module 2Empowerment Technologies - Module 2
Empowerment Technologies - Module 2
 
About the author - cover letter
About the author - cover letterAbout the author - cover letter
About the author - cover letter
 
So... you want to be a security consultant
So... you want to be a security consultant So... you want to be a security consultant
So... you want to be a security consultant
 
Introduction to Cybersecurity | IIT(BHU)CyberSec
Introduction to Cybersecurity | IIT(BHU)CyberSecIntroduction to Cybersecurity | IIT(BHU)CyberSec
Introduction to Cybersecurity | IIT(BHU)CyberSec
 
Opsec for security researchers
Opsec for security researchersOpsec for security researchers
Opsec for security researchers
 
OpenTechTalks: Ethical hacking with Kali Linux (Tijl Deneut, UGent)
OpenTechTalks: Ethical hacking with Kali Linux (Tijl Deneut, UGent)OpenTechTalks: Ethical hacking with Kali Linux (Tijl Deneut, UGent)
OpenTechTalks: Ethical hacking with Kali Linux (Tijl Deneut, UGent)
 
Cyber Security Workshop Presentation.pptx
Cyber Security Workshop Presentation.pptxCyber Security Workshop Presentation.pptx
Cyber Security Workshop Presentation.pptx
 
Secure encryption in a wiretapped future
Secure encryption in a wiretapped futureSecure encryption in a wiretapped future
Secure encryption in a wiretapped future
 
Intro to INFOSEC
Intro to INFOSECIntro to INFOSEC
Intro to INFOSEC
 
Linux_Basics_for_Hackers_OccupyTheWeb_Complex.pdf
Linux_Basics_for_Hackers_OccupyTheWeb_Complex.pdfLinux_Basics_for_Hackers_OccupyTheWeb_Complex.pdf
Linux_Basics_for_Hackers_OccupyTheWeb_Complex.pdf
 
Things that go bump on the web - Web Application Security
Things that go bump on the web - Web Application SecurityThings that go bump on the web - Web Application Security
Things that go bump on the web - Web Application Security
 
New text document
New text documentNew text document
New text document
 
New text document
New text documentNew text document
New text document
 
Beginning Ethical Hacking with Python.pdf
Beginning Ethical Hacking with Python.pdfBeginning Ethical Hacking with Python.pdf
Beginning Ethical Hacking with Python.pdf
 
Beginning Ethical Hacking with Python.pdf
Beginning Ethical Hacking with Python.pdfBeginning Ethical Hacking with Python.pdf
Beginning Ethical Hacking with Python.pdf
 
Backtrack Manual Part9
Backtrack Manual Part9Backtrack Manual Part9
Backtrack Manual Part9
 
Hushcon 2016 Keynote: Test for Echo
Hushcon 2016 Keynote: Test for EchoHushcon 2016 Keynote: Test for Echo
Hushcon 2016 Keynote: Test for Echo
 
Special Topics Day for Engineering Innovation Lecture on Cybersecurity
Special Topics Day for Engineering Innovation Lecture on CybersecuritySpecial Topics Day for Engineering Innovation Lecture on Cybersecurity
Special Topics Day for Engineering Innovation Lecture on Cybersecurity
 

Mais de Tiago Henriques

Pixels Camp 2017 - Stories from the trenches of building a data architecture
Pixels Camp 2017 - Stories from the trenches of building a data architecturePixels Camp 2017 - Stories from the trenches of building a data architecture
Pixels Camp 2017 - Stories from the trenches of building a data architecture
Tiago Henriques
 
Pixels Camp 2017 - Stranger Things the internet version
Pixels Camp 2017 - Stranger Things the internet versionPixels Camp 2017 - Stranger Things the internet version
Pixels Camp 2017 - Stranger Things the internet version
Tiago Henriques
 
BSides Lisbon - Data science, machine learning and cybersecurity
BSides Lisbon - Data science, machine learning and cybersecurity BSides Lisbon - Data science, machine learning and cybersecurity
BSides Lisbon - Data science, machine learning and cybersecurity
Tiago Henriques
 
Codebits 2014 - Secure Coding - Gamification and automation for the win
Codebits 2014 - Secure Coding - Gamification and automation for the winCodebits 2014 - Secure Coding - Gamification and automation for the win
Codebits 2014 - Secure Coding - Gamification and automation for the win
Tiago Henriques
 
