SlideShare uma empresa Scribd logo

Javascript Exploitation

Transferir como PPTX, PDF
Rashid feroz
Rashid feroz
1 de 16
Exploit Kits – Exploitation via JS Rashid Feroz & Krishnendu Paul
About us! • Information security enthusiasts. • Love to break into things! • A college grad and an Industry veteran.
What Are Exploit Kits? • A toolkit that automates the exploitation of client-side vulnerabilities. • Usually targets browsers and programs that a website can invoke through the browser. • The attacker doesn’t need to know how to create exploits to benefit from infecting systems. • It provides a user-friendly web interface that helps the attacker track the infection campaign.
Famous Exploit Kits • Blackhole • FlashPack • Magnitude • Rig • Nuclear • Angler • Sweet Orange • Neutrino Exploit Kits
Exploit Kit distribution
Most commonly used vulnerable 3rd party software • Oracle Java Runtime environment • Adobe Acrobat Reader • Adobe Flash Player / Plugin • Apple Quicktime
From sale to infection • The buyer would license a copy of a kit from the creator. • The victim opens a spam email link or loads an infected web page. • The page contains JavaScript that determines vulnerabilities of the victim’s computer and notifies the kit user of what files the victim’s computer held. • If the kit found a usable exploit, the malicious payload would be loaded onto the victim's computer.
Phases • Compromised site • Redirector • Landing page • Post-infection traffic Phases
Compromised sites • LFI in RevSlider plugin of Wordpress – http://[compromised.com]/wp-admin/admin- ajax.php?action=revslider_show_image&img=../wp-config.php • XSS in Simple Security Wordpress plugin – http://[compromised.com]/wp- admin/users.php?page=access_log&datefilter=%27%22%3E%3C script%3Ealert%28/HACKED/%29;%3C/script%3E • Drupal Sql Injection • CDN reference compromise (Eg. Operation Poisoned Helmand) • Iframe Injectors Compromised sites
Demo time
Demo  Beef framework(JS hook)  Payload delivery via Social Engineering  Antivirus evasion(FUD)  Get a meterpreter shell back
Virus scan results
How to stay safe? • Stay up to date with security patches on your desktop machine. • There are several specialized tools which identify vulnerabilities in systems, install patches, and validate those patches. Use a 3rd party utility or software to constantly update your system. • Make sure that your browser, operating system, and browser’s plugins are all up to date. • Install a good host-based intrusion prevention system (HIPS) to monitor for suspicious activity on your computer.
References • https://heimdalsecurity.com/blog/nuclear-exploit-kit-flash-player/ • http://www.slideshare.net/SafeBytesSoftware/exploit-kits-and-your- computers-vulnerability. • https://heimdalsecurity.com/blog/exploit-kits-service-automation- changing-face-cyber-crime/
Thanks 

Recomendados

Qinghai Tang, pacsec english-version-final
Qinghai Tang, pacsec english-version-finalQinghai Tang, pacsec english-version-final
Qinghai Tang, pacsec english-version-finalPacSecJP
 
Gang gong, escalate privilege by vulnerabilities in android system services
Gang gong, escalate privilege by vulnerabilities in android system servicesGang gong, escalate privilege by vulnerabilities in android system services
Gang gong, escalate privilege by vulnerabilities in android system servicesPacSecJP
 
Humla workshop on Android Security Testing - null Singapore
Humla workshop on Android Security Testing - null SingaporeHumla workshop on Android Security Testing - null Singapore
Humla workshop on Android Security Testing - null Singaporen|u - The Open Security Community
 
Android system security
Android system securityAndroid system security
Android system securityChong-Kuan Chen
 
Owasp2013 johannesullrich
Owasp2013 johannesullrichOwasp2013 johannesullrich
Owasp2013 johannesullrichdrewz lin
 
PHDays 9: new methods of Vulnerability Prioritization in Vulnerability Manage...
PHDays 9: new methods of Vulnerability Prioritization in Vulnerability Manage...PHDays 9: new methods of Vulnerability Prioritization in Vulnerability Manage...
PHDays 9: new methods of Vulnerability Prioritization in Vulnerability Manage...Alexander Leonov
 
Defending Servers - Cyber security webinar part 3
Defending Servers - Cyber security webinar part 3Defending Servers - Cyber security webinar part 3
Defending Servers - Cyber security webinar part 3F-Secure Corporation
 
Problems with parameters b sides-msp
Problems with parameters b sides-mspProblems with parameters b sides-msp
Problems with parameters b sides-mspMike Saunders
 

