Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Ethical hacking: Conceitos básicos de Testes de penetração

0 views

Published on

Apresentação utilizada no minicurso que ministrei durante o II Fórum Tocantinense de Tecnologia da Informação do mestrado em Modelagem computacional da Universidade Federal do Tocantins, que aconteceu no dia 20 de novembro de 2014 em Palmas-TO.

Published in: Technology
  • DOWNLOAD THIS BOOKS INTO AVAILABLE FORMAT (2019 Update) ......................................................................................................................... ......................................................................................................................... Download Full PDF EBOOK here { https://soo.gd/irt2 } ......................................................................................................................... Download Full EPUB Ebook here { https://soo.gd/irt2 } ......................................................................................................................... Download Full doc Ebook here { https://soo.gd/irt2 } ......................................................................................................................... Download PDF EBOOK here { https://soo.gd/irt2 } ......................................................................................................................... Download EPUB Ebook here { https://soo.gd/irt2 } ......................................................................................................................... Download doc Ebook here { https://soo.gd/irt2 } ......................................................................................................................... ......................................................................................................................... ................................................................................................................................... eBook is an electronic version of a traditional print book THIS can be read by using a personal computer or by using an eBook reader. (An eBook reader can be a software application for use on a computer such as Microsoft's free Reader application, or a book-sized computer THIS is used solely as a reading device such as Nuvomedia's Rocket eBook.) Users can purchase an eBook on diskette or CD, but the most popular method of getting an eBook is to purchase a downloadable file of the eBook (or other reading material) from a Web site (such as Barnes and Noble) to be read from the user's computer or reading device. Generally, an eBook can be downloaded in five minutes or less ......................................................................................................................... .............. Browse by Genre Available eBooks .............................................................................................................................. Art, Biography, Business, Chick Lit, Children's, Christian, Classics, Comics, Contemporary, Cookbooks, Manga, Memoir, Music, Mystery, Non Fiction, Paranormal, Philosophy, Poetry, Psychology, Religion, Romance, Science, Science Fiction, Self Help, Suspense, Spirituality, Sports, Thriller, Travel, Young Adult, Crime, Ebooks, Fantasy, Fiction, Graphic Novels, Historical Fiction, History, Horror, Humor And Comedy, ......................................................................................................................... ......................................................................................................................... .....BEST SELLER FOR EBOOK RECOMMEND............................................................. ......................................................................................................................... Blowout: Corrupted Democracy, Rogue State Russia, and the Richest, Most Destructive Industry on Earth,-- The Ride of a Lifetime: Lessons Learned from 15 Years as CEO of the Walt Disney Company,-- Call Sign Chaos: Learning to Lead,-- StrengthsFinder 2.0,-- Stillness Is the Key,-- She Said: Breaking the Sexual Harassment Story THIS Helped Ignite a Movement,-- Atomic Habits: An Easy & Proven Way to Build Good Habits & Break Bad Ones,-- Everything Is Figureoutable,-- What It Takes: Lessons in the Pursuit of Excellence,-- Rich Dad Poor Dad: What the Rich Teach Their Kids About Money THIS the Poor and Middle Class Do Not!,-- The Total Money Makeover: Classic Edition: A Proven Plan for Financial Fitness,-- Shut Up and Listen!: Hard Business Truths THIS Will Help You Succeed, ......................................................................................................................... .........................................................................................................................