Presentation Brucon - Anubisnetworks and PTCoresec
Presentation Brucon - Anubisnetworks and PTCoresecPresentation Brucon - Anubisnetworks and PTCoresec
Presentation Brucon - Anubisnetworks and PTCoresec
Tiago Henriques
 

Mais de Tiago Henriques (16)

BSides Lisbon 2023 - AI in Cybersecurity.pdf
BSides Lisbon 2023 - AI in Cybersecurity.pdfBSides Lisbon 2023 - AI in Cybersecurity.pdf
BSides Lisbon 2023 - AI in Cybersecurity.pdf
 
Pixels Camp 2017 - Stories from the trenches of building a data architecture
Pixels Camp 2017 - Stories from the trenches of building a data architecturePixels Camp 2017 - Stories from the trenches of building a data architecture
Pixels Camp 2017 - Stories from the trenches of building a data architecture
 
Pixels Camp 2017 - Stranger Things the internet version
Pixels Camp 2017 - Stranger Things the internet versionPixels Camp 2017 - Stranger Things the internet version
Pixels Camp 2017 - Stranger Things the internet version
 
The state of cybersecurity in Switzerland - FinTechDay 2017
The state of cybersecurity in Switzerland - FinTechDay 2017The state of cybersecurity in Switzerland - FinTechDay 2017
The state of cybersecurity in Switzerland - FinTechDay 2017
 
Webzurich - The State of Web Security in Switzerland
Webzurich - The State of Web Security in SwitzerlandWebzurich - The State of Web Security in Switzerland
Webzurich - The State of Web Security in Switzerland
 
BSides Lisbon - Data science, machine learning and cybersecurity
BSides Lisbon - Data science, machine learning and cybersecurity BSides Lisbon - Data science, machine learning and cybersecurity
BSides Lisbon - Data science, machine learning and cybersecurity
 
I FOR ONE WELCOME OUR NEW CYBER OVERLORDS! AN INTRODUCTION TO THE USE OF MACH...
I FOR ONE WELCOME OUR NEW CYBER OVERLORDS! AN INTRODUCTION TO THE USE OF MACH...I FOR ONE WELCOME OUR NEW CYBER OVERLORDS! AN INTRODUCTION TO THE USE OF MACH...
I FOR ONE WELCOME OUR NEW CYBER OVERLORDS! AN INTRODUCTION TO THE USE OF MACH...
 
BinaryEdge - Security Data Metrics and Measurements at Scale - BSidesLisbon 2015
BinaryEdge - Security Data Metrics and Measurements at Scale - BSidesLisbon 2015BinaryEdge - Security Data Metrics and Measurements at Scale - BSidesLisbon 2015
BinaryEdge - Security Data Metrics and Measurements at Scale - BSidesLisbon 2015
 
Codebits 2014 - Secure Coding - Gamification and automation for the win
Codebits 2014 - Secure Coding - Gamification and automation for the winCodebits 2014 - Secure Coding - Gamification and automation for the win
Codebits 2014 - Secure Coding - Gamification and automation for the win
 
Presentation Brucon - Anubisnetworks and PTCoresec
Presentation Brucon - Anubisnetworks and PTCoresecPresentation Brucon - Anubisnetworks and PTCoresec
Presentation Brucon - Anubisnetworks and PTCoresec
 
Hardware hacking 101
Hardware hacking 101Hardware hacking 101
Hardware hacking 101
 
Workshop
WorkshopWorkshop
Workshop
 
Preso fcul
Preso fculPreso fcul
Preso fcul
 
(Mis)trusting and (ab)using ssh
(Mis)trusting and (ab)using ssh(Mis)trusting and (ab)using ssh
(Mis)trusting and (ab)using ssh
 
Booklet
BookletBooklet
Booklet
 
Codebits 2010
Codebits 2010Codebits 2010
Codebits 2010
 

Último

TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
Enterprise Knowledge
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
?#DUbAI#??##{{(☎️+971_581248768%)**%*]'#abortion pills for sale in dubai@
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
Safe Software
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Miguel Araújo
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
vu2urc
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
Joaquim Jorge
 

Último (20)

Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
 
Advantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessAdvantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your Business
 
