What	  will	  we	                                                  do	  today? 	  	  •  Penetra1on	  Tes1ng	     discussio...
Penetra1on	                                            Tes1ng 	   	  	  •  What?	     –  Rude	  word……	     –  What	  do	 ...
Breakdown 	                                                            	  •    Build	  Review	                      •  WLA...
Ops	  J	  	  •  Client	  discussions	        •  Report	  •  Proposal	                     •  Invoice	  •  Acceptance	  /	...
Oops	  	  L 	  	  •  What	  can	  go	  wrong?	      –  DoS	      –  Wrong	  scope	      –  Mis-­‐match	  resources	      ...
Social	                                                 Engineering	                                                     (...
SE:	  Anatomy	  	  •  Agree	  scope	     –  What	  is	  in?	     –  What	  is	  out?	  MAKE	  THIS	  VERY	  CLEAR	  •  Rec...
SE:	  Anatomy	                                                         Cont’d	  	  •  Plan	  based	  on	  reconnaissance	 ...
SE:	                                                        Characteris1cs	                         	                     ...
SE:	                                           Outcome	  /	                                            Results	  •  Report...
SE:	  Example	  •  Crea1ng	  a	  fake	  email	  account	  with	  a	  real	     person’s	  name.	  	  •  Ellen	  belongs	  ...
SE:	  Example	                                                               Cont’d	  •  Sending	  an	  email	  from	  “El...
SE:	  Example	                                                                    Cont’d	  	         •  The	  website	  is...
SE:	  Example	                                                                      Cont’d	  	         •  Should	  the	  u...
SE:	  Example	                                                                Cont’d	  	         •  Pwnd	  ;)	  	         ...
SE:	  Example	                                                                Cont’d	  •  Oddly	  enough,	  a	  real	  emp...
SE:	  Example	                                                                  Cont’d	  	         Crea1ng	  a	  fake	  ac...
SE:	  Example	                                                                   Cont’d	  •  The	  en1re	  email	  is	  fo...
SE:	  Example	                                                                       Cont’d	  	  	         •  The	  a]acke...
SE:	  Example	                                                                   Cont’d	  	         Looks	  legit?	  Almos...
SE:	  Example	                                                                         Cont’d	  	     •  Here	  we	  see	 ...
  	     	     	  Ques1ons	  
Contact	                                          Details	  Name:	  Yve]e	  du	  Toit	  Email:	  	  yve]e@sensepost.com	  
Upcoming SlideShare
Loading in...5
×

Penetration testing and social engineering

1,190

Published on

Presentation by Yvette du Toit to the University Of Pretoria's honors class of 2011.

This presentation is about penetration testing and social engineering. A walkthrough of a social engineering attack is given in this presentation

Published in: Technology, Art & Photos
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
1,190
On Slideshare
0
From Embeds
0
Number of Embeds
2
Actions
Shares
0
Downloads
27
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Penetration testing and social engineering

