SlideShare a Scribd company logo

Country domination - Causing chaos and wrecking havoc

Download as PPTX, PDF
Tiago Henriques
Tiago Henriques

This document discusses using the search engine Shodan to find exposed devices and systems online. It provides example search queries that can be used on Shodan to find devices by port, banner contents, or country. It also discusses how information can be gathered from devices using SNMP and how Nmap can be used with Shodan search results to take screenshots of websites with no authentication. The document suggests some potentially concerning searches related to SCADA systems and critical infrastructure.

1 of 78
Country d0m1nat10n balgan@ptcoresec.eu
Who Am I ? Team Leader of these guise • Tiago Henriques • @balgan • 24 • BSc • MSc • CEH • CHFI file:///C:/Users/balga n/Downloads/11545_ • CISSP 192585389754_51359 • MCSA 9754_3020198_33334 • CISA 9_n.jpg • CISM Currently employed • CPT by these guise • CCNA
What will we talk about today?
I AM NOT RESPONSIBLE FOR ANY ILLEGAL ACTS OR ACTIONS THAT YOU PRACTICE OR ANYONE THAT LEARNS SOMETHING FROM TODAY’S PRESENTATION.
Causing Chaos. If you guys were an attacker that This is what I would do, control as was out to cause am gonna talk machines real damage or manythat’s whatin that country, And get profit, critical systems andon penetrate how would you go get about today. about it ? as much info as possible.
Business When a client asks for a pentest We present them with these
Business
Business
Business
Business And that’s all really neat and pretty, however there are 2 problems with that! These guys don’t give a f***. Management Blackhats
Management Cares about: • Money • Money • Money Does: • Will lie for PCI DSS This shit gives us, • Approves every single thing even if it security peeps, doesn’t match security department goals headaches! but gets them moneys.
Blackhats I managed to acquire video footage that shows these guys in action and their vision of the world, lets have a sneek peek!
Video - Blackhats
Tonight only, I ask one thing of u Leave your whitehats and CISSPs at home, and embark on a journey with me to make the world…
SHODAN SHODAN is a search engine that lets you find specific computers (routers, servers, etc.) using a variety of filters. Some have also described it as a public port scan directory or a search engine of banners. Another way of putting it would be:
Is the Of these
Now combine this: With these:
And you get a lot of these
Also if you do anything ilegal and get caught, you’ll get one of these:
SHODAN Now its when u ask
Shodan http://www.shodanhq.com/
SHODAN Accessing that website will give u a bar, where you can type queries and obtain results. Your queries, can ask for PORTS, Countries, strings contained in the banners, and all sorts of other things Following is a sample set of queries that can lead to some interesting results:
SHODAN QUERIES • http://www.shodanhq.com/?q=cisco-IOS • http://www.shodanhq.com/?q=IIS+4.0 • http://www.shodanhq.com/?q=Xerver • http://www.shodanhq.com/?q=Fuji+xerox • http://www.shodanhq.com/?q=JetDirect • http://www.shodanhq.com/?q=Netgear • http://www.shodanhq.com/?q=%22Anonymous+access+allowed%22 • http://www.shodanhq.com/?q=Golden+FTP+Server
SHODAN QUERIES + combined country? Awesome! Saturday, 9th of June 2012
SHODAN QUERIES + combined country Port: 3306 country:PT
SHODAN QUERIES + combined country? Awesome! Wednesday, 6th of June 2012
SHODAN QUERIES + combined country BigIP country:PT
SHODAN QUERIES + combined country? Awesome! Tuesday, March 13, 2012
SHODAN QUERIES + combined country port:3389 -allowed country:PT
SHODAN QUERIES + combined country? Awesome!
SHODAN QUERIES OF AWESOMENESS SAP Web Application Server (ICM) Worldwide Portugal
SHODAN QUERIES OF AWESOMENESS SAP NetWeaver Application Server Worldwide Portugal
SHODAN QUERIES OF AWESOMENESS SAP Web Application Server Worldwide Portugal
SHODAN QUERIES OF AWESOMENESS SAP J2EE Engine Worldwide Portugal
SHODAN QUERIES OF AWESOMENESS
SHODAN QUERIES OF AWESOMENESS port:23 country:PT Worldwide Portugal
SHODAN QUERIES OF AWESOMENESS port:23 country:PT Username:admin Password:smcadmin
SHODAN QUERIES OF AWESOMENESS port:23 list of built-in commands Worldwide Not a big number, however just telnet in and you get shell…
SHODAN QUERIES OF AWESOMENESS port:161 country:PT Worldwide Portugal
SHODAN QUERIES OF AWESOMENESS What sort of info do I get with SNMP ? • Windows RUNNING PROCESSES 1.3.6.1.2.1.25.4.2.1.2 • Windows INSTALLED SOFTWARE 1.3.6.1.2.1.25.6.3.1.2 • Windows SYSTEM INFO 1.3.6.1.2.1.1.1 • Windows HOSTNAME 1.3.6.1.2.1.1.5 • Windows DOMAIN 1.3.6.1.4.1.77.1.4.1 • Windows UPTIME 1.3.6.1.2.1.1.3 • Windows USERS 1.3.6.1.4.1.77.1.2.25 • Windows SHARES 1.3.6.1.4.1.77.1.2.27 • Windows DISKS 1.3.6.1.2.1.25.2.3.1.3 • Windows SERVICES 1.3.6.1.4.1.77.1.2.3.1.1 • Windows LISTENING TCP PORTS 1.3.6.1.2.1.6.13.1.3.0.0.0.0 • Windows LISTENING UDP PORTS 1.3.6.1.2.1.7.5.1.2.0.0.0.0
SHODAN QUERIES OF AWESOMENESS What sort of info do I get with SNMP ? • Linux RUNNING PROCESSES 1.3.6.1.2.1.25.4.2.1.2 • Linux SYSTEM INFO 1.3.6.1.2.1.1.1 • Linux HOSTNAME 1.3.6.1.2.1.1.5 • Linux UPTIME 1.3.6.1.2.1.1.3 • Linux MOUNTPOINTS 1.3.6.1.2.1.25.2.3.1.3 • Linux RUNNING SOFTWARE PATHS 1.3.6.1.2.1.25.4.2.1.4 • Linux LISTENING UDP PORTS 1.3.6.1.2.1.7.5.1.2.0.0.0.0 • Linux LISTENING TCP PORTS 1.3.6.1.2.1.6.13.1.3.0.0.0.0
SHODAN QUERIES OF AWESOMENESS What sort of info do I get with SNMP ? • Cisco LAST TERMINAL USERS 1.3.6.1.4.1.9.9.43.1.1.6.1.8 • Cisco INTERFACES 1.3.6.1.2.1.2.2.1.2 • Cisco SYSTEM INFO 1.3.6.1.2.1.1.1 • Cisco HOSTNAME 1.3.6.1.2.1.1.5 • Cisco SNMPcommunities 1.3.6.1.6.3.12.1.3.1.4 • Cisco UPTIME 1.3.6.1.2.1.1.3 • Cisco IP ADDRESSES 1.3.6.1.2.1.4.20.1.1 • Cisco INTERFACE DESCRIPTIONS 1.3.6.1.2.1.31.1.1.1.18 • Cisco HARDWARE 1.3.6.1.2.1.47.1.1.1.1.2 • Cisco TACACS SERVER 1.3.6.1.4.1.9.2.1.5 • Cisco LOGMESSAGES 1.3.6.1.4.1.9.9.41.1.2.3.1.5 • Cisco PROCESSES 1.3.6.1.4.1.9.9.109.1.2.1.1.2 • Cisco SNMP TRAP SERVER 1.3.6.1.6.3.12.1.2.1.7
SHODAN QUERIES OF AWESOMENESS
SHODAN QUERIES OF AWESOMENESS cisco country:PT Worldwide Portugal
SHODAN QUERIES OF AWESOMENESS cisco country:PT
Cisco
Cisco – GRE TUNNELING
SHODAN QUERIES OF AWESOMENESS port:1900 country:PT Worldwide Portugal
SHODAN QUERIES OF AWESOMENESS So, What is UPNP?
SHODAN QUERIES OF AWESOMENESS So, What uses UPNP?
SHODAN QUERIES OF AWESOMENESS Hackz
SHODAN QUERIES OF AWESOMENESS Hackz
SHODAN QUERIES OF AWESOMENESS UPNP zomg time
SHODAN QUERIES OF AWESOMENESS UPNP Remote command execution
SHODAN QUERIES OF AWESOMENESS Oh and by the way…
SHODAN QUERIES OF AWESOMENESS Another funny thing about UPNP, is that you can get the MAC ADDR and SSID its using And then….
SHODAN (MORE INTERESTING) QUERIES SCADA • http://www.shodanhq.com/?q=PLC • http://www.shodanhq.com/?q=allen+bradley • http://www.shodanhq.com/?q=fanuc • http://www.shodanhq.com/?q=Rockwell • http://www.shodanhq.com/?q=Cimplicity • http://www.shodanhq.com/?q=Omron • http://www.shodanhq.com/?q=Novatech • http://www.shodanhq.com/?q=Citect • http://www.shodanhq.com/?q=RTU • http://www.shodanhq.com/?q=Modbus+Bridge • http://www.shodanhq.com/?q=modicon • http://www.shodanhq.com/?q=bacnet • http://www.shodanhq.com/?q=telemetry+gateway • http://www.shodanhq.com/?q=SIMATIC • http://www.shodanhq.com/?q=hmi • http://www.shodanhq.com/?q=siemens+-...er+-Subscriber • http://www.shodanhq.com/?q=scada+RTS • http://www.shodanhq.com/?q=SCHNEIDER
SHODAN (MORE INTERESTING) QUERIES SCADA PORTUGAL?
SHODAN (MORE INTERESTING) QUERIES SCADA Portugal
SHODAN (MORE INTERESTING) QUERIES SCADA Portugal
SHODAN (MORE INTERESTING) QUERIES SCADA Portugal
SHODAN (MORE INTERESTING) QUERIES SCADA Portugal
A little tip… If you want to quickly check for stuff (web related) that has no authentication, use NMAP!
A little tip… First, let’s get wkhtmltoimage: wget http://wkhtmltopdf.googlecode.com/files/wkhtmltoimage-0.11.0_rc1-static- i386.tar.bz2 tar -jxvf wkhtmltoimage-0.11.0_rc1-static-i386.tar.bz2 cp wkhtmltoimage-i386 /usr/local/bin/ Next, let’s get and install the Nmap module: git clone git://github.com/SpiderLabs/Nmap-Tools.git cd Nmap-Tools/NSE/ cp http-screenshot.nse /usr/local/share/nmap/scripts/ nmap --script-updatedb
A little tip… Then, do your shodan search and use: This automatically exports a list of ips u can import into nmap
A little tip… Then…
A little tip… And nmap, will automatically take screen shots of the first pages that appear and store them, then u just need to look at those!
To end…
SCARY SHIT! DEFACE 1 SCARY? NO!
SCARY SHIT! DEFACE 2 SCARY? Well… disturbing, scary? Not so much!
SCARY SHIT!
SCARY SHIT!
SCARY SHIT!
Shodan – the bad part • Imports nmap scans from their servers, so its not always 100% updated! Confirmed this by correlating some of the shodan results with our personal results! • For example on mysql servers, Shodan would find 785, where our results showed 3000+
Shodan – the good part • Good querying system • If port scanning is illegal in your country, you’re out of trouble if u use shodan, because ur just querying data acquired by them.
Kudos GF Aaron @f1nux Luis Grangeia
Resources http://secanalysis.com/interesting-shodan-searches/ blog.spiderlabs.com/2012/06/using-nmap-to-screenshot-web- services.html http://www.youtube.com/watch?v=LPgZU7ZNIjQ - Defcon 18 2010 SHODAN for Penetration Testers Michael Schearer
50% discount for students and AP2SI peeps