       Reply 
    Are you sure you want to  Yes  No
    Your message goes here
  • DOWNLOAD THIS BOOKS INTO AVAILABLE FORMAT (Unlimited) ......................................................................................................................... ......................................................................................................................... Download Full PDF EBOOK here { https://soo.gd/qURD } ......................................................................................................................... Download Full EPUB Ebook here { https://soo.gd/qURD } ......................................................................................................................... Download Full doc Ebook here { https://soo.gd/qURD } ......................................................................................................................... Download PDF EBOOK here { https://soo.gd/qURD } ......................................................................................................................... Download EPUB Ebook here { https://soo.gd/qURD } ......................................................................................................................... Download doc Ebook here { https://soo.gd/qURD } ......................................................................................................................... ......................................................................................................................... ................................................................................................................................... eBook is an electronic version of a traditional print book THIS can be read by using a personal computer or by using an eBook reader. (An eBook reader can be a software application for use on a computer such as Microsoft's free Reader application, or a book-sized computer THIS is used solely as a reading device such as Nuvomedia's Rocket eBook.) Users can purchase an eBook on diskette or CD, but the most popular method of getting an eBook is to purchase a downloadable file of the eBook (or other reading material) from a Web site (such as Barnes and Noble) to be read from the user's computer or reading device. Generally, an eBook can be downloaded in five minutes or less ......................................................................................................................... .............. Browse by Genre Available eBooks .............................................................................................................................. Art, Biography, Business, Chick Lit, Children's, Christian, Classics, Comics, Contemporary, Cookbooks, Manga, Memoir, Music, Mystery, Non Fiction, Paranormal, Philosophy, Poetry, Psychology, Religion, Romance, Science, Science Fiction, Self Help, Suspense, Spirituality, Sports, Thriller, Travel, Young Adult, Crime, Ebooks, Fantasy, Fiction, Graphic Novels, Historical Fiction, History, Horror, Humor And Comedy, ......................................................................................................................... ......................................................................................................................... .....BEST SELLER FOR EBOOK RECOMMEND............................................................. ......................................................................................................................... Blowout: Corrupted Democracy, Rogue State Russia, and the Richest, Most Destructive Industry on Earth,-- The Ride of a Lifetime: Lessons Learned from 15 Years as CEO of the Walt Disney Company,-- Call Sign Chaos: Learning to Lead,-- StrengthsFinder 2.0,-- Stillness Is the Key,-- She Said: Breaking the Sexual Harassment Story THIS Helped Ignite a Movement,-- Atomic Habits: An Easy & Proven Way to Build Good Habits & Break Bad Ones,-- Everything Is Figureoutable,-- What It Takes: Lessons in the Pursuit of Excellence,-- Rich Dad Poor Dad: What the Rich Teach Their Kids About Money THIS the Poor and Middle Class Do Not!,-- The Total Money Makeover: Classic Edition: A Proven Plan for Financial Fitness,-- Shut Up and Listen!: Hard Business Truths THIS Will Help You Succeed, ......................................................................................................................... .........................................................................................................................
       Reply 
    Are you sure you want to  Yes  No
    Your message goes here
  • DOWNLOAD THIS BOOKS INTO AVAILABLE FORMAT (2019 Update) ......................................................................................................................... ......................................................................................................................... Download Full PDF EBOOK here { https://soo.gd/irt2 } ......................................................................................................................... Download Full EPUB Ebook here { https://soo.gd/irt2 } ......................................................................................................................... Download Full doc Ebook here { https://soo.gd/irt2 } ......................................................................................................................... Download PDF EBOOK here { https://soo.gd/irt2 } ......................................................................................................................... Download EPUB Ebook here { https://soo.gd/irt2 } ......................................................................................................................... Download doc Ebook here { https://soo.gd/irt2 } ......................................................................................................................... ......................................................................................................................... ................................................................................................................................... eBook is an electronic version of a traditional print book THIS can be read by using a personal computer or by using an eBook reader. (An eBook reader can be a software application for use on a computer such as Microsoft's free Reader application, or a book-sized computer THIS is used solely as a reading device such as Nuvomedia's Rocket eBook.) Users can purchase an eBook on diskette or CD, but the most popular method of getting an eBook is to purchase a downloadable file of the eBook (or other reading material) from a Web site (such as Barnes and Noble) to be read from the user's computer or reading device. Generally, an eBook can be downloaded in five minutes or less ......................................................................................................................... .............. Browse by Genre Available eBooks .............................................................................................................................. Art, Biography, Business, Chick Lit, Children's, Christian, Classics, Comics, Contemporary, Cookbooks, Manga, Memoir, Music, Mystery, Non Fiction, Paranormal, Philosophy, Poetry, Psychology, Religion, Romance, Science, Science Fiction, Self Help, Suspense, Spirituality, Sports, Thriller, Travel, Young Adult, Crime, Ebooks, Fantasy, Fiction, Graphic Novels, Historical Fiction, History, Horror, Humor And Comedy, ......................................................................................................................... ......................................................................................................................... .....BEST SELLER FOR EBOOK RECOMMEND............................................................. ......................................................................................................................... Blowout: Corrupted Democracy, Rogue State Russia, and the Richest, Most Destructive Industry on Earth,-- The Ride of a Lifetime: Lessons Learned from 15 Years as CEO of the Walt Disney Company,-- Call Sign Chaos: Learning to Lead,-- StrengthsFinder 2.0,-- Stillness Is the Key,-- She Said: Breaking the Sexual Harassment Story THIS Helped Ignite a Movement,-- Atomic Habits: An Easy & Proven Way to Build Good Habits & Break Bad Ones,-- Everything Is Figureoutable,-- What It Takes: Lessons in the Pursuit of Excellence,-- Rich Dad Poor Dad: What the Rich Teach Their Kids About Money THIS the Poor and Middle Class Do Not!,-- The Total Money Makeover: Classic Edition: A Proven Plan for Financial Fitness,-- Shut Up and Listen!: Hard Business Truths THIS Will Help You Succeed, ......................................................................................................................... .........................................................................................................................
