Abstract: When attacking a target you should never do it directly from your machine or your detection will be to easy, use proxies or network pivots to obscure your origin. Also after a successful penetration of a network a hacker (good or bad) will immediately search to move horizontally thru the network and use the existing infrastructure to pivot their attacks. Learn various ways to do this and "never" get caught.
2. What is OC, Inc?
• Obsidis Consortia, Inc. [OC, Inc.] is a non-profit organization that promotes
security awareness in the community and supports professional
development of security professionals, students and enthusiasts in Puerto
Rico.
• OC, Inc. has develop and is supporting initiatives like the Init6 Security
User Group, Professional Training & Workshops, Network and Security
Systems Simulation Scenarios (Capture the Flag), Security BSides Puerto
Rico Conference and a Community Outreach Program.
3. What is pivoting?
• Webster
– a key player or position; specifically : an offensive position of a player standing
to relay passes, shoot, or provide a screen for teammates
• InfoSec
– Pivoting refers to method used by penetration testers, hackers or security
professionals that uses one system (compromised ) to access (attack) other
systems on the same network or remote networks to avoid detection,
restrictions such as firewall configurations, which may prohibit direct access to
all machines and provide misdirection during an incident investigation.
• Types
– Port Forwarding or Proxies
– Traditional Routing
– VPN/Tunneling
9/11/2013
4. Techniques
• OS Functionality
– Windows RAS
– Linux IP Forwarding
• Tools
– netcat
– ssh
– proxychains
– fpipe
• Exploit Frameworks
– Metasploit
• Dedicated Technologies
– OpenVPN
– PPTP/L2TP
– IPSec
• VM appliance
– OpenWRT/pfSense
9/11/2013
12. VPN
• Protocols
– PPTP (weakest)
– L2TP/Ipsec
– SSL
• Private VPN service
– VPN service you pay for to protect your information
– VPN providers are bound by its country’s laws
• OpenVPN
17. Challenge
• Code a port forwarder in python or ruby
– Command line
– Accepts arguments:
• Forwards TCP or UDP
• Local port (listens by default on TCP 8080)
• Source port (optional)
• Remote port
• Remote host
– Cross platform (Windows, Linux, Mac OS X)
18. Please visit us to keep in touch …
www.ObsidisConsortia.org
www.BSidesPR.org
https://www.youtube.com/channel/UCtpOw0dKOIVJu7JZqHx4oQg
https://plus.google.com/u/0/communities/102771209982001396923
https://facebook.com/obsidisconsortia
https://twitter.com/BSidesPR
Affiliates:
www.TalktoanIT.com
www.codefidelio.org
www.darkoperator.com