Recommended

12 Years and a Baker's Dozen - Lessons and Learnings from my Infosec Journey
12 Years and a Baker's Dozen - Lessons and Learnings from my Infosec Journey12 Years and a Baker's Dozen - Lessons and Learnings from my Infosec Journey
12 Years and a Baker's Dozen - Lessons and Learnings from my Infosec Journey
Saumil Shah
 
DEF CON 23 - CASSIDY LEVERETT LEE - switches get stitches
DEF CON 23 - CASSIDY LEVERETT LEE - switches get stitchesDEF CON 23 - CASSIDY LEVERETT LEE - switches get stitches
DEF CON 23 - CASSIDY LEVERETT LEE - switches get stitches
Felipe Prado
 
Flipping the script
Flipping the scriptFlipping the script
Flipping the script
Chris Nickerson
 
Application Performance Troubleshooting 1x1 - Von Schweinen, Schlangen und Pa...
Application Performance Troubleshooting 1x1 - Von Schweinen, Schlangen und Pa...Application Performance Troubleshooting 1x1 - Von Schweinen, Schlangen und Pa...
Application Performance Troubleshooting 1x1 - Von Schweinen, Schlangen und Pa...
rschuppe
 
Shameful Secrets of Proprietary Network Protocols - OWASP AppSec EU 2014
Shameful Secrets of Proprietary Network Protocols - OWASP AppSec EU 2014Shameful Secrets of Proprietary Network Protocols - OWASP AppSec EU 2014
Shameful Secrets of Proprietary Network Protocols - OWASP AppSec EU 2014
Jakub Kałużny
 
Zeronights 2015 - Big problems with big data - Hadoop interfaces security
Zeronights 2015 - Big problems with big data - Hadoop interfaces securityZeronights 2015 - Big problems with big data - Hadoop interfaces security
Zeronights 2015 - Big problems with big data - Hadoop interfaces security
Jakub Kałużny
 
BSides London 2015 - Proprietary network protocols - risky business on the wire.
BSides London 2015 - Proprietary network protocols - risky business on the wire.BSides London 2015 - Proprietary network protocols - risky business on the wire.
BSides London 2015 - Proprietary network protocols - risky business on the wire.
Jakub Kałużny
 
Nightmares of a Penetration Tester ( How to protect your network)
Nightmares of a Penetration Tester ( How to protect your network)Nightmares of a Penetration Tester ( How to protect your network)
Nightmares of a Penetration Tester ( How to protect your network)
Chris Nickerson
 

Recommended

12 Years and a Baker's Dozen - Lessons and Learnings from my Infosec Journey
12 Years and a Baker's Dozen - Lessons and Learnings from my Infosec Journey12 Years and a Baker's Dozen - Lessons and Learnings from my Infosec Journey
12 Years and a Baker's Dozen - Lessons and Learnings from my Infosec Journey
Saumil Shah
 
DEF CON 23 - CASSIDY LEVERETT LEE - switches get stitches
DEF CON 23 - CASSIDY LEVERETT LEE - switches get stitchesDEF CON 23 - CASSIDY LEVERETT LEE - switches get stitches
DEF CON 23 - CASSIDY LEVERETT LEE - switches get stitches
Felipe Prado
 
Flipping the script
Flipping the scriptFlipping the script
Flipping the script
Chris Nickerson
 
Application Performance Troubleshooting 1x1 - Von Schweinen, Schlangen und Pa...
Application Performance Troubleshooting 1x1 - Von Schweinen, Schlangen und Pa...Application Performance Troubleshooting 1x1 - Von Schweinen, Schlangen und Pa...
Application Performance Troubleshooting 1x1 - Von Schweinen, Schlangen und Pa...
rschuppe
 
Shameful Secrets of Proprietary Network Protocols - OWASP AppSec EU 2014
Shameful Secrets of Proprietary Network Protocols - OWASP AppSec EU 2014Shameful Secrets of Proprietary Network Protocols - OWASP AppSec EU 2014
Shameful Secrets of Proprietary Network Protocols - OWASP AppSec EU 2014
Jakub Kałużny
 