       Reply 
    Are you sure you want to  Yes  No
    Your message goes here
  • DOWNLOAD THIS BOOKS INTO AVAILABLE FORMAT (Unlimited) ......................................................................................................................... ......................................................................................................................... Download Full PDF EBOOK here { https://soo.gd/qURD } ......................................................................................................................... Download Full EPUB Ebook here { https://soo.gd/qURD } ......................................................................................................................... Download Full doc Ebook here { https://soo.gd/qURD } ......................................................................................................................... Download PDF EBOOK here { https://soo.gd/qURD } ......................................................................................................................... Download EPUB Ebook here { https://soo.gd/qURD } ......................................................................................................................... Download doc Ebook here { https://soo.gd/qURD } ......................................................................................................................... ......................................................................................................................... ................................................................................................................................... eBook is an electronic version of a traditional print book THIS can be read by using a personal computer or by using an eBook reader. (An eBook reader can be a software application for use on a computer such as Microsoft's free Reader application, or a book-sized computer THIS is used solely as a reading device such as Nuvomedia's Rocket eBook.) Users can purchase an eBook on diskette or CD, but the most popular method of getting an eBook is to purchase a downloadable file of the eBook (or other reading material) from a Web site (such as Barnes and Noble) to be read from the user's computer or reading device. Generally, an eBook can be downloaded in five minutes or less ......................................................................................................................... .............. Browse by Genre Available eBooks .............................................................................................................................. Art, Biography, Business, Chick Lit, Children's, Christian, Classics, Comics, Contemporary, Cookbooks, Manga, Memoir, Music, Mystery, Non Fiction, Paranormal, Philosophy, Poetry, Psychology, Religion, Romance, Science, Science Fiction, Self Help, Suspense, Spirituality, Sports, Thriller, Travel, Young Adult, Crime, Ebooks, Fantasy, Fiction, Graphic Novels, Historical Fiction, History, Horror, Humor And Comedy, ......................................................................................................................... ......................................................................................................................... .....BEST SELLER FOR EBOOK RECOMMEND............................................................. ......................................................................................................................... Blowout: Corrupted Democracy, Rogue State Russia, and the Richest, Most Destructive Industry on Earth,-- The Ride of a Lifetime: Lessons Learned from 15 Years as CEO of the Walt Disney Company,-- Call Sign Chaos: Learning to Lead,-- StrengthsFinder 2.0,-- Stillness Is the Key,-- She Said: Breaking the Sexual Harassment Story THIS Helped Ignite a Movement,-- Atomic Habits: An Easy & Proven Way to Build Good Habits & Break Bad Ones,-- Everything Is Figureoutable,-- What It Takes: Lessons in the Pursuit of Excellence,-- Rich Dad Poor Dad: What the Rich Teach Their Kids About Money THIS the Poor and Middle Class Do Not!,-- The Total Money Makeover: Classic Edition: A Proven Plan for Financial Fitness,-- Shut Up and Listen!: Hard Business Truths THIS Will Help You Succeed, ......................................................................................................................... .........................................................................................................................