Recomendados

Qinghai Tang, pacsec english-version-final
Qinghai Tang, pacsec english-version-finalQinghai Tang, pacsec english-version-final
Qinghai Tang, pacsec english-version-finalPacSecJP
 
Gang gong, escalate privilege by vulnerabilities in android system services
Gang gong, escalate privilege by vulnerabilities in android system servicesGang gong, escalate privilege by vulnerabilities in android system services
Gang gong, escalate privilege by vulnerabilities in android system servicesPacSecJP
 
Humla workshop on Android Security Testing - null Singapore
Humla workshop on Android Security Testing - null SingaporeHumla workshop on Android Security Testing - null Singapore
Humla workshop on Android Security Testing - null Singaporen|u - The Open Security Community
 
Android system security
Android system securityAndroid system security
Android system securityChong-Kuan Chen
 
Owasp2013 johannesullrich
Owasp2013 johannesullrichOwasp2013 johannesullrich
Owasp2013 johannesullrichdrewz lin
 
PHDays 9: new methods of Vulnerability Prioritization in Vulnerability Manage...
PHDays 9: new methods of Vulnerability Prioritization in Vulnerability Manage...PHDays 9: new methods of Vulnerability Prioritization in Vulnerability Manage...
PHDays 9: new methods of Vulnerability Prioritization in Vulnerability Manage...Alexander Leonov
 
Defending Servers - Cyber security webinar part 3
Defending Servers - Cyber security webinar part 3Defending Servers - Cyber security webinar part 3
Defending Servers - Cyber security webinar part 3F-Secure Corporation
 
Problems with parameters b sides-msp
Problems with parameters b sides-mspProblems with parameters b sides-msp
Problems with parameters b sides-mspMike Saunders
 
Vulnerability Intelligence and Assessment with vulners.com
Vulnerability Intelligence and Assessment with vulners.comVulnerability Intelligence and Assessment with vulners.com
Vulnerability Intelligence and Assessment with vulners.comAlexander Leonov
 
Drive by downloads-cns
Drive by downloads-cnsDrive by downloads-cns
Drive by downloads-cnsmmubashirkhan
 
Owasp advanced mobile-application-code-review-techniques-v0.2
Owasp advanced mobile-application-code-review-techniques-v0.2Owasp advanced mobile-application-code-review-techniques-v0.2
Owasp advanced mobile-application-code-review-techniques-v0.2drewz lin
 
Building your macOS Baseline Requirements MacadUK 2018
Building your macOS Baseline Requirements MacadUK 2018Building your macOS Baseline Requirements MacadUK 2018
Building your macOS Baseline Requirements MacadUK 2018Henry Stamerjohann
 
CyberCentral Summit 2018 in Prague
CyberCentral Summit 2018 in PragueCyberCentral Summit 2018 in Prague
CyberCentral Summit 2018 in PragueAlexander Leonov
 
“_____ Is Not a Security Boundary: Things I Have Learned and Things That Have...
“_____ Is Not a Security Boundary: Things I Have Learned and Things That Have...“_____ Is Not a Security Boundary: Things I Have Learned and Things That Have...
“_____ Is Not a Security Boundary: Things I Have Learned and Things That Have...enigma0x3
 
Let’s play the game. Yet another way to perform penetration test. Russian “re...
Let’s play the game. Yet another way to perform penetration test. Russian “re...Let’s play the game. Yet another way to perform penetration test. Russian “re...
Let’s play the game. Yet another way to perform penetration test. Russian “re...Kirill Ermakov
 
Lets talk about bug hunting
Lets talk about bug huntingLets talk about bug hunting
Lets talk about bug huntingKirill Ermakov
 
PHDays 8: Vulnerability Databases. Sifting thousands tons of verbal ore
PHDays 8: Vulnerability Databases. Sifting thousands tons of verbal orePHDays 8: Vulnerability Databases. Sifting thousands tons of verbal ore
PHDays 8: Vulnerability Databases. Sifting thousands tons of verbal oreAlexander Leonov
 
Configuration Tips to Reduce the Risk of IBM i Malware Infection
Configuration Tips to Reduce the Risk of IBM i Malware InfectionConfiguration Tips to Reduce the Risk of IBM i Malware Infection
Configuration Tips to Reduce the Risk of IBM i Malware InfectionPrecisely
 
Android Security
Android SecurityAndroid Security
Android SecurityArqum Ahmad
 
Malware's most wanted-zberp-the_financial_trojan
Malware's most wanted-zberp-the_financial_trojanMalware's most wanted-zberp-the_financial_trojan
Malware's most wanted-zberp-the_financial_trojanCyphort
 