Zeronights 2015 - Big problems with big data - Hadoop interfaces security
Zeronights 2015 - Big problems with big data - Hadoop interfaces securityZeronights 2015 - Big problems with big data - Hadoop interfaces security
Zeronights 2015 - Big problems with big data - Hadoop interfaces security
Jakub Kałużny
 
BSides London 2015 - Proprietary network protocols - risky business on the wire.
BSides London 2015 - Proprietary network protocols - risky business on the wire.BSides London 2015 - Proprietary network protocols - risky business on the wire.
BSides London 2015 - Proprietary network protocols - risky business on the wire.
Jakub Kałużny
 
Nightmares of a Penetration Tester ( How to protect your network)
Nightmares of a Penetration Tester ( How to protect your network)Nightmares of a Penetration Tester ( How to protect your network)
Nightmares of a Penetration Tester ( How to protect your network)
Chris Nickerson
 
Confraria 28-feb-2013 mesa redonda
Confraria 28-feb-2013 mesa redondaConfraria 28-feb-2013 mesa redonda
Confraria 28-feb-2013 mesa redonda
Tiago Henriques
 
Confraria do Empreendedor
Confraria do EmpreendedorConfraria do Empreendedor
Confraria do Empreendedor
João Kepler Braga ®
 
Talkj4mshare
Talkj4mshareTalkj4mshare
Talkj4mshareTiago Henriques
 
Preso fcul
Preso fculPreso fcul
Preso fcul
Tiago Henriques
 
Confraria Aldeia - Aula show para a turma faixa-branca da Confraria.
Confraria Aldeia - Aula show para a turma faixa-branca da Confraria.Confraria Aldeia - Aula show para a turma faixa-branca da Confraria.
Confraria Aldeia - Aula show para a turma faixa-branca da Confraria.
Aldeia Coworking
 
Confraria Rock 2011
Confraria Rock 2011Confraria Rock 2011
Confraria Rock 2011
Renato Velho
 
I FOR ONE WELCOME OUR NEW CYBER OVERLORDS! AN INTRODUCTION TO THE USE OF MACH...
I FOR ONE WELCOME OUR NEW CYBER OVERLORDS! AN INTRODUCTION TO THE USE OF MACH...I FOR ONE WELCOME OUR NEW CYBER OVERLORDS! AN INTRODUCTION TO THE USE OF MACH...
I FOR ONE WELCOME OUR NEW CYBER OVERLORDS! AN INTRODUCTION TO THE USE OF MACH...
Tiago Henriques
 
Workshop
WorkshopWorkshop
Workshop
Tiago Henriques
 
Enei
EneiEnei
Enei
Tiago Henriques
 
Presentation Brucon - Anubisnetworks and PTCoresec
Presentation Brucon - Anubisnetworks and PTCoresecPresentation Brucon - Anubisnetworks and PTCoresec
Presentation Brucon - Anubisnetworks and PTCoresec
Tiago Henriques
 
(Mis)trusting and (ab)using ssh
(Mis)trusting and (ab)using ssh(Mis)trusting and (ab)using ssh
(Mis)trusting and (ab)using ssh
Tiago Henriques
 
Codebits 2014 - Secure Coding - Gamification and automation for the win
Codebits 2014 - Secure Coding - Gamification and automation for the winCodebits 2014 - Secure Coding - Gamification and automation for the win
Codebits 2014 - Secure Coding - Gamification and automation for the win
Tiago Henriques
 
Vulnerability, exploit to metasploit
Vulnerability, exploit to metasploitVulnerability, exploit to metasploit
Vulnerability, exploit to metasploit
Tiago Henriques
 
BSides Lisbon - Data science, machine learning and cybersecurity
BSides Lisbon - Data science, machine learning and cybersecurity BSides Lisbon - Data science, machine learning and cybersecurity
BSides Lisbon - Data science, machine learning and cybersecurity
Tiago Henriques
 
Webzurich - The State of Web Security in Switzerland
Webzurich - The State of Web Security in SwitzerlandWebzurich - The State of Web Security in Switzerland
Webzurich - The State of Web Security in Switzerland
Tiago Henriques
 
Codebits 2010
Codebits 2010Codebits 2010
Codebits 2010
Tiago Henriques
 
Hardware hacking 101
Hardware hacking 101Hardware hacking 101
Hardware hacking 101
Tiago Henriques
 
BinaryEdge - Security Data Metrics and Measurements at Scale - BSidesLisbon 2015
BinaryEdge - Security Data Metrics and Measurements at Scale - BSidesLisbon 2015BinaryEdge - Security Data Metrics and Measurements at Scale - BSidesLisbon 2015
BinaryEdge - Security Data Metrics and Measurements at Scale - BSidesLisbon 2015
Tiago Henriques
 
Move out from AppEngine, and Python PaaS alternatives
Move out from AppEngine, and Python PaaS alternativesMove out from AppEngine, and Python PaaS alternatives
Move out from AppEngine, and Python PaaS alternatives
tzang ms
 
Malware Analysis For The Enterprise
Malware Analysis For The EnterpriseMalware Analysis For The Enterprise
Malware Analysis For The Enterprise
Jason Ross
 
CONFidence 2014: Jakub Kałużny: Shameful secrets of proprietary protocols
CONFidence 2014: Jakub Kałużny: Shameful secrets of proprietary protocolsCONFidence 2014: Jakub Kałużny: Shameful secrets of proprietary protocols
CONFidence 2014: Jakub Kałużny: Shameful secrets of proprietary protocols
PROIDEA
 
Cloud Device Insecurity
Cloud Device InsecurityCloud Device Insecurity
Cloud Device Insecurity
Jeremy Brown
 

More Related Content

Viewers also liked

Confraria 28-feb-2013 mesa redonda
Confraria 28-feb-2013 mesa redondaConfraria 28-feb-2013 mesa redonda
Confraria 28-feb-2013 mesa redonda
Tiago Henriques
 
Confraria do Empreendedor
Confraria do EmpreendedorConfraria do Empreendedor
Confraria do Empreendedor
João Kepler Braga ®
 
Preso fcul
Preso fculPreso fcul
Preso fcul
Tiago Henriques
 
Confraria Aldeia - Aula show para a turma faixa-branca da Confraria.
Confraria Aldeia - Aula show para a turma faixa-branca da Confraria.Confraria Aldeia - Aula show para a turma faixa-branca da Confraria.
Confraria Aldeia - Aula show para a turma faixa-branca da Confraria.
Aldeia Coworking
 
Confraria Rock 2011
Confraria Rock 2011Confraria Rock 2011
Confraria Rock 2011
Renato Velho
 
I FOR ONE WELCOME OUR NEW CYBER OVERLORDS! AN INTRODUCTION TO THE USE OF MACH...
I FOR ONE WELCOME OUR NEW CYBER OVERLORDS! AN INTRODUCTION TO THE USE OF MACH...I FOR ONE WELCOME OUR NEW CYBER OVERLORDS! AN INTRODUCTION TO THE USE OF MACH...
I FOR ONE WELCOME OUR NEW CYBER OVERLORDS! AN INTRODUCTION TO THE USE OF MACH...
Tiago Henriques
 
Workshop
WorkshopWorkshop
Workshop
Tiago Henriques
 
Enei
EneiEnei
Enei
Tiago Henriques
 
Presentation Brucon - Anubisnetworks and PTCoresec
Presentation Brucon - Anubisnetworks and PTCoresecPresentation Brucon - Anubisnetworks and PTCoresec
Presentation Brucon - Anubisnetworks and PTCoresec
Tiago Henriques
 
(Mis)trusting and (ab)using ssh
(Mis)trusting and (ab)using ssh(Mis)trusting and (ab)using ssh
(Mis)trusting and (ab)using ssh
Tiago Henriques
 
Codebits 2014 - Secure Coding - Gamification and automation for the win
Codebits 2014 - Secure Coding - Gamification and automation for the winCodebits 2014 - Secure Coding - Gamification and automation for the win
Codebits 2014 - Secure Coding - Gamification and automation for the win
Tiago Henriques
 
Vulnerability, exploit to metasploit
Vulnerability, exploit to metasploitVulnerability, exploit to metasploit
Vulnerability, exploit to metasploit
Tiago Henriques
 