       Reply 
    Are you sure you want to  Yes  No
    Your message goes here
  • DOWNLOAD THIS BOOKS INTO AVAILABLE FORMAT (2019 Update) ......................................................................................................................... ......................................................................................................................... Download Full PDF EBOOK here { https://soo.gd/irt2 } ......................................................................................................................... Download Full EPUB Ebook here { https://soo.gd/irt2 } ......................................................................................................................... Download Full doc Ebook here { https://soo.gd/irt2 } ......................................................................................................................... Download PDF EBOOK here { https://soo.gd/irt2 } ......................................................................................................................... Download EPUB Ebook here { https://soo.gd/irt2 } ......................................................................................................................... Download doc Ebook here { https://soo.gd/irt2 } ......................................................................................................................... ......................................................................................................................... ................................................................................................................................... eBook is an electronic version of a traditional print book THIS can be read by using a personal computer or by using an eBook reader. (An eBook reader can be a software application for use on a computer such as Microsoft's free Reader application, or a book-sized computer THIS is used solely as a reading device such as Nuvomedia's Rocket eBook.) Users can purchase an eBook on diskette or CD, but the most popular method of getting an eBook is to purchase a downloadable file of the eBook (or other reading material) from a Web site (such as Barnes and Noble) to be read from the user's computer or reading device. Generally, an eBook can be downloaded in five minutes or less ......................................................................................................................... .............. Browse by Genre Available eBooks .............................................................................................................................. Art, Biography, Business, Chick Lit, Children's, Christian, Classics, Comics, Contemporary, Cookbooks, Manga, Memoir, Music, Mystery, Non Fiction, Paranormal, Philosophy, Poetry, Psychology, Religion, Romance, Science, Science Fiction, Self Help, Suspense, Spirituality, Sports, Thriller, Travel, Young Adult, Crime, Ebooks, Fantasy, Fiction, Graphic Novels, Historical Fiction, History, Horror, Humor And Comedy, ......................................................................................................................... ......................................................................................................................... .....BEST SELLER FOR EBOOK RECOMMEND............................................................. ......................................................................................................................... Blowout: Corrupted Democracy, Rogue State Russia, and the Richest, Most Destructive Industry on Earth,-- The Ride of a Lifetime: Lessons Learned from 15 Years as CEO of the Walt Disney Company,-- Call Sign Chaos: Learning to Lead,-- StrengthsFinder 2.0,-- Stillness Is the Key,-- She Said: Breaking the Sexual Harassment Story THIS Helped Ignite a Movement,-- Atomic Habits: An Easy & Proven Way to Build Good Habits & Break Bad Ones,-- Everything Is Figureoutable,-- What It Takes: Lessons in the Pursuit of Excellence,-- Rich Dad Poor Dad: What the Rich Teach Their Kids About Money THIS the Poor and Middle Class Do Not!,-- The Total Money Makeover: Classic Edition: A Proven Plan for Financial Fitness,-- Shut Up and Listen!: Hard Business Truths THIS Will Help You Succeed, ......................................................................................................................... .........................................................................................................................
