Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.
Introduction to Penetration
Testing
Table of Contents
• Overview
• Enumeration
• Tool Output
• Do We Stop Here?
• Custom Scripts
• Wpscan
• Online Research
• ...
Overview
• This session will cover the mindset I follow
when approaching a web application
• I am going to show where many...
Overview Cont.
• Tools Leveraged:
– Nmap
– Whatweb
– Wpscan
– Wget
– Custom scripts
– Burp Suite
– Netcat
– Google
Methodology Overview
• Pre-Engagement Activities
– Hammer out all the details to conduct the test (Schedule,
Scoping, Rule...
Methodologies Cont.
• Penetration Testing Execution Standard
(PTES):
– http://www.pentest-
standard.org/index.php/Main_Page
Mindset is Key
• Think like an attacker and see things through a
different lens:
– Upload an avatar? Hmmm add code?
– Down...
Enumeration
• Nmap:
• WhatWeb:
Do We Stop Here?
• Hmmm?
Custom Scripts
• Web Application testing requires custom
scripting….really no way getting around it:
Custom Scripts Cont.
• Making web requests with a scripting language
isn’t too difficult
• Check out tutorials online and ...
Wpscan
• Wpscan:
Wpscan
• Do we stop here?
Wpscan : Plugin Enumeration
• Wpscan: --enumerate p
Online Research
Online Research Cont.
• Hmm, our web server doesn’t respond when
we request “/wordpress/wp/wp-content/”
• Do we stop here?
Testing Exploitation
• Yea, lets grap “/etc/passwd”
PHP LFI
• Cool, so we can LFI, do we stop now?
PHP LFI…Now What?
• What can be done with a PHP LFI?
• It depends on what function is leading to the LFI
vulnerability (in...
Code Execution? Yes, Please!
Code Execution? Yes, Please!
• Request:
Demo
Summary
• Tools may not give you the answer
• Very easy to hit a hurdle and quit
• You need to be curious/creative and
con...
Upcoming SlideShare
Loading in …5
×

Introduction to Penetration Testing

9,070 views

Published on

Introduction to Penetration Testing with a use case of LFI -> Shell. I talk about the mindset required to be a good tester, and show places many testers and automated tools stop and how to go further.