BSides Lisbon - Data science, machine learning and cybersecurity
BSides Lisbon - Data science, machine learning and cybersecurity BSides Lisbon - Data science, machine learning and cybersecurity
BSides Lisbon - Data science, machine learning and cybersecurity
Tiago Henriques
 
Webzurich - The State of Web Security in Switzerland
Webzurich - The State of Web Security in SwitzerlandWebzurich - The State of Web Security in Switzerland
Webzurich - The State of Web Security in Switzerland
Tiago Henriques
 
Codebits 2010
Codebits 2010Codebits 2010
Codebits 2010
Tiago Henriques
 
Hardware hacking 101
Hardware hacking 101Hardware hacking 101
Hardware hacking 101
Tiago Henriques
 
BinaryEdge - Security Data Metrics and Measurements at Scale - BSidesLisbon 2015
BinaryEdge - Security Data Metrics and Measurements at Scale - BSidesLisbon 2015BinaryEdge - Security Data Metrics and Measurements at Scale - BSidesLisbon 2015
BinaryEdge - Security Data Metrics and Measurements at Scale - BSidesLisbon 2015
Tiago Henriques
 

Viewers also liked (18)

Confraria 28-feb-2013 mesa redonda
Confraria 28-feb-2013 mesa redondaConfraria 28-feb-2013 mesa redonda
Confraria 28-feb-2013 mesa redonda
 
Confraria do Empreendedor
Confraria do EmpreendedorConfraria do Empreendedor
Confraria do Empreendedor
 
Talkj4mshare
Talkj4mshareTalkj4mshare
Talkj4mshare
 
Preso fcul
Preso fculPreso fcul
Preso fcul
 
Confraria Aldeia - Aula show para a turma faixa-branca da Confraria.
Confraria Aldeia - Aula show para a turma faixa-branca da Confraria.Confraria Aldeia - Aula show para a turma faixa-branca da Confraria.
Confraria Aldeia - Aula show para a turma faixa-branca da Confraria.
 
Confraria Rock 2011
Confraria Rock 2011Confraria Rock 2011
Confraria Rock 2011
 
I FOR ONE WELCOME OUR NEW CYBER OVERLORDS! AN INTRODUCTION TO THE USE OF MACH...
I FOR ONE WELCOME OUR NEW CYBER OVERLORDS! AN INTRODUCTION TO THE USE OF MACH...I FOR ONE WELCOME OUR NEW CYBER OVERLORDS! AN INTRODUCTION TO THE USE OF MACH...
I FOR ONE WELCOME OUR NEW CYBER OVERLORDS! AN INTRODUCTION TO THE USE OF MACH...
 
Workshop
WorkshopWorkshop
Workshop
 
Enei
EneiEnei
Enei
 
Presentation Brucon - Anubisnetworks and PTCoresec
Presentation Brucon - Anubisnetworks and PTCoresecPresentation Brucon - Anubisnetworks and PTCoresec
Presentation Brucon - Anubisnetworks and PTCoresec
 
(Mis)trusting and (ab)using ssh
(Mis)trusting and (ab)using ssh(Mis)trusting and (ab)using ssh
(Mis)trusting and (ab)using ssh
 
Codebits 2014 - Secure Coding - Gamification and automation for the win
Codebits 2014 - Secure Coding - Gamification and automation for the winCodebits 2014 - Secure Coding - Gamification and automation for the win
Codebits 2014 - Secure Coding - Gamification and automation for the win
 
Vulnerability, exploit to metasploit
Vulnerability, exploit to metasploitVulnerability, exploit to metasploit
Vulnerability, exploit to metasploit
 
BSides Lisbon - Data science, machine learning and cybersecurity
BSides Lisbon - Data science, machine learning and cybersecurity BSides Lisbon - Data science, machine learning and cybersecurity
BSides Lisbon - Data science, machine learning and cybersecurity
 
Webzurich - The State of Web Security in Switzerland
Webzurich - The State of Web Security in SwitzerlandWebzurich - The State of Web Security in Switzerland
Webzurich - The State of Web Security in Switzerland
 
Codebits 2010
Codebits 2010Codebits 2010
Codebits 2010
 
Hardware hacking 101
Hardware hacking 101Hardware hacking 101
Hardware hacking 101
 
BinaryEdge - Security Data Metrics and Measurements at Scale - BSidesLisbon 2015
BinaryEdge - Security Data Metrics and Measurements at Scale - BSidesLisbon 2015BinaryEdge - Security Data Metrics and Measurements at Scale - BSidesLisbon 2015
BinaryEdge - Security Data Metrics and Measurements at Scale - BSidesLisbon 2015
 

Similar to Country domination - Causing chaos and wrecking havoc

Move out from AppEngine, and Python PaaS alternatives
Move out from AppEngine, and Python PaaS alternativesMove out from AppEngine, and Python PaaS alternatives
Move out from AppEngine, and Python PaaS alternatives
tzang ms
 
Malware Analysis For The Enterprise
Malware Analysis For The EnterpriseMalware Analysis For The Enterprise
Malware Analysis For The Enterprise
Jason Ross
 
CONFidence 2014: Jakub Kałużny: Shameful secrets of proprietary protocols
CONFidence 2014: Jakub Kałużny: Shameful secrets of proprietary protocolsCONFidence 2014: Jakub Kałużny: Shameful secrets of proprietary protocols
CONFidence 2014: Jakub Kałużny: Shameful secrets of proprietary protocols
PROIDEA
 
Cloud Device Insecurity
Cloud Device InsecurityCloud Device Insecurity
Cloud Device Insecurity
Jeremy Brown
 
Hacklu2011 tricaud
Hacklu2011 tricaudHacklu2011 tricaud
Hacklu2011 tricaud
stricaud
 
Having Honeypot for Better Network Security Analysis
Having Honeypot for Better Network Security AnalysisHaving Honeypot for Better Network Security Analysis
Having Honeypot for Better Network Security Analysis
Bangladesh Network Operators Group
 
Jack S (linkcabin) - Becoming The Quiz Master: Thanks RE.
Jack S (linkcabin) - Becoming The Quiz Master: Thanks RE.Jack S (linkcabin) - Becoming The Quiz Master: Thanks RE.
Jack S (linkcabin) - Becoming The Quiz Master: Thanks RE.
hacktivity
 
Adversary Pattern Analysis - A Journey with APNIC Honeypot
Adversary Pattern Analysis - A Journey with APNIC HoneypotAdversary Pattern Analysis - A Journey with APNIC Honeypot
Adversary Pattern Analysis - A Journey with APNIC Honeypot
A. S. M. Shamim Reza
 
How to dominate a country
How to dominate a countryHow to dominate a country
How to dominate a country
Tiago Henriques
 
Step On In, The Water's Fine! - An Introduction To Security Testing Within A ...
Step On In, The Water's Fine! - An Introduction To Security Testing Within A ...Step On In, The Water's Fine! - An Introduction To Security Testing Within A ...
Step On In, The Water's Fine! - An Introduction To Security Testing Within A ...
Tom Moore
 
Windows logging workshop - BSides Austin 2014
Windows logging workshop - BSides Austin 2014Windows logging workshop - BSides Austin 2014
Windows logging workshop - BSides Austin 2014
Michael Gough
 
OWF 2014 - Take back control of your Web tracking - Dataiku
OWF 2014 - Take back control of your Web tracking - DataikuOWF 2014 - Take back control of your Web tracking - Dataiku
OWF 2014 - Take back control of your Web tracking - Dataiku
Dataiku
 
DEF CON 27 - D4KRM4TTER MIKE SPICER - I know what you did last summer
DEF CON 27 - D4KRM4TTER MIKE SPICER - I know what you did last summerDEF CON 27 - D4KRM4TTER MIKE SPICER - I know what you did last summer
DEF CON 27 - D4KRM4TTER MIKE SPICER - I know what you did last summer
Felipe Prado
 
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
panagenda
 
OSINT tools for security auditing with python
OSINT tools for security auditing with pythonOSINT tools for security auditing with python
OSINT tools for security auditing with python
Jose Manuel Ortega Candel
 