HTML Injection Attacks: Impact and Mitigation Strategies
HTML Injection Attacks: Impact and Mitigation StrategiesHTML Injection Attacks: Impact and Mitigation Strategies
HTML Injection Attacks: Impact and Mitigation Strategies
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of Terraform
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
Developing An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of BrazilDeveloping An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of Brazil
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 

Practical exploitation and social engineering

  • 1. Practical Exploitation: Introduction to Metasploit, Social Engineering and a few other tools
  • 2. Speakers BSc, MSc, CEH, CHFI,thought I was going to be a PhD decided to become a ninja instead. BSc, MSc -Now works for ABBAN Breaking servers, sip trunks, and doing research into VoIP and IMS
  • 3. Synopsis – wrong order, all content Introduction to practical exploitation Introduction to cyberstalking Introduction to Metasploit (short) History of metasploit Modules Exploits Payloads Tools Metasploit fundamentals Vulnerability Scanning MSF Databases commands Client side exploits Post Exploitation Meterpreter Armitage Social Engineering SET Types of attacks Infection Media Practical workshop Ps: I know you have high hopes that it will go by this order, but it wont, we are not that organized, and apologize in advance.
  • 4. Workshop During the practical workshop, you will work in pairs, you will be given an IP address to a virtual machine. The objective of this workshop is very simple PWN the living crap out of these virtual machines using techniques that were taught to you during this presentation and read the file password.txt located at Windows/System32 or /home/just4meeting (depending if you get a windows box or a linux box), and sucessfully create your own account on the remote system.
  • 5. Seriouz Business When presenting, we like to talk about both the fun side of things and the bit about serious implications these “fun things” can have in life. During this presentation you will hear a bit about cyberstalking and how these tools work from a cyberstalker perspective and a victim. To write this part of the presentation we worked along side with the brand new UK National Center for Cyberstalking Research, they are cool people and provided us with lots of data and information. http://www.beds.ac.uk/nccr/news
  • 6. Practical exploitation Q:What do we call practical exploitation? On the interwebz you can find many definitions created by “security professionals”, we are not (security professionals), so here is our definition of practical exploitation: Get root and learn how to use current tools to automate and increase the speed when doing a penetration test. Understand how to use the tools past a script kiddie level – aka being able to extend the tool code if needed or combine multiple tools to achieve a target (!!root!!)
  • 7. Cyberstalking Q: What is CYBERSTALKING? A: Cyberstalking is the use of internet and/or other electronic means to stalk or harass an individual. However cyberstalking can be legal and illegal. (To be explained further)
  • 8. Cyberstalking Q: Who practices cyberstalking? You Me
  • 9. Cyberstalking “I’VE NEVER CYBERSTALKED!!!!one!!!eleven!!”
  • 10. Cyberstalking Remember when 2 slides back we said cyberstalking could be both legal and illegal ? This is what we meant... Lets go through a scenario where Cyberstalking would be legal!
  • 11. Cyberstalking Meet Tiago: As you can see, Tiago is ur average 23 year old stud, he likes to go out and party, when he does so he meetssssssssssssss
  • 13. Cyberstalking Tiago has certain things he likes in girls and things he dislikes! Tiago like more then 500million people has a facebook account So Tiago goes and does a bit of Cyberstalking to decide which girls he wants to be friends with or not. Or even possible future girlfriends.
  • 14. Cyberstalking Even without adding these girls to facebook he gets plenty information sometimes to decide if he wants to go further with them.
  • 15. Cyberstalking So, as you can see this is an example of a situation where cyberstalking is perfectly acceptable and legal. You access public information about someone that is in the “cyber” world. This is also an action done sometimes by companies that are considering hiring a certain person, to get some background information on the person.
  • 17. Cyberstalking – Scenario 2 Tiago also knows his way around computers and specifically security and the tools used in infosec. He also knows how to check securitytube and common security websites for different types of attacks. BLACKHAT ON!
