Just as a good chess player thinks five moves ahead, a great penetration tester should be able to visualize their attack in order to compromise high-value targets. This presentation will explore how a penetration tester can learn to leverage attack chaining for maximum impact. A penetration test is supposed to be a simulation of a real-world attack. Real-world attackers do not use expensive automated tools or a checklist. Nor do they use a single technique or exploit to compromise a target. More commonly they combine several techniques, vulnerabilities, and exploits to create a “chained” attack that achieves a malicious goal. Chained attacks are far more complex and far more difficult to defend against. We want to explore how application vulnerabilities relate to one another and build a mind map that guides penetration testers through various attack scenarios. Prepare to be blown away on this roller coaster ride with real-world examples of massive compromises. If you are not a thrill seeker, this presentation may leave you a bit queasy.
8. Pen Testing Scenario
• Web application penetration test
• Cloud-based infrastructure hosts multiple
sites
• Out-sourced PHP development to many
contractors
• Determine attackers ability to
compromise PII or infrastructure
8
43. Cost of Amazon Cloud Compromise
CRI TICAL EXPOSURE
1. Found 8 Amazon Secret Keys to access Amazon S3
2. Found that 2 of the 8 have administrator access to
Amazon EC2
3. Attacker launches 100 Extra Large Clusters
$1,049,000
43
44. Take Them Off The Web
CRI TICAL EXPOSURE
1. Found 8 Amazon Secret Keys to access Amazon S3
2. Found that 2 of the 8 have administrator access to
Amazon EC2
3. Attacker shuts down and deletes all servers and
backups permanently
PRICELESS 44