Published in: Technology
  • DOWNLOAD THAT BOOKS INTO AVAILABLE FORMAT (2019 Update) ......................................................................................................................... ......................................................................................................................... Download Full PDF EBOOK here { http://bit.ly/2m6jJ5M } ......................................................................................................................... Download Full EPUB Ebook here { http://bit.ly/2m6jJ5M } ......................................................................................................................... Download Full doc Ebook here { http://bit.ly/2m6jJ5M } ......................................................................................................................... Download PDF EBOOK here { http://bit.ly/2m6jJ5M } ......................................................................................................................... Download EPUB Ebook here { http://bit.ly/2m6jJ5M } ......................................................................................................................... Download doc Ebook here { http://bit.ly/2m6jJ5M } ......................................................................................................................... ......................................................................................................................... ................................................................................................................................... eBook is an electronic version of a traditional print book that can be read by using a personal computer or by using an eBook reader. (An eBook reader can be a software application for use on a computer such as Microsoft's free Reader application, or a book-sized computer that is used solely as a reading device such as Nuvomedia's Rocket eBook.) Users can purchase an eBook on diskette or CD, but the most popular method of getting an eBook is to purchase a downloadable file of the eBook (or other reading material) from a Web site (such as Barnes and Noble) to be read from the user's computer or reading device. Generally, an eBook can be downloaded in five minutes or less ......................................................................................................................... .............. Browse by Genre Available eBooks .............................................................................................................................. Art, Biography, Business, Chick Lit, Children's, Christian, Classics, Comics, Contemporary, Cookbooks, Manga, Memoir, Music, Mystery, Non Fiction, Paranormal, Philosophy, Poetry, Psychology, Religion, Romance, Science, Science Fiction, Self Help, Suspense, Spirituality, Sports, Thriller, Travel, Young Adult, Crime, Ebooks, Fantasy, Fiction, Graphic Novels, Historical Fiction, History, Horror, Humor And Comedy, ......................................................................................................................... ......................................................................................................................... .....BEST SELLER FOR EBOOK RECOMMEND............................................................. ......................................................................................................................... Blowout: Corrupted Democracy, Rogue State Russia, and the Richest, Most Destructive Industry on Earth,-- The Ride of a Lifetime: Lessons Learned from 15 Years as CEO of the Walt Disney Company,-- Call Sign Chaos: Learning to Lead,-- StrengthsFinder 2.0,-- Stillness Is the Key,-- She Said: Breaking the Sexual Harassment Story That Helped Ignite a Movement,-- Atomic Habits: An Easy & Proven Way to Build Good Habits & Break Bad Ones,-- Everything Is Figureoutable,-- What It Takes: Lessons in the Pursuit of Excellence,-- Rich Dad Poor Dad: What the Rich Teach Their Kids About Money That the Poor and Middle Class Do Not!,-- The Total Money Makeover: Classic Edition: A Proven Plan for Financial Fitness,-- Shut Up and Listen!: Hard Business Truths that Will Help You Succeed, ......................................................................................................................... .........................................................................................................................
       Reply 
    Are you sure you want to  Yes  No
    Your message goes here
  • DOWNLOAD THAT BOOKS INTO AVAILABLE FORMAT (2019 Update) ......................................................................................................................... ......................................................................................................................... Download Full PDF EBOOK here { http://bit.ly/2m77EgH } ......................................................................................................................... Download Full EPUB Ebook here { http://bit.ly/2m77EgH } ......................................................................................................................... Download Full doc Ebook here { http://bit.ly/2m77EgH } ......................................................................................................................... Download PDF EBOOK here { http://bit.ly/2m77EgH } ......................................................................................................................... Download EPUB Ebook here { http://bit.ly/2m77EgH } ......................................................................................................................... Download doc Ebook here { http://bit.ly/2m77EgH } ......................................................................................................................... ......................................................................................................................... ................................................................................................................................... eBook is an electronic version of a traditional print book that can be read by using a personal computer or by using an eBook reader. (An eBook reader can be a software application for use on a computer such as Microsoft's free Reader application, or a book-sized computer that is used solely as a reading device such as Nuvomedia's Rocket eBook.) Users can purchase an eBook on diskette or CD, but the most popular method of getting an eBook is to purchase a downloadable file of the eBook (or other reading material) from a Web site (such as Barnes and Noble) to be read from the user's computer or reading device. Generally, an eBook can be downloaded in five minutes or less ......................................................................................................................... .............. Browse by Genre Available eBooks .............................................................................................................................. Art, Biography, Business, Chick Lit, Children's, Christian, Classics, Comics, Contemporary, Cookbooks, Manga, Memoir, Music, Mystery, Non Fiction, Paranormal, Philosophy, Poetry, Psychology, Religion, Romance, Science, Science Fiction, Self Help, Suspense, Spirituality, Sports, Thriller, Travel, Young Adult, Crime, Ebooks, Fantasy, Fiction, Graphic Novels, Historical Fiction, History, Horror, Humor And Comedy, ......................................................................................................................... ......................................................................................................................... .....BEST SELLER FOR EBOOK RECOMMEND............................................................. ......................................................................................................................... Blowout: Corrupted Democracy, Rogue State Russia, and the Richest, Most Destructive Industry on Earth,-- The Ride of a Lifetime: Lessons Learned from 15 Years as CEO of the Walt Disney Company,-- Call Sign Chaos: Learning to Lead,-- StrengthsFinder 2.0,-- Stillness Is the Key,-- She Said: Breaking the Sexual Harassment Story That Helped Ignite a Movement,-- Atomic Habits: An Easy & Proven Way to Build Good Habits & Break Bad Ones,-- Everything Is Figureoutable,-- What It Takes: Lessons in the Pursuit of Excellence,-- Rich Dad Poor Dad: What the Rich Teach Their Kids About Money That the Poor and Middle Class Do Not!,-- The Total Money Makeover: Classic Edition: A Proven Plan for Financial Fitness,-- Shut Up and Listen!: Hard Business Truths that Will Help You Succeed, ......................................................................................................................... .........................................................................................................................
       Reply 
    Are you sure you want to  Yes  No
    Your message goes here
  • DOWNLOAD THAT BOOKS INTO AVAILABLE FORMAT (2019 Update) ......................................................................................................................... ......................................................................................................................... Download Full PDF EBOOK here { http://bit.ly/2m77EgH } ......................................................................................................................... Download Full EPUB Ebook here { http://bit.ly/2m77EgH } ......................................................................................................................... Download Full doc Ebook here { http://bit.ly/2m77EgH } ......................................................................................................................... Download PDF EBOOK here { http://bit.ly/2m77EgH } ......................................................................................................................... Download EPUB Ebook here { http://bit.ly/2m77EgH } ......................................................................................................................... Download doc Ebook here { http://bit.ly/2m77EgH } ......................................................................................................................... ......................................................................................................................... ................................................................................................................................... eBook is an electronic version of a traditional print book that can be read by using a personal computer or by using an eBook reader. (An eBook reader can be a software application for use on a computer such as Microsoft's free Reader application, or a book-sized computer that is used solely as a reading device such as Nuvomedia's Rocket eBook.) Users can purchase an eBook on diskette or CD, but the most popular method of getting an eBook is to purchase a downloadable file of the eBook (or other reading material) from a Web site (such as Barnes and Noble) to be read from the user's computer or reading device. Generally, an eBook can be downloaded in five minutes or less ......................................................................................................................... .............. Browse by Genre Available eBooks .............................................................................................................................. Art, Biography, Business, Chick Lit, Children's, Christian, Classics, Comics, Contemporary, Cookbooks, Manga, Memoir, Music, Mystery, Non Fiction, Paranormal, Philosophy, Poetry, Psychology, Religion, Romance, Science, Science Fiction, Self Help, Suspense, Spirituality, Sports, Thriller, Travel, Young Adult, Crime, Ebooks, Fantasy, Fiction, Graphic Novels, Historical Fiction, History, Horror, Humor And Comedy, ......................................................................................................................... ......................................................................................................................... .....BEST SELLER FOR EBOOK RECOMMEND............................................................. ......................................................................................................................... Blowout: Corrupted Democracy, Rogue State Russia, and the Richest, Most Destructive Industry on Earth,-- The Ride of a Lifetime: Lessons Learned from 15 Years as CEO of the Walt Disney Company,-- Call Sign Chaos: Learning to Lead,-- StrengthsFinder 2.0,-- Stillness Is the Key,-- She Said: Breaking the Sexual Harassment Story That Helped Ignite a Movement,-- Atomic Habits: An Easy & Proven Way to Build Good Habits & Break Bad Ones,-- Everything Is Figureoutable,-- What It Takes: Lessons in the Pursuit of Excellence,-- Rich Dad Poor Dad: What the Rich Teach Their Kids About Money That the Poor and Middle Class Do Not!,-- The Total Money Makeover: Classic Edition: A Proven Plan for Financial Fitness,-- Shut Up and Listen!: Hard Business Truths that Will Help You Succeed, ......................................................................................................................... .........................................................................................................................
       Reply 
    Are you sure you want to  Yes  No
    Your message goes here