Website & Internet + Performance testing
Website & Internet + Performance testingWebsite & Internet + Performance testing
Website & Internet + Performance testing
Roman Ananev
 
The Hacking Games - A Road to Post Exploitation Meetup - 20240222.pptx
The Hacking Games - A Road to Post Exploitation Meetup - 20240222.pptxThe Hacking Games - A Road to Post Exploitation Meetup - 20240222.pptx
The Hacking Games - A Road to Post Exploitation Meetup - 20240222.pptx
lior mazor
 
2010 11 pubcon_hendison-hosting
2010 11 pubcon_hendison-hosting2010 11 pubcon_hendison-hosting
2010 11 pubcon_hendison-hosting
shendison
 
2019-12-11-OWASP-IoT-Top-10---Introduction-and-Root-Causes.pdf
2019-12-11-OWASP-IoT-Top-10---Introduction-and-Root-Causes.pdf2019-12-11-OWASP-IoT-Top-10---Introduction-and-Root-Causes.pdf
2019-12-11-OWASP-IoT-Top-10---Introduction-and-Root-Causes.pdf
dino715195
 
[CB20] Vulnerabilities of Machine Learning Infrastructure by Sergey Gordeychik
[CB20] Vulnerabilities of Machine Learning Infrastructure by Sergey Gordeychik[CB20] Vulnerabilities of Machine Learning Infrastructure by Sergey Gordeychik
[CB20] Vulnerabilities of Machine Learning Infrastructure by Sergey Gordeychik
CODE BLUE
 

Similar to Country domination - Causing chaos and wrecking havoc (20)

Move out from AppEngine, and Python PaaS alternatives
Move out from AppEngine, and Python PaaS alternativesMove out from AppEngine, and Python PaaS alternatives
Move out from AppEngine, and Python PaaS alternatives
 
Malware Analysis For The Enterprise
Malware Analysis For The EnterpriseMalware Analysis For The Enterprise
Malware Analysis For The Enterprise
 
CONFidence 2014: Jakub Kałużny: Shameful secrets of proprietary protocols
CONFidence 2014: Jakub Kałużny: Shameful secrets of proprietary protocolsCONFidence 2014: Jakub Kałużny: Shameful secrets of proprietary protocols
CONFidence 2014: Jakub Kałużny: Shameful secrets of proprietary protocols
 
Cloud Device Insecurity
Cloud Device InsecurityCloud Device Insecurity
Cloud Device Insecurity
 
Hacklu2011 tricaud
Hacklu2011 tricaudHacklu2011 tricaud
Hacklu2011 tricaud
 
Having Honeypot for Better Network Security Analysis
Having Honeypot for Better Network Security AnalysisHaving Honeypot for Better Network Security Analysis
Having Honeypot for Better Network Security Analysis
 
Jack S (linkcabin) - Becoming The Quiz Master: Thanks RE.
Jack S (linkcabin) - Becoming The Quiz Master: Thanks RE.Jack S (linkcabin) - Becoming The Quiz Master: Thanks RE.
Jack S (linkcabin) - Becoming The Quiz Master: Thanks RE.
 
Adversary Pattern Analysis - A Journey with APNIC Honeypot
Adversary Pattern Analysis - A Journey with APNIC HoneypotAdversary Pattern Analysis - A Journey with APNIC Honeypot
Adversary Pattern Analysis - A Journey with APNIC Honeypot
 
How to dominate a country
How to dominate a countryHow to dominate a country
How to dominate a country
 
Step On In, The Water's Fine! - An Introduction To Security Testing Within A ...
Step On In, The Water's Fine! - An Introduction To Security Testing Within A ...Step On In, The Water's Fine! - An Introduction To Security Testing Within A ...
Step On In, The Water's Fine! - An Introduction To Security Testing Within A ...
 
Windows logging workshop - BSides Austin 2014
Windows logging workshop - BSides Austin 2014Windows logging workshop - BSides Austin 2014
Windows logging workshop - BSides Austin 2014
 
OWF 2014 - Take back control of your Web tracking - Dataiku
OWF 2014 - Take back control of your Web tracking - DataikuOWF 2014 - Take back control of your Web tracking - Dataiku
OWF 2014 - Take back control of your Web tracking - Dataiku
 
DEF CON 27 - D4KRM4TTER MIKE SPICER - I know what you did last summer
DEF CON 27 - D4KRM4TTER MIKE SPICER - I know what you did last summerDEF CON 27 - D4KRM4TTER MIKE SPICER - I know what you did last summer
DEF CON 27 - D4KRM4TTER MIKE SPICER - I know what you did last summer
 
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
 
OSINT tools for security auditing with python
OSINT tools for security auditing with pythonOSINT tools for security auditing with python
OSINT tools for security auditing with python
 
Website & Internet + Performance testing
Website & Internet + Performance testingWebsite & Internet + Performance testing
Website & Internet + Performance testing
 
The Hacking Games - A Road to Post Exploitation Meetup - 20240222.pptx
The Hacking Games - A Road to Post Exploitation Meetup - 20240222.pptxThe Hacking Games - A Road to Post Exploitation Meetup - 20240222.pptx
The Hacking Games - A Road to Post Exploitation Meetup - 20240222.pptx
 
2010 11 pubcon_hendison-hosting
2010 11 pubcon_hendison-hosting2010 11 pubcon_hendison-hosting
2010 11 pubcon_hendison-hosting
 
2019-12-11-OWASP-IoT-Top-10---Introduction-and-Root-Causes.pdf
2019-12-11-OWASP-IoT-Top-10---Introduction-and-Root-Causes.pdf2019-12-11-OWASP-IoT-Top-10---Introduction-and-Root-Causes.pdf
2019-12-11-OWASP-IoT-Top-10---Introduction-and-Root-Causes.pdf
 
[CB20] Vulnerabilities of Machine Learning Infrastructure by Sergey Gordeychik
[CB20] Vulnerabilities of Machine Learning Infrastructure by Sergey Gordeychik[CB20] Vulnerabilities of Machine Learning Infrastructure by Sergey Gordeychik
[CB20] Vulnerabilities of Machine Learning Infrastructure by Sergey Gordeychik
 

More from Tiago Henriques

BSides Lisbon 2023 - AI in Cybersecurity.pdf
BSides Lisbon 2023 - AI in Cybersecurity.pdfBSides Lisbon 2023 - AI in Cybersecurity.pdf
BSides Lisbon 2023 - AI in Cybersecurity.pdf
Tiago Henriques
 
Pixels Camp 2017 - Stories from the trenches of building a data architecture
Pixels Camp 2017 - Stories from the trenches of building a data architecturePixels Camp 2017 - Stories from the trenches of building a data architecture
Pixels Camp 2017 - Stories from the trenches of building a data architecture
Tiago Henriques
 
Pixels Camp 2017 - Stranger Things the internet version
Pixels Camp 2017 - Stranger Things the internet versionPixels Camp 2017 - Stranger Things the internet version
Pixels Camp 2017 - Stranger Things the internet version
Tiago Henriques
 
The state of cybersecurity in Switzerland - FinTechDay 2017
The state of cybersecurity in Switzerland - FinTechDay 2017The state of cybersecurity in Switzerland - FinTechDay 2017
The state of cybersecurity in Switzerland - FinTechDay 2017
Tiago Henriques
 
Secure coding - Balgan - Tiago Henriques
Secure coding - Balgan - Tiago HenriquesSecure coding - Balgan - Tiago Henriques
Secure coding - Balgan - Tiago Henriques
Tiago Henriques
 
Practical exploitation and social engineering
Practical exploitation and social engineeringPractical exploitation and social engineering
Practical exploitation and social engineering
Tiago Henriques
 
Booklet
BookletBooklet
Booklet
Tiago Henriques
 

More from Tiago Henriques (7)

BSides Lisbon 2023 - AI in Cybersecurity.pdf
BSides Lisbon 2023 - AI in Cybersecurity.pdfBSides Lisbon 2023 - AI in Cybersecurity.pdf
BSides Lisbon 2023 - AI in Cybersecurity.pdf
 