MS Just Gave the Blue Team Tactical Nukes (And How Red Teams Need To Adapt) -...
MS Just Gave the Blue Team Tactical Nukes (And How Red Teams Need To Adapt) -...MS Just Gave the Blue Team Tactical Nukes (And How Red Teams Need To Adapt) -...
MS Just Gave the Blue Team Tactical Nukes (And How Red Teams Need To Adapt) -...Chris Thompson
 
Cyber security webinar 6 - How to build systems that resist attacks?
Cyber security webinar 6 - How to build systems that resist attacks?Cyber security webinar 6 - How to build systems that resist attacks?
Cyber security webinar 6 - How to build systems that resist attacks?F-Secure Corporation
 
Ransomware 0 admins 1
Ransomware 0 admins 1Ransomware 0 admins 1
Ransomware 0 admins 1kieranjacobsen
 
2015.04.24 Updated > Android Security Development - Part 1: App Development
2015.04.24 Updated > Android Security Development - Part 1: App Development 2015.04.24 Updated > Android Security Development - Part 1: App Development
2015.04.24 Updated > Android Security Development - Part 1: App Development Cheng-Yi Yu
 
DFIR Austin Training (Feb 2020): Remote Access & Deploying Agents
DFIR Austin Training (Feb 2020): Remote Access & Deploying AgentsDFIR Austin Training (Feb 2020): Remote Access & Deploying Agents
DFIR Austin Training (Feb 2020): Remote Access & Deploying AgentsChristopher Gerritz
 
Breaking Secure Mobile Applications - Hack In The Box 2014 KL
Breaking Secure Mobile Applications - Hack In The Box 2014 KLBreaking Secure Mobile Applications - Hack In The Box 2014 KL
Breaking Secure Mobile Applications - Hack In The Box 2014 KLiphonepentest
 
Security by Weston Hecker
Security by Weston HeckerSecurity by Weston Hecker
Security by Weston HeckerEC-Council
 
Mickey pacsec2016_final
Mickey pacsec2016_finalMickey pacsec2016_final
Mickey pacsec2016_finalPacSecJP
 
2015-sdms-annual-report
2015-sdms-annual-report2015-sdms-annual-report
2015-sdms-annual-reportHeather Farmakis, Ph.D.
 
โครงงานคอมพิวเตอร์ (1)
โครงงานคอมพิวเตอร์ (1)โครงงานคอมพิวเตอร์ (1)
โครงงานคอมพิวเตอร์ (1)Mark'k Stk
 

Mais conteúdo relacionado

Mais procurados

Vulnerability Intelligence and Assessment with vulners.com
Vulnerability Intelligence and Assessment with vulners.comVulnerability Intelligence and Assessment with vulners.com
Vulnerability Intelligence and Assessment with vulners.comAlexander Leonov
 
Drive by downloads-cns
Drive by downloads-cnsDrive by downloads-cns
Drive by downloads-cnsmmubashirkhan
 
Owasp advanced mobile-application-code-review-techniques-v0.2
Owasp advanced mobile-application-code-review-techniques-v0.2Owasp advanced mobile-application-code-review-techniques-v0.2
Owasp advanced mobile-application-code-review-techniques-v0.2drewz lin
 
Building your macOS Baseline Requirements MacadUK 2018
Building your macOS Baseline Requirements MacadUK 2018Building your macOS Baseline Requirements MacadUK 2018
Building your macOS Baseline Requirements MacadUK 2018Henry Stamerjohann
 
CyberCentral Summit 2018 in Prague
CyberCentral Summit 2018 in PragueCyberCentral Summit 2018 in Prague
CyberCentral Summit 2018 in PragueAlexander Leonov
 
“_____ Is Not a Security Boundary: Things I Have Learned and Things That Have...
“_____ Is Not a Security Boundary: Things I Have Learned and Things That Have...“_____ Is Not a Security Boundary: Things I Have Learned and Things That Have...
“_____ Is Not a Security Boundary: Things I Have Learned and Things That Have...enigma0x3
 
Let’s play the game. Yet another way to perform penetration test. Russian “re...
Let’s play the game. Yet another way to perform penetration test. Russian “re...Let’s play the game. Yet another way to perform penetration test. Russian “re...
Let’s play the game. Yet another way to perform penetration test. Russian “re...Kirill Ermakov
 
Lets talk about bug hunting
Lets talk about bug huntingLets talk about bug hunting
Lets talk about bug huntingKirill Ermakov
 
PHDays 8: Vulnerability Databases. Sifting thousands tons of verbal ore
PHDays 8: Vulnerability Databases. Sifting thousands tons of verbal orePHDays 8: Vulnerability Databases. Sifting thousands tons of verbal ore
PHDays 8: Vulnerability Databases. Sifting thousands tons of verbal oreAlexander Leonov
 