       Reply 
    Are you sure you want to  Yes  No
    Your message goes here

Ethical hacking: Conceitos básicos de Testes de penetração

  1. 1. Ethical Hacking Conceitos básicos de Testes de penetração CClleeóórrbbeettee SSaannttooss -- wwwwww..cclleeoorrbbeettee..ccoomm
  2. 2. Quem sou eu? - Analista de Sistemas formado no Instituto Federal do Tocantins; - Pós-graduado em Segurança da Informação pela União Latino-americana de Tecnologia; - Acadêmico de Direito na Universidade Federal do Tocantins; - Capacitado por instituições nacionais e internacionais como a Universidade de São Paulo, Fundação Getúlio Vargas e DoD – US Department of Defense; - Instrutor na modalidade presencial e à distância de cursos de Direito, Java, Grails e Ethical Hacking; - Instrutor do curso de Segurança da Informação da ESMAT - Escola Superior da Magistratura Tocantinense; - Ex-membro da equipe de desenvolvimento do PJe – Processo Judicial Eletrônico do Tribunal Superior Eleitoral; - Autor do livro “Muito além do antivírus”; - Servidor do quadro de Tecnologia da Informação da Justiça Eleitoral; - Palestrante; - Instrutor internacional (em andamento...); Cleórbete SSaannttooss -- wwwwww..cclleeoorrbbeettee..ccoomm
  3. 3. PARTE I TEORIA Cleórbete SSaannttooss -- wwwwww..cclleeoorrbbeettee..ccoomm
  4. 4. O que é Segurança da Informação? CClleeóórrbbeettee SSaannttooss -- wwwwww..cclleeoorrbbeettee..ccoomm
  5. 5. Normas de SI - PCI DSS - Payment Card Industry Data Security Standard - HIPAA - Health Insurance Portability and Accountability Act - SOX - Sarbanes Oxley - NIST - National Institute of Standards and Technology - ISO 27000 Series - Lei Carolina Dieckmann - Marco Civil da Internet Cleórbete SSaannttooss -- wwwwww..cclleeoorrbbeettee..ccoomm
  6. 6. Princípios básicos de SI - Confidencialidade - Integridade - Disponibilidade Cleórbete SSaannttooss -- wwwwww..cclleeoorrbbeettee..ccoomm
  7. 7. Conceitos básicos de SI - Ativo - Ameaça - Vulnerabilidade - Risco - Contramedida Cleórbete SSaannttooss -- wwwwww..cclleeoorrbbeettee..ccoomm
  8. 8. Hackers (espécies) - White hats (Ethical hackers) - Black hats (Crackers) - Grey hats Cleórbete SSaannttooss -- wwwwww..cclleeoorrbbeettee..ccoomm
  9. 9. Pentest Pentest ou Penetration Testing é a simulação de ataques reais para a identificação de riscos associados a potenciais brechas de segurança (vulnerabilidades). Obs.: Os pentesters não somente descobrem vulnerabilidades, mas as exploram, para identificar quais ganhos seriam atingidos por potenciais atacantes em caso de sucesso na invasão. Cleórbete SSaannttooss -- wwwwww..cclleeoorrbbeettee..ccoomm
  10. 10. O que faz um pentester? Descobre vulnerabilidades relativas a: - Zero-day - Injection - Engenharia Social - Senhas vazadas/quebradas - Defacing - MitM - Etc Cleórbete SSaannttooss -- wwwwww..cclleeoorrbbeettee..ccoomm
  11. 11. Alguns tipos de Pentests: - Interno (Ex.: Insider) - Externo (Ex.: Via Web) - Controle de segurança física - Segurança de redes sem fio - Engenharia Social - Etc Cleórbete SSaannttooss -- wwwwww..cclleeoorrbbeettee..ccoomm
  12. 12. Fases de um Pentest: - Pré-compromisso (Pre-engagement); - Levantamento de informações (Information/Intelligence gathering); - Modelagem de ameaças (Threat modeling); - Análise de vulnerabilidades (Vulnerability analysis); - Exploração (Exploitation); - Pós-exploração (Post exploitation); - Geração do(s) relatório(s) (Reporting); Site: http://www.pentest-standard.org/index.php/Main_Page Cleórbete SSaannttooss -- wwwwww..cclleeoorrbbeettee..ccoomm