Pixels Camp 2017 - Stories from the trenches of building a data architecture
Pixels Camp 2017 - Stories from the trenches of building a data architecturePixels Camp 2017 - Stories from the trenches of building a data architecture
Pixels Camp 2017 - Stories from the trenches of building a data architecture
 
Pixels Camp 2017 - Stranger Things the internet version
Pixels Camp 2017 - Stranger Things the internet versionPixels Camp 2017 - Stranger Things the internet version
Pixels Camp 2017 - Stranger Things the internet version
 
The state of cybersecurity in Switzerland - FinTechDay 2017
The state of cybersecurity in Switzerland - FinTechDay 2017The state of cybersecurity in Switzerland - FinTechDay 2017
The state of cybersecurity in Switzerland - FinTechDay 2017
 
Secure coding - Balgan - Tiago Henriques
Secure coding - Balgan - Tiago HenriquesSecure coding - Balgan - Tiago Henriques
Secure coding - Balgan - Tiago Henriques
 
Practical exploitation and social engineering
Practical exploitation and social engineeringPractical exploitation and social engineering
Practical exploitation and social engineering
 
Booklet
BookletBooklet
Booklet
 

Recently uploaded

20240607 QFM018 Elixir Reading List May 2024
20240607 QFM018 Elixir Reading List May 202420240607 QFM018 Elixir Reading List May 2024
20240607 QFM018 Elixir Reading List May 2024
Matthew Sinclair
 
GraphSummit Singapore | Neo4j Product Vision & Roadmap - Q2 2024
GraphSummit Singapore | Neo4j Product Vision & Roadmap - Q2 2024GraphSummit Singapore | Neo4j Product Vision & Roadmap - Q2 2024
GraphSummit Singapore | Neo4j Product Vision & Roadmap - Q2 2024
Neo4j
 
“Building and Scaling AI Applications with the Nx AI Manager,” a Presentation...
“Building and Scaling AI Applications with the Nx AI Manager,” a Presentation...“Building and Scaling AI Applications with the Nx AI Manager,” a Presentation...
“Building and Scaling AI Applications with the Nx AI Manager,” a Presentation...
Edge AI and Vision Alliance
 
20240609 QFM020 Irresponsible AI Reading List May 2024
20240609 QFM020 Irresponsible AI Reading List May 202420240609 QFM020 Irresponsible AI Reading List May 2024
20240609 QFM020 Irresponsible AI Reading List May 2024
Matthew Sinclair
 
Communications Mining Series - Zero to Hero - Session 1
Communications Mining Series - Zero to Hero - Session 1Communications Mining Series - Zero to Hero - Session 1
Communications Mining Series - Zero to Hero - Session 1
DianaGray10
 
20 Comprehensive Checklist of Designing and Developing a Website
20 Comprehensive Checklist of Designing and Developing a Website20 Comprehensive Checklist of Designing and Developing a Website
20 Comprehensive Checklist of Designing and Developing a Website
Pixlogix Infotech
 
Presentation of the OECD Artificial Intelligence Review of Germany
Presentation of the OECD Artificial Intelligence Review of GermanyPresentation of the OECD Artificial Intelligence Review of Germany
Presentation of the OECD Artificial Intelligence Review of Germany
innovationoecd
 
Large Language Model (LLM) and it’s Geospatial Applications
Large Language Model (LLM) and it’s Geospatial ApplicationsLarge Language Model (LLM) and it’s Geospatial Applications
Large Language Model (LLM) and it’s Geospatial Applications
Rohit Gautam
 
Climate Impact of Software Testing at Nordic Testing Days
Climate Impact of Software Testing at Nordic Testing DaysClimate Impact of Software Testing at Nordic Testing Days
Climate Impact of Software Testing at Nordic Testing Days
Kari Kakkonen
 
Cosa hanno in comune un mattoncino Lego e la backdoor XZ?
Cosa hanno in comune un mattoncino Lego e la backdoor XZ?Cosa hanno in comune un mattoncino Lego e la backdoor XZ?
Cosa hanno in comune un mattoncino Lego e la backdoor XZ?
Speck&Tech
 
How to Get CNIC Information System with Paksim Ga.pptx
How to Get CNIC Information System with Paksim Ga.pptxHow to Get CNIC Information System with Paksim Ga.pptx
How to Get CNIC Information System with Paksim Ga.pptx
danishmna97
 
Full-RAG: A modern architecture for hyper-personalization
Full-RAG: A modern architecture for hyper-personalizationFull-RAG: A modern architecture for hyper-personalization
Full-RAG: A modern architecture for hyper-personalization
Zilliz
 
みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...
みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...
みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...
名前 です男
 
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Albert Hoitingh
 
Unlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdf
Unlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdfUnlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdf
Unlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdf
Malak Abu Hammad
 
UiPath Test Automation using UiPath Test Suite series, part 5
UiPath Test Automation using UiPath Test Suite series, part 5UiPath Test Automation using UiPath Test Suite series, part 5
UiPath Test Automation using UiPath Test Suite series, part 5
DianaGray10
 
Removing Uninteresting Bytes in Software Fuzzing
Removing Uninteresting Bytes in Software FuzzingRemoving Uninteresting Bytes in Software Fuzzing
Removing Uninteresting Bytes in Software Fuzzing
Aftab Hussain
 
Introducing Milvus Lite: Easy-to-Install, Easy-to-Use vector database for you...
Introducing Milvus Lite: Easy-to-Install, Easy-to-Use vector database for you...Introducing Milvus Lite: Easy-to-Install, Easy-to-Use vector database for you...
Introducing Milvus Lite: Easy-to-Install, Easy-to-Use vector database for you...
Zilliz
 
GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...
GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...
GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...
Neo4j
 
“I’m still / I’m still / Chaining from the Block”
“I’m still / I’m still / Chaining from the Block”“I’m still / I’m still / Chaining from the Block”
“I’m still / I’m still / Chaining from the Block”
Claudio Di Ciccio
 

Recently uploaded (20)

20240607 QFM018 Elixir Reading List May 2024
20240607 QFM018 Elixir Reading List May 202420240607 QFM018 Elixir Reading List May 2024
20240607 QFM018 Elixir Reading List May 2024
 
GraphSummit Singapore | Neo4j Product Vision & Roadmap - Q2 2024
GraphSummit Singapore | Neo4j Product Vision & Roadmap - Q2 2024GraphSummit Singapore | Neo4j Product Vision & Roadmap - Q2 2024
GraphSummit Singapore | Neo4j Product Vision & Roadmap - Q2 2024
 
“Building and Scaling AI Applications with the Nx AI Manager,” a Presentation...
“Building and Scaling AI Applications with the Nx AI Manager,” a Presentation...“Building and Scaling AI Applications with the Nx AI Manager,” a Presentation...
“Building and Scaling AI Applications with the Nx AI Manager,” a Presentation...
 
20240609 QFM020 Irresponsible AI Reading List May 2024
20240609 QFM020 Irresponsible AI Reading List May 202420240609 QFM020 Irresponsible AI Reading List May 2024
20240609 QFM020 Irresponsible AI Reading List May 2024
 
Communications Mining Series - Zero to Hero - Session 1
Communications Mining Series - Zero to Hero - Session 1Communications Mining Series - Zero to Hero - Session 1
Communications Mining Series - Zero to Hero - Session 1
 
20 Comprehensive Checklist of Designing and Developing a Website
20 Comprehensive Checklist of Designing and Developing a Website20 Comprehensive Checklist of Designing and Developing a Website
20 Comprehensive Checklist of Designing and Developing a Website
 
Presentation of the OECD Artificial Intelligence Review of Germany
Presentation of the OECD Artificial Intelligence Review of GermanyPresentation of the OECD Artificial Intelligence Review of Germany
Presentation of the OECD Artificial Intelligence Review of Germany
 
Large Language Model (LLM) and it’s Geospatial Applications
Large Language Model (LLM) and it’s Geospatial ApplicationsLarge Language Model (LLM) and it’s Geospatial Applications
Large Language Model (LLM) and it’s Geospatial Applications
 
Climate Impact of Software Testing at Nordic Testing Days
Climate Impact of Software Testing at Nordic Testing DaysClimate Impact of Software Testing at Nordic Testing Days
Climate Impact of Software Testing at Nordic Testing Days
 
Cosa hanno in comune un mattoncino Lego e la backdoor XZ?
Cosa hanno in comune un mattoncino Lego e la backdoor XZ?Cosa hanno in comune un mattoncino Lego e la backdoor XZ?
Cosa hanno in comune un mattoncino Lego e la backdoor XZ?
 