Configuration Tips to Reduce the Risk of IBM i Malware Infection
Configuration Tips to Reduce the Risk of IBM i Malware InfectionConfiguration Tips to Reduce the Risk of IBM i Malware Infection
Configuration Tips to Reduce the Risk of IBM i Malware InfectionPrecisely
 
Android Security
Android SecurityAndroid Security
Android SecurityArqum Ahmad
 
Malware's most wanted-zberp-the_financial_trojan
Malware's most wanted-zberp-the_financial_trojanMalware's most wanted-zberp-the_financial_trojan
Malware's most wanted-zberp-the_financial_trojanCyphort
 
MS Just Gave the Blue Team Tactical Nukes (And How Red Teams Need To Adapt) -...
MS Just Gave the Blue Team Tactical Nukes (And How Red Teams Need To Adapt) -...MS Just Gave the Blue Team Tactical Nukes (And How Red Teams Need To Adapt) -...
MS Just Gave the Blue Team Tactical Nukes (And How Red Teams Need To Adapt) -...Chris Thompson
 
Cyber security webinar 6 - How to build systems that resist attacks?
Cyber security webinar 6 - How to build systems that resist attacks?Cyber security webinar 6 - How to build systems that resist attacks?
Cyber security webinar 6 - How to build systems that resist attacks?F-Secure Corporation
 
2015.04.24 Updated > Android Security Development - Part 1: App Development
2015.04.24 Updated > Android Security Development - Part 1: App Development 2015.04.24 Updated > Android Security Development - Part 1: App Development
2015.04.24 Updated > Android Security Development - Part 1: App Development Cheng-Yi Yu
 
DFIR Austin Training (Feb 2020): Remote Access & Deploying Agents
DFIR Austin Training (Feb 2020): Remote Access & Deploying AgentsDFIR Austin Training (Feb 2020): Remote Access & Deploying Agents
DFIR Austin Training (Feb 2020): Remote Access & Deploying AgentsChristopher Gerritz
 
Breaking Secure Mobile Applications - Hack In The Box 2014 KL
Breaking Secure Mobile Applications - Hack In The Box 2014 KLBreaking Secure Mobile Applications - Hack In The Box 2014 KL
Breaking Secure Mobile Applications - Hack In The Box 2014 KLiphonepentest
 
Security by Weston Hecker
Security by Weston HeckerSecurity by Weston Hecker
Security by Weston HeckerEC-Council
 
Mickey pacsec2016_final
Mickey pacsec2016_finalMickey pacsec2016_final
Mickey pacsec2016_finalPacSecJP
 

Mais procurados (20)

Vulnerability Intelligence and Assessment with vulners.com
Vulnerability Intelligence and Assessment with vulners.comVulnerability Intelligence and Assessment with vulners.com
Vulnerability Intelligence and Assessment with vulners.com
 
Drive by downloads-cns
Drive by downloads-cnsDrive by downloads-cns
Drive by downloads-cns
 
Owasp advanced mobile-application-code-review-techniques-v0.2
Owasp advanced mobile-application-code-review-techniques-v0.2Owasp advanced mobile-application-code-review-techniques-v0.2
Owasp advanced mobile-application-code-review-techniques-v0.2
 
Building your macOS Baseline Requirements MacadUK 2018
Building your macOS Baseline Requirements MacadUK 2018Building your macOS Baseline Requirements MacadUK 2018
Building your macOS Baseline Requirements MacadUK 2018
 
CyberCentral Summit 2018 in Prague
CyberCentral Summit 2018 in PragueCyberCentral Summit 2018 in Prague
CyberCentral Summit 2018 in Prague
 
“_____ Is Not a Security Boundary: Things I Have Learned and Things That Have...
“_____ Is Not a Security Boundary: Things I Have Learned and Things That Have...“_____ Is Not a Security Boundary: Things I Have Learned and Things That Have...
“_____ Is Not a Security Boundary: Things I Have Learned and Things That Have...
 
Let’s play the game. Yet another way to perform penetration test. Russian “re...
Let’s play the game. Yet another way to perform penetration test. Russian “re...Let’s play the game. Yet another way to perform penetration test. Russian “re...
Let’s play the game. Yet another way to perform penetration test. Russian “re...
 