  • 18. Cyberstalking – Scenario 2 Analyzing the profiles Tiago decides he wants to go further and know a bit too much about one of these girls.
  • 19. Profiling Tiago starts by getting all sorts of information he can on this girl that might be useful in any way: From the facebook profile we get that: Her name is Anna Konova She is both a Chelsea and Barça fan She likes Burberry, fashion events, dominoes pizza, and something called SIFE Her favorite music: MJ, Lady gaga, Beyoncé, Alicia Keys, Cheryl Cole Using the information collected from this facebook profile we go to google...
  • 20. Profiling <<- OH LOOK THE SIFE THING Quite a few results lets have a look at a few....
  • 21. Profiling From the facebook profile we get that: Her name is Anna Konova She is both a Chelsea and Barça fan She likes Burberry, fashion events, dominoes pizza, and something called SIFE Her favorite music: MJ, Lady gaga, Beyoncé, Alicia Keys, Cheryl Cole From twitter we get 0 From linkedIN: Project manager at Innovate Went to University of Bedfordshire Is looking for new career opportunities etc etc etc SIFE - SIFE is an international non-profit organization that works with leaders in business and higher education to mobilize university students to make a difference in their communities while developing the skills to become socially responsible business leaders.
  • 22. Going over the line How can all this simple, easily accesible information help Tiago cyberstalk someone? Well let me introduce you to METASPLOIT.
  • 23. DEMO 1 – PDF + Email DEMO
  • 24. DEMO 1 – PDF + Email As you can see it wasn’t an attack hard to setup and easily a real life scenario. For those of you that find that attack complicated, we have something for you later on....
  • 25. A bit more on cyberstalking.... Following we will present some data that was provided to us by the Research Center!  coz stats are always fun n giggles!
  • 26. Stats Harrasser – Environment where they are first met
  • 27. Stats Harrasser – Description
  • 28. Stats Fears experienced by those who are harassed
  • 29. Stats Consequences on those being harrased
  • 30.
  • 32. Posing as the victim and attacking others
  • 35. Direct threats through email/instant messaging
  • 37. Transferring attack to victim’s relatives
  • 38. Use of the victim’s image
  • 39. Provoking others to attack the victim
  • 40.
  • 41. Metasploit Exploitation framework Lots of other tools and utilities First written in PERL Then changed to RUBY (THANK GOD) 3 versions – Pro, Express, free
  • 42. Metasploit nowadays... We wont be able to look at all the different components so we will try to focus on the more commonly used ones.
  • 44.
  • 47.
  • 51. Metasploit – Main Modules Exploits – Main module – used to pwn shit! :] Encoders – Used to transform raw versions of payloads Payload – Used to connect to the shit u pwn!
  • 52. Metasploit – Quick Intro Step 1 – Open msfconsole Step 2 – Choose exploit Step 3 – Configure exploit and payload Step 4 – exploit!
  • 53. Metasploit – Intro DEMO DEMO 0
  • 55. Metasploit - Essentials use module- start configuring module show options - show configurable options set varnamevalue - set option exploit - launch exploit module run - launch non-exploit sessions –i n - interact with a session help command - get help for a command
  • 56. Metasploit – Payloads Shell VNC DLLinjection Meterpreter
  • 57. But but but... Am a lazy bastard and I think all the methods uve shown me are too hard 
  • 58. But but but... FINEEEEEEEEEEEEEE Meet: Armitage
  • 59. Meterpreter Meterpreter is COOL Meterpreter is VERY COOL Meterpreter because of a thing called RAILGUN = Full access to windows API What does that mean? This is what it means... You cyberstalkers!
  • 61. Back to seriouz This is all good fun, but shows how easy you can “pwn” and cyberstalk some1 or even be cyberstalked. Advices are the usual: Anti virus updated, Software updated, Firewalls up and running (However that probably wont do you much) 2 best advices I can give: Do not read PDF’s, or if u do read them inside google chrome (coz at least ur sandboxed n shit :D ) ANDDDDDDDDDDD
  • 63. KUDOS FILIPE REIS!!!!!!! ONE ELEVEN!!!!! And more FILIPE REIS! He helped recording the demos and is awesome. Center for Research on Cyberstalking for the data provided The girls for accepting that we had to stay up late. Oh and Chris Bockermann, Bruno Morisson and Oli for allowing me to go home yesterday to write these slides instead of getting us drunk.

Notas do Editor

  1. Play DEMO 0
  2. DEMO 1 – PDFDEMO 1 - EMAIL
  3. Play DEMO 0
  4. DEMO 3 – Armitage FINAL
  5. DEMO 2 – KEYBDDEMO 2 - C