  13. 13. Fase de Pré-compromisso (Pre-engagement): - Acontece antes do teste; - Serve para alinhar o pensamento do pentester com o cliente; - É o momento onde todas as perguntas pertinentes devem ser feitas; Cleórbete SSaannttooss -- wwwwww..cclleeoorrbbeettee..ccoomm
  14. 14. Itens da fase de Pré-compromisso: - Definição do escopo; - Quando será a janela para o teste; - Quem deverá ser o contato do pentester na empresa; - Emissão do contrato (permissão para o teste); - Definição do preço a ser pago; Obs.: Incluir no contrato uma cláusula de confidencialidade; Cleórbete SSaannttooss -- wwwwww..cclleeoorrbbeettee..ccoomm
  15. 15. Fase de Levantamento de informações: É a obtenção de informações dos alvos definidos no escopo por meio de técnicas e ferramentas (port scan, por exemplo); Cleórbete SSaannttooss -- wwwwww..cclleeoorrbbeettee..ccoomm
  16. 16. Fase de Modelagem de ameaças: É o momento onde o pentester pensará como um atacante e definirá estratégias de invasão aos alvos definidos no escopo utilizando as informações obtidas na fase de Levantamento de informações; Cleórbete SSaannttooss -- wwwwww..cclleeoorrbbeettee..ccoomm
  17. 17. Fase de Análise de vulnerabilidades: É o momento no qual o pentester utilizará técnicas e ferramentas para descobrir as brechas de segurança nos alvos definidos no escopo do teste; Cleórbete SSaannttooss -- wwwwww..cclleeoorrbbeettee..ccoomm
  18. 18. Fase de Exploração: É o ataque propriamente dito, onde o pentester invadirá os alvos usando técnicas e ferramentas específicas para tal (metasploit, por exemplo); Cleórbete SSaannttooss -- wwwwww..cclleeoorrbbeettee..ccoomm
  19. 19. Fase de Pós-exploração: É onde o pentester definirá, a partir dos alvos invadidos com sucesso, o que é impactante para o cliente; Cleórbete SSaannttooss -- wwwwww..cclleeoorrbbeettee..ccoomm
  20. 20. Fase de Geração do(s) relatório(s): É a última fase de um teste de penetração, muito embora tão importante quanto as demais, pois é onde o pentester traduzirá o que aconteceu nas fases anteriores em texto inteligível para seu cliente (seja do setor técnico ou não). Por ser (ou dever ser) dividido em dois tipos: Executivo e Técnico. Cleórbete SSaannttooss -- wwwwww..cclleeoorrbbeettee..ccoomm
  21. 21. PARTE II PRÁTICA Cleórbete SSaannttooss -- wwwwww..cclleeoorrbbeettee..ccoomm
  22. 22. Criando o laboratório VMWare Player: http://www.vmware.com/ products/player/ (ou Virtualbox, etc) Kali Linux 1.0.6: http://www.kali.org/downloads/ Máquinas virtuais de S.O.'s diversos Cleórbete SSaannttooss -- wwwwww..cclleeoorrbbeettee..ccoomm
  23. 23. [FASE DE] Levantamento de informações OSINT - Opensource Intelligence Netcraft (www.netcraft.com) BuildWith (www.builtwith.com) Comando whois Comando nslookup Comando host host -t ns zoneedit.com theHarvester theharvester -d <site> -l 500 -b all Google Dorks (www.exploit-db.com/google-dorks/) Maltego (www.paterva.com) Cleórbete SSaannttooss -- wwwwww..cclleeoorrbbeettee..ccoomm
  24. 24. [FASE DE] Levantamento de informações Port Scannning manual (nc) nc -vv <ip> <porta> Port Scanning com nmap nmap -sS <ip_inicial>-<ip_final> -oA <arquivo> //Syn, Syn-Ack sem Ack [TCP] nmap -sV <ip_inicial>-<ip_final> -oA <arquivo> //Versão (com Ack) [TCP] nmap -sU <ip_inicial>-<ip_final> -oA <arquivo> // [UDP] nmap -sS -p <porta> <ip> //Porta específica Cleórbete SSaannttooss -- wwwwww..cclleeoorrbbeettee..ccoomm
  25. 25. [FASE DE] Modelagem de ameaças 1. Levantar informações sobre as ameaças; 2. Identificar e categorizar os ativos; 3. Identificar e categorizar as ameaças; 4. Mapear ameaças x ativos; Cleórbete SSaannttooss -- wwwwww..cclleeoorrbbeettee..ccoomm