Lets talk about bug hunting
Lets talk about bug huntingLets talk about bug hunting
Lets talk about bug hunting
 
PHDays 8: Vulnerability Databases. Sifting thousands tons of verbal ore
PHDays 8: Vulnerability Databases. Sifting thousands tons of verbal orePHDays 8: Vulnerability Databases. Sifting thousands tons of verbal ore
PHDays 8: Vulnerability Databases. Sifting thousands tons of verbal ore
 
Configuration Tips to Reduce the Risk of IBM i Malware Infection
Configuration Tips to Reduce the Risk of IBM i Malware InfectionConfiguration Tips to Reduce the Risk of IBM i Malware Infection
Configuration Tips to Reduce the Risk of IBM i Malware Infection
 
Android Security
Android SecurityAndroid Security
Android Security
 
Malware's most wanted-zberp-the_financial_trojan
Malware's most wanted-zberp-the_financial_trojanMalware's most wanted-zberp-the_financial_trojan
Malware's most wanted-zberp-the_financial_trojan
 
MS Just Gave the Blue Team Tactical Nukes (And How Red Teams Need To Adapt) -...
MS Just Gave the Blue Team Tactical Nukes (And How Red Teams Need To Adapt) -...MS Just Gave the Blue Team Tactical Nukes (And How Red Teams Need To Adapt) -...
MS Just Gave the Blue Team Tactical Nukes (And How Red Teams Need To Adapt) -...
 
Cyber security webinar 6 - How to build systems that resist attacks?
Cyber security webinar 6 - How to build systems that resist attacks?Cyber security webinar 6 - How to build systems that resist attacks?
Cyber security webinar 6 - How to build systems that resist attacks?
 
Ransomware 0 admins 1
Ransomware 0 admins 1Ransomware 0 admins 1
Ransomware 0 admins 1
 
2015.04.24 Updated > Android Security Development - Part 1: App Development
2015.04.24 Updated > Android Security Development - Part 1: App Development 2015.04.24 Updated > Android Security Development - Part 1: App Development
2015.04.24 Updated > Android Security Development - Part 1: App Development
 
DFIR Austin Training (Feb 2020): Remote Access & Deploying Agents
DFIR Austin Training (Feb 2020): Remote Access & Deploying AgentsDFIR Austin Training (Feb 2020): Remote Access & Deploying Agents
DFIR Austin Training (Feb 2020): Remote Access & Deploying Agents
 
Breaking Secure Mobile Applications - Hack In The Box 2014 KL
Breaking Secure Mobile Applications - Hack In The Box 2014 KLBreaking Secure Mobile Applications - Hack In The Box 2014 KL
Breaking Secure Mobile Applications - Hack In The Box 2014 KL
 
Security by Weston Hecker
Security by Weston HeckerSecurity by Weston Hecker
Security by Weston Hecker
 
Mickey pacsec2016_final
Mickey pacsec2016_finalMickey pacsec2016_final
Mickey pacsec2016_final
 

Destaque

โครงงานคอมพิวเตอร์ (1)
โครงงานคอมพิวเตอร์ (1)โครงงานคอมพิวเตอร์ (1)
โครงงานคอมพิวเตอร์ (1)Mark'k Stk
 
2015-05-20 openmdm-architecture
2015-05-20 openmdm-architecture2015-05-20 openmdm-architecture
2015-05-20 openmdm-architectureAndreas Benzing
 
3 fashiontech-lovebrand
3 fashiontech-lovebrand3 fashiontech-lovebrand
3 fashiontech-lovebrandfashiontechcz
 
3 superhero film posters
3 superhero film posters3 superhero film posters
3 superhero film postersAineMcGivern
 
openMDM5: From a fat client to a scalable, omni-channel architecture
openMDM5: From a fat client to a scalable, omni-channel architectureopenMDM5: From a fat client to a scalable, omni-channel architecture
openMDM5: From a fat client to a scalable, omni-channel architectureAndreas Benzing
 
โครงงานคอมพิวเตอร์
โครงงานคอมพิวเตอร์โครงงานคอมพิวเตอร์
โครงงานคอมพิวเตอร์Mark'k Stk
 
งานคอมพิวเตอร์
งานคอมพิวเตอร์งานคอมพิวเตอร์
งานคอมพิวเตอร์Mark'k Stk
 
M.5 3 11 13 24(PP)
M.5 3 11 13 24(PP)M.5 3 11 13 24(PP)
M.5 3 11 13 24(PP)Mark'k Stk
 
Bus Stop Infrastrucutre Services 2015 v1
Bus Stop Infrastrucutre Services 2015 v1Bus Stop Infrastrucutre Services 2015 v1
Bus Stop Infrastrucutre Services 2015 v1Neil Szegota
 
