MIS 5212.001 Week 4 Site:
-
Upload
marco-crist -
Category
Documents
-
view
213 -
download
0
Transcript of MIS 5212.001 Week 4 Site:
INTRO TO ETHICAL HACKING
MIS 5212.001Week 4
Site: http://community.mis.temple.edu/mis5212sec001s15/
MIS 5212.001 2
Tonight's Plan
Introduction In the news Live Demonstration of Exploits Live Demonstration of SET Building Modules in Metasploit Creating Exploits Porting Exploits Scripting Simulating Penetration Testing Next Week
MIS 5212.001 3
In The News
Submitted http://
www.csoonline.com/article/2877230/browser-security/the-end-for-1024bit-ssl-certificates-is-near-mozilla-kills-a-few-more.html
http://www.infosecurity-magazine.com/news/china-tech-companies-source-code/
http://blog.trendmicro.com/trendlabs-security-intelligence/trend-micro-discovers-new-adobe-flash-zero-day-exploit-used-in-malvertisements/
http://www.huffingtonpost.com/kyle-mccarthy/five-colleges-with-data-b_b_6474800.html
MIS 5212.001 4
In The News
Submitted http://
www.darkreading.com/attacks-breaches/security-budgets-going-up-thanks-to-mega-breaches/d/d-id/1318714
http://www.nextgov.com/big-data/2015/02/apple-building-solar-powered-data-command-center/104400/?oref=ng-HPriver
http://www.darkreading.com/browsers-are-the-window-to-enterprise-infection/d/d-id/1318906
MIS 5212.001 5
In The News
What I noted http://www.dailydot.com/politics/jeremy-hamm
ond-terrorist-watchlist-fbi/
http://www.theregister.co.uk/2015/02/02/google_amazon_taboola_microsoft_adplock_plus_unblock/
http://www.theregister.co.uk/2015/02/02/its_time_to_flush_flash_if_you_havent_already_enough_is_enough/
http://www.theregister.co.uk/2015/02/02/dns_hijack_d_link/
http://www.theregister.co.uk/2015/02/03/target_carders_on_parking_lot_driveby_blitz/
MIS 5212.001 6
Live Demos
Feedback from students last week indicated a preference to go through last weeks exploits live in class
We will run through nmap of Metasploitable, the exploits from last week, and the Social Engineering Toolkit on my laptop
MIS 5212.001 7
A Few Words on Programming
Metasploit is primarily written in Ruby The book “Metasploit” also uses a lot of
PowerShell in it’s examples We are not going to try and make you
either Ruby or PowerShell developers here tonight
Rather, we will look at some of the basic structure and steps you might go through to modify modules for you own purposes.
MIS 5212.001 8
Module Structure
Recall from Week 2, the Tomcat Exploit
MIS 5212.001 9
Demo Time
Explore Modules
MIS 5212.001 10
First Look at a Ruby Module
Here is what the start of this module looks like:
MIS 5212.001 11
Items to Note
The previous page has some interesting lines to consider
“require ‘msf/core’” Module will include all functionality from
Metasploit’s core libraries “class Metasploit3 , Msf::Exploit::Remote
Defines this as an “Exploit” module “include Msf::Exploit::Remote::HttpClient”
Pulls in the HttpClient module that includes functionality to handle http traffic
MIS 5212.001 12
Basic Idea
Grab a module close to what you want to do
Tweak it to get the functionality you need This may involve sharpening your coding
skills first
MIS 5212.001 13
Additional Skills
Depending on the Exploit, you may need to know: MSSQL Oracle PowerShell Bash Etc…
MIS 5212.001 14
Side Note on Penetration Testers
Modifying the tools is one of the distinguishing skills in top flight Consultants
Lots of people can run nmap, Nessus, and Metasploit, but to distinguish yourself in the field, this needs to be your jumping off point.
Please Note: I’m not saying I am any good at this, there’s a reason I’m teaching the course instead of consulting ;-)
MIS 5212.001 15
Scripting
For Metasploit, scripting is basically modules for meterpreter
Same concept as earlier, but specific to meterpreter sessions
This is also a point where the book contains older information Scripts are no longer being accepted for
Metasploit Script functionality is being ported to modules.
MIS 5212.001 16
Final Thoughts on Metasploit
Metasploit is constantly evolving To stay on top you may want to follow on
twitter: HD Moore @hdmoore Metasploit Project @metasploit Andréz LAMOUROUX @DarkOperator
Check in on Rapid7 and DarkOperator https://community.rapid7.com/welcome http://www.darkoperator.com/
MIS 5212.001 17
Example From This Week
https://community.rapid7.com/community/metasploit/blog/2015/01/30/weekly-metasploit-wrapup
MIS 5212.001 18
Competitors
http://www.coresecurity.com/core-impact-pro
MIS 5212.001 19
Competitors
http://immunitysec.com/products/canvas/
MIS 5212.001 20
Something to keep in mind
We spent almost all of our time in the open source Metasploit Framework due to licensing
Metasploit Pro looks just as good and works just as well as the commercial products just mentioned
MIS 5212.001 21
Next Week
1st Exam Covering Metasploit In the news Introduction to WebGoat
MIS 5212.001 22
Questions
?