  26. 26. [FASE DE] Análise de vulnerabilidades - Nessus (www.tenable.com) /etc/init.d/nessusd https://localhost:8834/ Policies / Basic Network Scan - NSE - Nmap Script Engine cd /usr/share/nmap/scripts nmap -sC <ip_inicial>-<ip_final> //Default script nmap --script-help nfs-ls nmap --script=nfs-ls <ip> //Monta compartilhamentos e exibe permissões - Sites de exploits www.securityfocus.com www. packetstormsecurity.org www.exploit-db.org www.cve.mitre. org Cleórbete SSaannttooss -- wwwwww..cclleeoorrbbeettee..ccoomm
  27. 27. Metasploit Framework É um framework de análise e exploração de vulnerabilidades atualmente pertencente à Rapid7 (www.rapid7.com). O metasploit possui um repositório de exploits que é atualizado por hackers do mundo inteiro, facilitando a vida de pentesters (e de black hats...). Cleórbete SSaannttooss -- wwwwww..cclleeoorrbbeettee..ccoomm
  28. 28. Encontrando um módulo do metasploit para uma vulnerabilidade encontrada http://www.rapid7.com/db/modules/ msf > search <aplicação> Cleórbete SSaannttooss -- wwwwww..cclleeoorrbbeettee..ccoomm
  29. 29. Metasploit Framework (Uso) /etc/init.d/postgresql start /etc/init.d/metasploit start msfconsole use <caminho/do/exploit> show options set <opções> check/exploit/run Cleórbete SSaannttooss -- wwwwww..cclleeoorrbbeettee..ccoomm
  30. 30. [FASE DE] Análise de vulnerabilidades [CONTINUAÇÃO] Metasploit Check Function msf > use windows/smb/ms08_067_netapi set RHOST <ip> check Obs.: Para atualizar a base de dados do Metasploit, use o comando "msfupdate". Cleórbete SSaannttooss -- wwwwww..cclleeoorrbbeettee..ccoomm
  31. 31. [FASE DE] Análise de vulnerabilidades [CONTINUAÇÃO] - DVWA - Damn Vulnerable Web Application - Nikto nikto -h <ip/url> Cleórbete SSaannttooss -- wwwwww..cclleeoorrbbeettee..ccoomm
  32. 32. [FASE DE] Exploração http://www.rapid7.com/db/modules/ http://www.rapid7.com/db/modules/exploit/windows/smb/ms08_http://www.rapid7.com/db/modules/exploit/windows/ftp/warftpd_Cleórbete SSaannttooss -- wwwwww..cclleeoorrbbeettee..ccoomm
  33. 33. Meterpreter Meterpreter é um payload disponível no Metasploit que utiliza a técnica de Reflective DLL Injection, que permite sua instanciação apenas na memória do servidor, evitando a criação de um novo processo que poderia ser detectado por IPS's e IDS's presentes; Obs.: Payload é o código que executará ações após a exploração de uma vulnerabilidade. Cleórbete SSaannttooss -- wwwwww..cclleeoorrbbeettee..ccoomm
  34. 34. Invadindo um alvo msfconsole use <caminho/do/exploit> show options set <opções> exploit Cleórbete SSaannttooss -- wwwwww..cclleeoorrbbeettee..ccoomm
  35. 35. Engenharia social Redes sociais Phishing, Spear phishing Spam, hoax Romance scan Telefone Dumpster diving Shoulder surfing Conversação Cleórbete SSaannttooss -- wwwwww..cclleeoorrbbeettee..ccoomm
  36. 36. Engenharia social SET - setoolkit Cleórbete SSaannttooss -- wwwwww..cclleeoorrbbeettee..ccoomm
  37. 37. Injection sqlmap --url <site><pagina>.php?id=1 -b sqlmap --url <site><pagina>.php?id=1 –current-db sqlmap --url <site><pagina>.php?id=1 -dbs sqlmap --url <site><pagina>.php?id=1 -D <banco> --tables Cleórbete SSaannttooss -- wwwwww..cclleeoorrbbeettee..ccoomm
  38. 38. [FASE DE] Pós-exploração Quebrando senhas - Comando hashdump do meterpreter - John The Ripper - Rainbow tables - Cloud Cracker (www.cloudcracker.com) Cleórbete SSaannttooss -- wwwwww..cclleeoorrbbeettee..ccoomm
  39. 39. [FASE DE] Geração do(s) relatório(s) - Executivo - Técnico Cleórbete SSaannttooss -- wwwwww..cclleeoorrbbeettee..ccoomm
  40. 40. OBRIGADO... CClleeóórrbbeettee SSaannttooss wwwwww..cclleeoorrbbeettee..ccoomm ffaacceebbooookk..ccoomm//cclleeoorrbbeettee

×