โครงงานคอมพิวเตอร์ (1)
โครงงานคอมพิวเตอร์ (1)โครงงานคอมพิวเตอร์ (1)
โครงงานคอมพิวเตอร์ (1)Mark'k Stk
 
Ejercicio 4-maquete-utilizando-css-externo.
Ejercicio 4-maquete-utilizando-css-externo.Ejercicio 4-maquete-utilizando-css-externo.
Ejercicio 4-maquete-utilizando-css-externo.carlos_yurema
 
Honza dmitrijev-prezentace fashiontech (2)
Honza dmitrijev-prezentace fashiontech (2)Honza dmitrijev-prezentace fashiontech (2)
Honza dmitrijev-prezentace fashiontech (2)fashiontechcz
 
โครงงานคอมพิวเตอร์
โครงงานคอมพิวเตอร์ โครงงานคอมพิวเตอร์
โครงงานคอมพิวเตอร์ Mark'k Stk
 
Tips for Your Business in 2016
Tips for Your Business in 2016Tips for Your Business in 2016
Tips for Your Business in 2016Irv Holmes
 
Top Management Techniques
Top Management TechniquesTop Management Techniques
Top Management TechniquesIrv Holmes
 

Destaque (20)

2015-sdms-annual-report
2015-sdms-annual-report2015-sdms-annual-report
2015-sdms-annual-report
 
โครงงานคอมพิวเตอร์ (1)
โครงงานคอมพิวเตอร์ (1)โครงงานคอมพิวเตอร์ (1)
โครงงานคอมพิวเตอร์ (1)
 
2015-05-20 openmdm-architecture
2015-05-20 openmdm-architecture2015-05-20 openmdm-architecture
2015-05-20 openmdm-architecture
 
Research publication
Research publicationResearch publication
Research publication
 
3 fashiontech-lovebrand
3 fashiontech-lovebrand3 fashiontech-lovebrand
3 fashiontech-lovebrand
 
3 superhero film posters
3 superhero film posters3 superhero film posters
3 superhero film posters
 
openMDM5: From a fat client to a scalable, omni-channel architecture
openMDM5: From a fat client to a scalable, omni-channel architectureopenMDM5: From a fat client to a scalable, omni-channel architecture
openMDM5: From a fat client to a scalable, omni-channel architecture
 
โครงงานคอมพิวเตอร์
โครงงานคอมพิวเตอร์โครงงานคอมพิวเตอร์
โครงงานคอมพิวเตอร์
 
งานคอมพิวเตอร์
งานคอมพิวเตอร์งานคอมพิวเตอร์
งานคอมพิวเตอร์
 
Qiy4link
Qiy4link Qiy4link
Qiy4link
 
Resume Updated 3
Resume Updated 3Resume Updated 3
Resume Updated 3
 
M.5 3 11 13 24(PP)
M.5 3 11 13 24(PP)M.5 3 11 13 24(PP)
M.5 3 11 13 24(PP)
 
Bus Stop Infrastrucutre Services 2015 v1
Bus Stop Infrastrucutre Services 2015 v1Bus Stop Infrastrucutre Services 2015 v1
Bus Stop Infrastrucutre Services 2015 v1
 
โครงงานคอมพิวเตอร์ (1)
โครงงานคอมพิวเตอร์ (1)โครงงานคอมพิวเตอร์ (1)
โครงงานคอมพิวเตอร์ (1)
 
Ejercicio 4-maquete-utilizando-css-externo.
Ejercicio 4-maquete-utilizando-css-externo.Ejercicio 4-maquete-utilizando-css-externo.
Ejercicio 4-maquete-utilizando-css-externo.
 
Honza dmitrijev-prezentace fashiontech (2)
Honza dmitrijev-prezentace fashiontech (2)Honza dmitrijev-prezentace fashiontech (2)
Honza dmitrijev-prezentace fashiontech (2)
 
โครงงานคอมพิวเตอร์
โครงงานคอมพิวเตอร์ โครงงานคอมพิวเตอร์
โครงงานคอมพิวเตอร์
 
La Escuela al Centro
La Escuela al CentroLa Escuela al Centro
La Escuela al Centro
 
Tips for Your Business in 2016
Tips for Your Business in 2016Tips for Your Business in 2016
Tips for Your Business in 2016
 
Top Management Techniques
Top Management TechniquesTop Management Techniques
Top Management Techniques
 

Semelhante a Javascript Exploitation

3. APTs Presentation
3. APTs Presentation3. APTs Presentation
3. APTs Presentationisc2-hellenic
 
Honeycon2016-honeypot updates for public
Honeycon2016-honeypot updates for publicHoneycon2016-honeypot updates for public
Honeycon2016-honeypot updates for publicJulia Yu-Chin Cheng
 
