Penetration testing and social engineering
Upcoming SlideShare
Loading in...5
×
 

Penetration testing and social engineering

on

  • 1,283 views

Presentation by Yvette du Toit to the University Of Pretoria's honors class of 2011. ...

Presentation by Yvette du Toit to the University Of Pretoria's honors class of 2011.

This presentation is about penetration testing and social engineering. A walkthrough of a social engineering attack is given in this presentation

Statistics

Views

Total Views
1,283
Views on SlideShare
1,045
Embed Views
238

Actions

Likes
0
Downloads
23
Comments
0

9 Embeds 238

http://www.sensepost.com 164
http://research.sensepost.com 46
http://sensepost.com 13
http://localhost 8
http://www.sensepost.co.za 3
http://translate.googleusercontent.com 1
http://www.sensepost.co.uk 1
http://www.hackrack.com 1
http://newwww.sensepost.com 1
More...

Accessibility

Upload Details

Uploaded via as Adobe PDF

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

Penetration testing and social engineering Penetration testing and social engineering Presentation Transcript

  • What  will  we   do  today?    •  Penetra1on  Tes1ng   discussion   •  Non-­‐tech  view   –  Types  of  services   –  Dark  side?  •  Social  Engineering   •  Interac1ve   –  Real-­‐life  examples    
  • Penetra1on   Tes1ng      •  What?   –  Rude  word……   –  What  do  you  think?  
  • Breakdown    •  Build  Review   •  WLAN  •  Infrastructure   •  Database  •  Applica1on   •  AD  •  Code  Review  •  Reverse  Engineering  •  MVS  (PCI,  Int,  Ext  etc)  
  • Ops  J    •  Client  discussions   •  Report  •  Proposal   •  Invoice  •  Acceptance  /  PO  •  Rest  of  paperwork   (SOW  et  al)  •  Resources  /  Schedule  •  Delivery  
  • Oops    L    •  What  can  go  wrong?   –  DoS   –  Wrong  scope   –  Mis-­‐match  resources   –  Dissa1sfied  clients   –  Non-­‐payment  
  • Social   Engineering   (SE)    •  Art  of  decep1on?   –  Manipula1on   –  Disclosure  •  What  do  you  see  as  SE?   –  Examples  
  • SE:  Anatomy    •  Agree  scope   –  What  is  in?   –  What  is  out?  MAKE  THIS  VERY  CLEAR  •  Reconnaissance   –  Onsite   –  Web   –  News  
  • SE:  Anatomy   Cont’d    •  Plan  based  on  reconnaissance   –  Approximate  idea  of  execu1on   –  Poten1al  back-­‐up  plans  of  delivery  failure   –  Changing  course  based  on  scenario  
  • SE:   Characteris1cs     &  Tools     CHARACTERISTICS   TOOLS  •  Guts   •  Internet  •  Keep  calm   •  Google  Earth  •  Think  on  your  feet   •  Charm  •  Change  tac1cs  whilst   •  Manners   keeping  your  wits   •  Gadgets  (phone,   about  you   camera)        
  • SE:   Outcome  /   Results  •  Report  •  Evidence  (MOST  IMPORTANT)      
  • SE:  Example  •  Crea1ng  a  fake  email  account  with  a  real   person’s  name.    •  Ellen  belongs  to  a  company  loosely   affiliated  with  the  target.  
  • SE:  Example   Cont’d  •  Sending  an  email  from  “Ellen”  to  many   hundreds  of  employees  of  the  target   company.    •  The  email  contents  is  based  on  a  real  event   that  the  target  company  held  (gleaned  from   their  news  website).    •  The  email  encourages  people  to  visit  a   website,  which  appears  to  be  legi1mate.    
  • SE:  Example   Cont’d     •  The  website  is  a  duplicate  of  the  target   company  website,  with  a  few  minor   modifica1ons  to  go  along  with  the  farcical   story  from  the  email.     •  The  page  a]empts  to  run  a  Java  applet   (next  slide).  
  • SE:  Example   Cont’d     •  Should  the  user  click  yes  to  running  the   applet  from  the  site,  some  hos1le  Java  will   execute  which  will  compromise  the   machine,  and  give  the  a]acker  full  control   (as  in  next  slide)  
  • SE:  Example   Cont’d     •  Pwnd  ;)     •  Logs  of  people  visi1ng  the  site  
  • SE:  Example   Cont’d  •  Oddly  enough,  a  real  employee  (Fred)   replied  to  the  a]acker  with  real  comments   about  the  site.    •  This  was  useful  as  it  gave  us  his  name  /   email  signature  etc.  which  could  be  used  to   create  another  fake  email  account  abusing   his  informa1on.  
  • SE:  Example   Cont’d     Crea1ng  a  fake  account  for  target  company   employee  Fred  
  • SE:  Example   Cont’d  •  The  en1re  email  is  forged  from  Fred,  but  it   appears  as  though  he  is  forwarding  on  an   email  –  which  is  made  to  look  like  it  came   from  a  real  employee.    •  Here  we  abuse  the  chain  of  trust.    •  The  email  encourages  users  to  go  to  a   Microsob  website  to  download  an  urgent   update  
  • SE:  Example   Cont’d       •  The  a]acker  has  downloaded  a  real  MS   update,  but  sneakily  inserted  some  hos1le   code  (The  “hot”  file).     •  This  is  hosted  on  a  fake  MS  website  (next   slide)  
  • SE:  Example   Cont’d     Looks  legit?  Almost  too  good  to  be  true.  
  • SE:  Example   Cont’d     •  Here  we  see  a  user  downloading  and   running  the  file-­‐  the  result  of  which  his  AV   being  killed,  a  screenshot  of  his  desktop   being  taken,  and  full  control  of  his  machine   given  to  the  a]acker.   •  Game  over.  
  •        Ques1ons  
  • Contact   Details  Name:  Yve]e  du  Toit  Email:    yve]e@sensepost.com