How to Get CNIC Information System with Paksim Ga.pptx
How to Get CNIC Information System with Paksim Ga.pptxHow to Get CNIC Information System with Paksim Ga.pptx
How to Get CNIC Information System with Paksim Ga.pptx
 
Full-RAG: A modern architecture for hyper-personalization
Full-RAG: A modern architecture for hyper-personalizationFull-RAG: A modern architecture for hyper-personalization
Full-RAG: A modern architecture for hyper-personalization
 
みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...
みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...
みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...
 
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
 
Unlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdf
Unlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdfUnlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdf
Unlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdf
 
UiPath Test Automation using UiPath Test Suite series, part 5
UiPath Test Automation using UiPath Test Suite series, part 5UiPath Test Automation using UiPath Test Suite series, part 5
UiPath Test Automation using UiPath Test Suite series, part 5
 
Removing Uninteresting Bytes in Software Fuzzing
Removing Uninteresting Bytes in Software FuzzingRemoving Uninteresting Bytes in Software Fuzzing
Removing Uninteresting Bytes in Software Fuzzing
 
Introducing Milvus Lite: Easy-to-Install, Easy-to-Use vector database for you...
Introducing Milvus Lite: Easy-to-Install, Easy-to-Use vector database for you...Introducing Milvus Lite: Easy-to-Install, Easy-to-Use vector database for you...
Introducing Milvus Lite: Easy-to-Install, Easy-to-Use vector database for you...
 
GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...
GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...
GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...
 
“I’m still / I’m still / Chaining from the Block”
“I’m still / I’m still / Chaining from the Block”“I’m still / I’m still / Chaining from the Block”
“I’m still / I’m still / Chaining from the Block”
 