  1. 1. What  will  we   do  today?    •  Penetra1on  Tes1ng   discussion   •  Non-­‐tech  view   –  Types  of  services   –  Dark  side?  •  Social  Engineering   •  Interac1ve   –  Real-­‐life  examples    
  2. 2. Penetra1on   Tes1ng      •  What?   –  Rude  word……   –  What  do  you  think?  
  3. 3. Breakdown    •  Build  Review   •  WLAN  •  Infrastructure   •  Database  •  Applica1on   •  AD  •  Code  Review  •  Reverse  Engineering  •  MVS  (PCI,  Int,  Ext  etc)  
  4. 4. Ops  J    •  Client  discussions   •  Report  •  Proposal   •  Invoice  •  Acceptance  /  PO  •  Rest  of  paperwork   (SOW  et  al)  •  Resources  /  Schedule  •  Delivery  
  5. 5. Oops    L    •  What  can  go  wrong?   –  DoS   –  Wrong  scope   –  Mis-­‐match  resources   –  Dissa1sfied  clients   –  Non-­‐payment  
  6. 6. Social   Engineering   (SE)    •  Art  of  decep1on?   –  Manipula1on   –  Disclosure  •  What  do  you  see  as  SE?   –  Examples  
  7. 7. SE:  Anatomy    •  Agree  scope   –  What  is  in?   –  What  is  out?  MAKE  THIS  VERY  CLEAR  •  Reconnaissance   –  Onsite   –  Web   –  News  
  8. 8. SE:  Anatomy   Cont’d    •  Plan  based  on  reconnaissance   –  Approximate  idea  of  execu1on   –  Poten1al  back-­‐up  plans  of  delivery  failure   –  Changing  course  based  on  scenario  
  9. 9. SE:   Characteris1cs     &  Tools     CHARACTERISTICS   TOOLS  •  Guts   •  Internet  •  Keep  calm   •  Google  Earth  •  Think  on  your  feet   •  Charm  •  Change  tac1cs  whilst   •  Manners   keeping  your  wits   •  Gadgets  (phone,   about  you   camera)        
  10. 10. SE:   Outcome  /   Results  •  Report  •  Evidence  (MOST  IMPORTANT)      
  11. 11. SE:  Example  •  Crea1ng  a  fake  email  account  with  a  real   person’s  name.    •  Ellen  belongs  to  a  company  loosely   affiliated  with  the  target.  
  12. 12. SE:  Example   Cont’d  •  Sending  an  email  from  “Ellen”  to  many   hundreds  of  employees  of  the  target   company.    •  The  email  contents  is  based  on  a  real  event   that  the  target  company  held  (gleaned  from   their  news  website).    •  The  email  encourages  people  to  visit  a   website,  which  appears  to  be  legi1mate.    
  13. 13. SE:  Example   Cont’d     •  The  website  is  a  duplicate  of  the  target   company  website,  with  a  few  minor   modifica1ons  to  go  along  with  the  farcical   story  from  the  email.     •  The  page  a]empts  to  run  a  Java  applet   (next  slide).  
  14. 14. SE:  Example   Cont’d     •  Should  the  user  click  yes  to  running  the   applet  from  the  site,  some  hos1le  Java  will   execute  which  will  compromise  the   machine,  and  give  the  a]acker  full  control   (as  in  next  slide)  
  15. 15. SE:  Example   Cont’d     •  Pwnd  ;)     •  Logs  of  people  visi1ng  the  site  
  16. 16. SE:  Example   Cont’d  •  Oddly  enough,  a  real  employee  (Fred)   replied  to  the  a]acker  with  real  comments   about  the  site.    •  This  was  useful  as  it  gave  us  his  name  /   email  signature  etc.  which  could  be  used  to   create  another  fake  email  account  abusing   his  informa1on.  
  17. 17. SE:  Example   Cont’d     Crea1ng  a  fake  account  for  target  company   employee  Fred  
  18. 18. SE:  Example   Cont’d  •  The  en1re  email  is  forged  from  Fred,  but  it   appears  as  though  he  is  forwarding  on  an   email  –  which  is  made  to  look  like  it  came   from  a  real  employee.    •  Here  we  abuse  the  chain  of  trust.    •  The  email  encourages  users  to  go  to  a   Microsob  website  to  download  an  urgent   update  
  19. 19. SE:  Example   Cont’d       •  The  a]acker  has  downloaded  a  real  MS   update,  but  sneakily  inserted  some  hos1le   code  (The  “hot”  file).     •  This  is  hosted  on  a  fake  MS  website  (next   slide)  
  20. 20. SE:  Example   Cont’d     Looks  legit?  Almost  too  good  to  be  true.  
  21. 21. SE:  Example   Cont’d     •  Here  we  see  a  user  downloading  and   running  the  file-­‐  the  result  of  which  his  AV   being  killed,  a  screenshot  of  his  desktop   being  taken,  and  full  control  of  his  machine   given  to  the  a]acker.   •  Game  over.  
  22. 22.        Ques1ons  
  23. 23. Contact   Details  Name:  Yve]e  du  Toit  Email:    yve]e@sensepost.com  
  1. A particular slide catching your eye?

    Clipping is a handy way to collect important slides you want to go back to later.

×