VAPT PRESENTATION full.pptx
VAPT PRESENTATION full.pptxVAPT PRESENTATION full.pptx
VAPT PRESENTATION full.pptxDARSHANBHAVSAR14
 
Dealing with legacy code
Dealing with legacy codeDealing with legacy code
Dealing with legacy codeG Prachi
 
Metasploitation part-1 (murtuja)
Metasploitation part-1 (murtuja)Metasploitation part-1 (murtuja)
Metasploitation part-1 (murtuja)ClubHack
 
VAPT_FINAL SLIDES.pptx
VAPT_FINAL SLIDES.pptxVAPT_FINAL SLIDES.pptx
VAPT_FINAL SLIDES.pptxkarthikvcyber
 
(130119) #fitalk apt, cyber espionage threat
(130119) #fitalk apt, cyber espionage threat(130119) #fitalk apt, cyber espionage threat
(130119) #fitalk apt, cyber espionage threatINSIGHT FORENSIC
 
Metasploit (Module-1) - Getting Started With Metasploit
Metasploit (Module-1) - Getting Started With MetasploitMetasploit (Module-1) - Getting Started With Metasploit
Metasploit (Module-1) - Getting Started With MetasploitAnurag Srivastava
 
Exploitation techniques and fuzzing
Exploitation techniques and fuzzingExploitation techniques and fuzzing
Exploitation techniques and fuzzingG Prachi
 
Do You Write Secure Code? by Erez Metula
Do You Write Secure Code? by Erez MetulaDo You Write Secure Code? by Erez Metula
Do You Write Secure Code? by Erez MetulaAlphageeks
 
Webinar - Tips and Tricks on Website Security
Webinar - Tips and Tricks on Website SecurityWebinar - Tips and Tricks on Website Security
Webinar - Tips and Tricks on Website SecurityStopTheHacker
 
CyberCrime in the Cloud and How to defend Yourself
CyberCrime in the Cloud and How to defend Yourself CyberCrime in the Cloud and How to defend Yourself
CyberCrime in the Cloud and How to defend Yourself Alert Logic
 
Ransomware: How to avoid a crypto crisis at your IT business
Ransomware: How to avoid a crypto crisis at your IT businessRansomware: How to avoid a crypto crisis at your IT business
Ransomware: How to avoid a crypto crisis at your IT businessCalyptix Security
 
Advanced Persistent Threats
Advanced Persistent ThreatsAdvanced Persistent Threats
Advanced Persistent ThreatsESET
 
Reversing & malware analysis training part 10 exploit development basics
Reversing & malware analysis training part 10 exploit development basicsReversing & malware analysis training part 10 exploit development basics
Reversing & malware analysis training part 10 exploit development basicsAbdulrahman Bassam
 
metaploit framework
metaploit frameworkmetaploit framework
metaploit frameworkLe Quyen
 
1 (20 files merged).ppt
1 (20 files merged).ppt1 (20 files merged).ppt
1 (20 files merged).pptseshas1
 
Creating Havoc using Human Interface Device
Creating Havoc using Human Interface DeviceCreating Havoc using Human Interface Device
Creating Havoc using Human Interface DevicePositive Hack Days
 
Malicious software and software security
Malicious software and software securityMalicious software and software security
Malicious software and software securityG Prachi
 

Semelhante a Javascript Exploitation (20)

3. APTs Presentation
3. APTs Presentation3. APTs Presentation
3. APTs Presentation
 
Botnets Attacks.pptx
Botnets Attacks.pptxBotnets Attacks.pptx
Botnets Attacks.pptx
 
Honeycon2016-honeypot updates for public
Honeycon2016-honeypot updates for publicHoneycon2016-honeypot updates for public
Honeycon2016-honeypot updates for public
 
VAPT PRESENTATION full.pptx
VAPT PRESENTATION full.pptxVAPT PRESENTATION full.pptx
VAPT PRESENTATION full.pptx
 
Dealing with legacy code
Dealing with legacy codeDealing with legacy code
Dealing with legacy code
 
Metasploitation part-1 (murtuja)
Metasploitation part-1 (murtuja)Metasploitation part-1 (murtuja)
Metasploitation part-1 (murtuja)
 
VAPT_FINAL SLIDES.pptx
VAPT_FINAL SLIDES.pptxVAPT_FINAL SLIDES.pptx
VAPT_FINAL SLIDES.pptx
 
(130119) #fitalk apt, cyber espionage threat
(130119) #fitalk apt, cyber espionage threat(130119) #fitalk apt, cyber espionage threat
(130119) #fitalk apt, cyber espionage threat
 