Introduction to Penetration Testing

  1. 1. Introduction to Penetration Testing
  2. 2. Table of Contents • Overview • Enumeration • Tool Output • Do We Stop Here? • Custom Scripts • Wpscan • Online Research • Testing Exploitation • PHP LFI • Code Execution, Yes Please!
  3. 3. Overview • This session will cover the mindset I follow when approaching a web application • I am going to show where many might stop, and what happens when you push further • These types of techniques can be applied to any web application
  4. 4. Overview Cont. • Tools Leveraged: – Nmap – Whatweb – Wpscan – Wget – Custom scripts – Burp Suite – Netcat – Google
  5. 5. Methodology Overview • Pre-Engagement Activities – Hammer out all the details to conduct the test (Schedule, Scoping, Rules of Engagement, Formal Permission, etc.) • Information Gathering and Reconnaissance – Depends on type of test and information you are given (Organization name, CIDR, list of URLs, source code, etc.) • Automated Testing • Manual Testing and Validation • Reporting • Remediation Support
  6. 6. Methodologies Cont. • Penetration Testing Execution Standard (PTES): – http://www.pentest- standard.org/index.php/Main_Page
  7. 7. Mindset is Key • Think like an attacker and see things through a different lens: – Upload an avatar? Hmmm add code? – Download a report? Hmm directory traversal for another file? • Confidence – Without it you’ll very easily hit a wall and stop – I tell myself a vulnerability is here I just need to find it
  8. 8. Enumeration • Nmap: • WhatWeb:
  9. 9. Do We Stop Here? • Hmmm?
  10. 10. Custom Scripts • Web Application testing requires custom scripting….really no way getting around it:
  11. 11. Custom Scripts Cont. • Making web requests with a scripting language isn’t too difficult • Check out tutorials online and try to automate web requests • Making a tool for CVE-2012-1823 is a good use case because you need to make a POST request and modify several header values – If you can write a tool for this CVE, it demonstrates concepts that can be applied to many different CVEs
  12. 12. Wpscan • Wpscan:
  13. 13. Wpscan • Do we stop here?
  14. 14. Wpscan : Plugin Enumeration • Wpscan: --enumerate p
  15. 15. Online Research
  16. 16. Online Research Cont. • Hmm, our web server doesn’t respond when we request “/wordpress/wp/wp-content/” • Do we stop here?
  17. 17. Testing Exploitation • Yea, lets grap “/etc/passwd”
  18. 18. PHP LFI • Cool, so we can LFI, do we stop now?
  19. 19. PHP LFI…Now What? • What can be done with a PHP LFI? • It depends on what function is leading to the LFI vulnerability (include(), readfile(), etc.) • PHP functions like include() will execute PHP code in the included file – Yay code execution through php snippets! • PHP functions like readfile() will only display output – We have more work to do 
  20. 20. Code Execution? Yes, Please!
  21. 21. Code Execution? Yes, Please! • Request:
  22. 22. Demo
  23. 23. Summary • Tools may not give you the answer • Very easy to hit a hurdle and quit • You need to be curious/creative and constantly push to get more information • Confidence and mindset goes a long way

×