Country domination - Causing chaos and wrecking havoc

  • 2. Who Am I ? Team Leader of these guise • Tiago Henriques • @balgan • 24 • BSc • MSc • CEH • CHFI file:///C:/Users/balga n/Downloads/11545_ • CISSP 192585389754_51359 • MCSA 9754_3020198_33334 • CISA 9_n.jpg • CISM Currently employed • CPT by these guise • CCNA
  • 3. What will we talk about today?
  • 4. I AM NOT RESPONSIBLE FOR ANY ILLEGAL ACTS OR ACTIONS THAT YOU PRACTICE OR ANYONE THAT LEARNS SOMETHING FROM TODAY’S PRESENTATION.
  • 5. Causing Chaos. If you guys were an attacker that This is what I would do, control as was out to cause am gonna talk machines real damage or manythat’s whatin that country, And get profit, critical systems andon penetrate how would you go get about today. about it ? as much info as possible.
  • 6. Business When a client asks for a pentest We present them with these
  • 10. Business And that’s all really neat and pretty, however there are 2 problems with that! These guys don’t give a f***. Management Blackhats
  • 11. Management Cares about: • Money • Money • Money Does: • Will lie for PCI DSS This shit gives us, • Approves every single thing even if it security peeps, doesn’t match security department goals headaches! but gets them moneys.
  • 12. Blackhats I managed to acquire video footage that shows these guys in action and their vision of the world, lets have a sneek peek!
  • 14. Tonight only, I ask one thing of u Leave your whitehats and CISSPs at home, and embark on a journey with me to make the world…
  • 15. SHODAN SHODAN is a search engine that lets you find specific computers (routers, servers, etc.) using a variety of filters. Some have also described it as a public port scan directory or a search engine of banners. Another way of putting it would be:
  • 17. Now combine this: With these:
  • 18. And you get a lot of these
  • 19. Also if you do anything ilegal and get caught, you’ll get one of these:
  • 22. SHODAN Accessing that website will give u a bar, where you can type queries and obtain results. Your queries, can ask for PORTS, Countries, strings contained in the banners, and all sorts of other things Following is a sample set of queries that can lead to some interesting results:
  • 23. SHODAN QUERIES • http://www.shodanhq.com/?q=cisco-IOS • http://www.shodanhq.com/?q=IIS+4.0 • http://www.shodanhq.com/?q=Xerver • http://www.shodanhq.com/?q=Fuji+xerox • http://www.shodanhq.com/?q=JetDirect • http://www.shodanhq.com/?q=Netgear • http://www.shodanhq.com/?q=%22Anonymous+access+allowed%22 • http://www.shodanhq.com/?q=Golden+FTP+Server
  • 24. SHODAN QUERIES + combined country? Awesome! Saturday, 9th of June 2012
  • 25. SHODAN QUERIES + combined country Port: 3306 country:PT
  • 26. SHODAN QUERIES + combined country? Awesome! Wednesday, 6th of June 2012
  • 27. SHODAN QUERIES + combined country BigIP country:PT
  • 28. SHODAN QUERIES + combined country? Awesome! Tuesday, March 13, 2012
  • 29. SHODAN QUERIES + combined country port:3389 -allowed country:PT
  • 30. SHODAN QUERIES + combined country? Awesome!
  • 31. SHODAN QUERIES OF AWESOMENESS SAP Web Application Server (ICM) Worldwide Portugal
  • 32. SHODAN QUERIES OF AWESOMENESS SAP NetWeaver Application Server Worldwide Portugal
  • 33. SHODAN QUERIES OF AWESOMENESS SAP Web Application Server Worldwide Portugal
  • 34. SHODAN QUERIES OF AWESOMENESS SAP J2EE Engine Worldwide Portugal
  • 35. SHODAN QUERIES OF AWESOMENESS
  • 36. SHODAN QUERIES OF AWESOMENESS port:23 country:PT Worldwide Portugal
  • 37. SHODAN QUERIES OF AWESOMENESS port:23 country:PT Username:admin Password:smcadmin
  • 38. SHODAN QUERIES OF AWESOMENESS port:23 list of built-in commands Worldwide Not a big number, however just telnet in and you get shell…
  • 39. SHODAN QUERIES OF AWESOMENESS port:161 country:PT Worldwide Portugal
  • 40. SHODAN QUERIES OF AWESOMENESS What sort of info do I get with SNMP ? • Windows RUNNING PROCESSES 1.3.6.1.2.1.25.4.2.1.2 • Windows INSTALLED SOFTWARE 1.3.6.1.2.1.25.6.3.1.2 • Windows SYSTEM INFO 1.3.6.1.2.1.1.1 • Windows HOSTNAME 1.3.6.1.2.1.1.5 • Windows DOMAIN 1.3.6.1.4.1.77.1.4.1 • Windows UPTIME 1.3.6.1.2.1.1.3 • Windows USERS 1.3.6.1.4.1.77.1.2.25 • Windows SHARES 1.3.6.1.4.1.77.1.2.27 • Windows DISKS 1.3.6.1.2.1.25.2.3.1.3 • Windows SERVICES 1.3.6.1.4.1.77.1.2.3.1.1 • Windows LISTENING TCP PORTS 1.3.6.1.2.1.6.13.1.3.0.0.0.0 • Windows LISTENING UDP PORTS 1.3.6.1.2.1.7.5.1.2.0.0.0.0
  • 41. SHODAN QUERIES OF AWESOMENESS What sort of info do I get with SNMP ? • Linux RUNNING PROCESSES 1.3.6.1.2.1.25.4.2.1.2 • Linux SYSTEM INFO 1.3.6.1.2.1.1.1 • Linux HOSTNAME 1.3.6.1.2.1.1.5 • Linux UPTIME 1.3.6.1.2.1.1.3 • Linux MOUNTPOINTS 1.3.6.1.2.1.25.2.3.1.3 • Linux RUNNING SOFTWARE PATHS 1.3.6.1.2.1.25.4.2.1.4 • Linux LISTENING UDP PORTS 1.3.6.1.2.1.7.5.1.2.0.0.0.0 • Linux LISTENING TCP PORTS 1.3.6.1.2.1.6.13.1.3.0.0.0.0
  • 42. SHODAN QUERIES OF AWESOMENESS What sort of info do I get with SNMP ? • Cisco LAST TERMINAL USERS 1.3.6.1.4.1.9.9.43.1.1.6.1.8 • Cisco INTERFACES 1.3.6.1.2.1.2.2.1.2 • Cisco SYSTEM INFO 1.3.6.1.2.1.1.1 • Cisco HOSTNAME 1.3.6.1.2.1.1.5 • Cisco SNMPcommunities 1.3.6.1.6.3.12.1.3.1.4 • Cisco UPTIME 1.3.6.1.2.1.1.3 • Cisco IP ADDRESSES 1.3.6.1.2.1.4.20.1.1 • Cisco INTERFACE DESCRIPTIONS 1.3.6.1.2.1.31.1.1.1.18 • Cisco HARDWARE 1.3.6.1.2.1.47.1.1.1.1.2 • Cisco TACACS SERVER 1.3.6.1.4.1.9.2.1.5 • Cisco LOGMESSAGES 1.3.6.1.4.1.9.9.41.1.2.3.1.5 • Cisco PROCESSES 1.3.6.1.4.1.9.9.109.1.2.1.1.2 • Cisco SNMP TRAP SERVER 1.3.6.1.6.3.12.1.2.1.7
  • 43. SHODAN QUERIES OF AWESOMENESS
  • 44. SHODAN QUERIES OF AWESOMENESS cisco country:PT Worldwide Portugal
  • 45. SHODAN QUERIES OF AWESOMENESS cisco country:PT
  • 46. Cisco
  • 47. Cisco – GRE TUNNELING
  • 48. SHODAN QUERIES OF AWESOMENESS port:1900 country:PT Worldwide Portugal
  • 49. SHODAN QUERIES OF AWESOMENESS So, What is UPNP?
  • 50. SHODAN QUERIES OF AWESOMENESS So, What uses UPNP?
  • 51. SHODAN QUERIES OF AWESOMENESS Hackz
  • 52. SHODAN QUERIES OF AWESOMENESS Hackz
  • 53. SHODAN QUERIES OF AWESOMENESS UPNP zomg time
  • 54. SHODAN QUERIES OF AWESOMENESS UPNP Remote command execution
  • 55. SHODAN QUERIES OF AWESOMENESS Oh and by the way…
  • 56. SHODAN QUERIES OF AWESOMENESS Another funny thing about UPNP, is that you can get the MAC ADDR and SSID its using And then….
  • 57. SHODAN (MORE INTERESTING) QUERIES SCADA • http://www.shodanhq.com/?q=PLC • http://www.shodanhq.com/?q=allen+bradley • http://www.shodanhq.com/?q=fanuc • http://www.shodanhq.com/?q=Rockwell • http://www.shodanhq.com/?q=Cimplicity • http://www.shodanhq.com/?q=Omron • http://www.shodanhq.com/?q=Novatech • http://www.shodanhq.com/?q=Citect • http://www.shodanhq.com/?q=RTU • http://www.shodanhq.com/?q=Modbus+Bridge • http://www.shodanhq.com/?q=modicon • http://www.shodanhq.com/?q=bacnet • http://www.shodanhq.com/?q=telemetry+gateway • http://www.shodanhq.com/?q=SIMATIC • http://www.shodanhq.com/?q=hmi • http://www.shodanhq.com/?q=siemens+-...er+-Subscriber • http://www.shodanhq.com/?q=scada+RTS • http://www.shodanhq.com/?q=SCHNEIDER
  • 58. SHODAN (MORE INTERESTING) QUERIES SCADA PORTUGAL?
  • 59. SHODAN (MORE INTERESTING) QUERIES SCADA Portugal
  • 60. SHODAN (MORE INTERESTING) QUERIES SCADA Portugal
  • 61. SHODAN (MORE INTERESTING) QUERIES SCADA Portugal
  • 62. SHODAN (MORE INTERESTING) QUERIES SCADA Portugal
  • 63. A little tip… If you want to quickly check for stuff (web related) that has no authentication, use NMAP!
  • 64. A little tip… First, let’s get wkhtmltoimage: wget http://wkhtmltopdf.googlecode.com/files/wkhtmltoimage-0.11.0_rc1-static- i386.tar.bz2 tar -jxvf wkhtmltoimage-0.11.0_rc1-static-i386.tar.bz2 cp wkhtmltoimage-i386 /usr/local/bin/ Next, let’s get and install the Nmap module: git clone git://github.com/SpiderLabs/Nmap-Tools.git cd Nmap-Tools/NSE/ cp http-screenshot.nse /usr/local/share/nmap/scripts/ nmap --script-updatedb
  • 65. A little tip… Then, do your shodan search and use: This automatically exports a list of ips u can import into nmap
  • 67. A little tip… And nmap, will automatically take screen shots of the first pages that appear and store them, then u just need to look at those!
  • 69. SCARY SHIT! DEFACE 1 SCARY? NO!
  • 70. SCARY SHIT! DEFACE 2 SCARY? Well… disturbing, scary? Not so much!
  • 74. Shodan – the bad part • Imports nmap scans from their servers, so its not always 100% updated! Confirmed this by correlating some of the shodan results with our personal results! • For example on mysql servers, Shodan would find 785, where our results showed 3000+
  • 75. Shodan – the good part • Good querying system • If port scanning is illegal in your country, you’re out of trouble if u use shodan, because ur just querying data acquired by them.
  • 76. Kudos GF Aaron @f1nux Luis Grangeia
  • 77. Resources http://secanalysis.com/interesting-shodan-searches/ blog.spiderlabs.com/2012/06/using-nmap-to-screenshot-web- services.html http://www.youtube.com/watch?v=LPgZU7ZNIjQ - Defcon 18 2010 SHODAN for Penetration Testers Michael Schearer
  • 78. 50% discount for students and AP2SI peeps

Editor's Notes

  1. http://www.youtube.com/watch?v=WUhOnX8qt3I
  2. http://www.shodanhq.com/?q=Xerver (REF: http://www.exploit-db.com/exploits/9718)http://www.shodanhq.com/?q=Golden+FTP+Server (REF: http://www.exploit-db.com/exploits/10258)
  3. https://community.rapid7.com/community/metasploit/blog/2012/06/11/scanning-for-vulnerable-f5-bigips-with-metasploithttps://community.rapid7.com/community/metasploit/blog/2012/06/25/press-f5-for-root-shell
  4. SAP applications, provide the capability to manage financial, asset, and cost accounting, production operations and materials, personnel, plants, and archived documents.
  5. SNMP
  6. Source:http://opasylum.net/WikiTreason/pentest/scanners/snmp/snmpenum/windows.txt
  7. Source:http://opasylum.net/WikiTreason/pentest/scanners/snmp/snmpenum/windows.txt
  8. Source:http://opasylum.net/WikiTreason/pentest/scanners/snmp/snmpenum/windows.txt
  9. SNMP
  10. SNMP
  11. SNMP
  12. SNMP
  13. SNMP
  14. UPNP
  15. UPNP
  16. Explain FIREWALL THINGIE
  17. UPNP
  18. UPNP
  19. UPNP
  20. UPNP
  21. UPNP
  22. UPNP
  23. Source:http://blog.spiderlabs.com/2012/06/using-nmap-to-screenshot-web-services.html
  24. Source:http://blog.spiderlabs.com/2012/06/using-nmap-to-screenshot-web-services.html
  25. Source:http://blog.spiderlabs.com/2012/06/using-nmap-to-screenshot-web-services.html
  26. Source:http://blog.spiderlabs.com/2012/06/using-nmap-to-screenshot-web-services.html
  27. SNMP
  28. SNMP
  29. SNMP
  30. SNMP
  31. SNMP
  32. SNMP
  33. SNMP