Metasploit (Module-1) - Getting Started With Metasploit
Metasploit (Module-1) - Getting Started With MetasploitMetasploit (Module-1) - Getting Started With Metasploit
Metasploit (Module-1) - Getting Started With Metasploit
 
Exploitation techniques and fuzzing
Exploitation techniques and fuzzingExploitation techniques and fuzzing
Exploitation techniques and fuzzing
 
Do You Write Secure Code? by Erez Metula
Do You Write Secure Code? by Erez MetulaDo You Write Secure Code? by Erez Metula
Do You Write Secure Code? by Erez Metula
 
Webinar - Tips and Tricks on Website Security
Webinar - Tips and Tricks on Website SecurityWebinar - Tips and Tricks on Website Security
Webinar - Tips and Tricks on Website Security
 
CyberCrime in the Cloud and How to defend Yourself
CyberCrime in the Cloud and How to defend Yourself CyberCrime in the Cloud and How to defend Yourself
CyberCrime in the Cloud and How to defend Yourself
 
Ransomware: How to avoid a crypto crisis at your IT business
Ransomware: How to avoid a crypto crisis at your IT businessRansomware: How to avoid a crypto crisis at your IT business
Ransomware: How to avoid a crypto crisis at your IT business
 
Advanced Persistent Threats
Advanced Persistent ThreatsAdvanced Persistent Threats
Advanced Persistent Threats
 
Reversing & malware analysis training part 10 exploit development basics
Reversing & malware analysis training part 10 exploit development basicsReversing & malware analysis training part 10 exploit development basics
Reversing & malware analysis training part 10 exploit development basics
 
metaploit framework
metaploit frameworkmetaploit framework
metaploit framework
 
1 (20 files merged).ppt
1 (20 files merged).ppt1 (20 files merged).ppt
1 (20 files merged).ppt
 
Creating Havoc using Human Interface Device
Creating Havoc using Human Interface DeviceCreating Havoc using Human Interface Device
Creating Havoc using Human Interface Device
 
Malicious software and software security
Malicious software and software securityMalicious software and software security
Malicious software and software security
 

Javascript Exploitation

  • 1. Exploit Kits – Exploitation via JS Rashid Feroz & Krishnendu Paul
  • 2. About us! • Information security enthusiasts. • Love to break into things! • A college grad and an Industry veteran.
  • 3. What Are Exploit Kits? • A toolkit that automates the exploitation of client-side vulnerabilities. • Usually targets browsers and programs that a website can invoke through the browser. • The attacker doesn’t need to know how to create exploits to benefit from infecting systems. • It provides a user-friendly web interface that helps the attacker track the infection campaign.
  • 4. Famous Exploit Kits • Blackhole • FlashPack • Magnitude • Rig • Nuclear • Angler • Sweet Orange • Neutrino Exploit Kits
  • 6. Most commonly used vulnerable 3rd party software • Oracle Java Runtime environment • Adobe Acrobat Reader • Adobe Flash Player / Plugin • Apple Quicktime
  • 7.
  • 8. From sale to infection • The buyer would license a copy of a kit from the creator. • The victim opens a spam email link or loads an infected web page. • The page contains JavaScript that determines vulnerabilities of the victim’s computer and notifies the kit user of what files the victim’s computer held. • If the kit found a usable exploit, the malicious payload would be loaded onto the victim's computer.
  • 9. Phases • Compromised site • Redirector • Landing page • Post-infection traffic Phases
  • 10. Compromised sites • LFI in RevSlider plugin of Wordpress – http://[compromised.com]/wp-admin/admin- ajax.php?action=revslider_show_image&img=../wp-config.php • XSS in Simple Security Wordpress plugin – http://[compromised.com]/wp- admin/users.php?page=access_log&datefilter=%27%22%3E%3C script%3Ealert%28/HACKED/%29;%3C/script%3E • Drupal Sql Injection • CDN reference compromise (Eg. Operation Poisoned Helmand) • Iframe Injectors Compromised sites
  • 12. Demo  Beef framework(JS hook)  Payload delivery via Social Engineering  Antivirus evasion(FUD)  Get a meterpreter shell back
  • 14. How to stay safe? • Stay up to date with security patches on your desktop machine. • There are several specialized tools which identify vulnerabilities in systems, install patches, and validate those patches. Use a 3rd party utility or software to constantly update your system. • Make sure that your browser, operating system, and browser’s plugins are all up to date. • Install a good host-based intrusion prevention system (HIPS) to monitor for suspicious activity on your computer.