1 / 28

Automatic Penetration Testing and Security Services

Automatic Penetration Testing and Security Services. Beenu Arora 0361483104 www.BeenuArora.com. Presentation Overview. Introduction Cyber Attacks : 1 case study Need for such tool Information about Project. INTRODUCTION.

meira
Télécharger la présentation

Automatic Penetration Testing and Security Services

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Automatic Penetration Testing and Security Services Beenu Arora 0361483104 www.BeenuArora.com

  2. Presentation Overview • Introduction • Cyber Attacks : 1 case study • Need for such tool • Information about Project

  3. INTRODUCTION • Computer related incidents increased at a tremendous rate by the end of the 1990's, and into the 2000's. Many of the computer incidents exploited confidential information being stored by companies in a variety of different industries. The ability to carry out threats against information systems has been made easier due to the sharp increase in system vulnerabilities. • Unauthorized Access to confidential information was also the result of weak or non-existent information security practices. Not identifying and mitigating risks is a leading cause of unauthorized access and the exploitation of vulnerabilities. While there are a number of different internal and external threats to information, not all information systems are at risk because of their design, or the information that they maintain. The number of vulnerabilities can impact the associated risk of a threat.

  4. Why we need penetration testing ?

  5. Penetration Tests Process Footprinting Scanning Automatic Penetration Testing Exploiting Report Generation

  6. Earlier Version of APT Drawbacks • Limited Number of task ( No Footprinting and No in depth scanning) • Platform Dependent ( Microsoft Based OS) • The application was not stable since the platform is itself not very stable ( VB 6.0) • The process was not completely automatic as user had to configure

  7. Authentication Since the password can be easily cracked , then what’s the point of keeping It . The next slide explain this. So there was a need to make a strong algorithm From some existing one.

  8. The authentication algorithm was too weak Note: The key was cracked using IDA Pro. application

  9. Some Slides of Old Version. Note: A glimpse of APT v1.0

  10. What New version include? • A complete cycle of the penetration testing including the missing links of earlier APT. • Platform independent environment ( IDE Python). • Intensive scanning for the web application including CMS’s like Joomla , Mambo, Xoops, Php-Nuke. • Password cracking algorithms of MD5 , SHA1, Base64, Shadows. • A dummy honey pot. • An Enhanced Encryption Algorithm to avoid the application crack.

  11. Solution Implement an encryption system developed from existing system. Traditional Process in various web applications Plaintext ================================= MD5 Hash (User Enters Password) MD5 Algorithm (128 bit hash) Enhanced Encryption System (User enter Password) (H1) (H2) (H3) (H4) (H-N) Plaintext=====Hash====Hash====Hash====Hash---process continues MD5 MD5 MD5 MD5 n-times where n is length of password Hence n becomes the private key of the user and at the database H-N is stored

  12. IP Auditing • Foot printing module has been developed with features: • Who is lookup. • IP location • Scripting Language used.

  13. Scanning: IP Auditing • Web Server Detection and Version • Port Scanning • Anonymous ftp login checker

  14. Exploiting:IP Audit. • Fetching Robots.txt • Website Title • Website Description • Website Keywords • Website crawler

  15. Continued: Exploiting: IP Auditing • Generation of crawled links on a text files • Link scans each page for XSS, SQL Injection, LFI, RFI, RCE

  16. Link Scan Continued: Exploiting: IP Auditing

  17. Exploitation based on the web server detected ( Application based attack) : IP Auditing • The included ones yet are: • GlobalFTP 3.0 Secure Server Exploit • Microsoft Windows NAT Helper Components (ipnathlp.dll) 0day Remote DoS Exploit • MiniWebSvr 0.0.9a Directory Transversal Vulnerability • WFTPD Pro Server 3.23.1.1 Buffer Overflow • TFTP Server for Windows V1.4 ST (0day)

  18. Exploiting :Continued: IP Auditing • Checking for sensitive directories

  19. CMS based attacks: Exploitation: IP Auditing • Joomla, Mambo, Xoops, Php-Nuke • Detection

  20. Exploiting CMS based Websites : IP Auditing

  21. SECURITY SERVICES • Honeypot

  22. Hash Generator: Security Services • The script is capable of creating the hashes of string and the supported algorithms are MD5, Sha256, sha384, sha512. May be in few days would also include the algorithm to encrypt the string using base64.

  23. Crack the C0de: Security Services

  24. Knock the D00r: Security Services • The dictionary attack has been implemented for FTP, POP3, Telnet, and MySQL.

  25. Conclusion • It is the role of Information Security to provide the basic requirements to successfully integrate security into Information Technology in a manner that properly addresses real threats. It is the goal of Information Security to ensure the confidentiality, integrity, and availability of information. Implementing weak Information Security controls can result in the loss of trust, reputation, and money .Implementing weak Information Security controls can result in the loss of trust, reputation, and money for consumers, businesses, and governments. The sharp increase in the number of fraud, extortion, and identity theft crimes is a primary result of weak Information Security controls. The cost of implementing basic controls to protect information is generally much less expensive than a security breach. Cyber criminals are becoming more sophisticated and are making use of state-of-threat tools to steal high-value data for profit. Many existing security solutions are not being used effectively enough to thwart dedicated attackers. However, many enterprises have a dilemma. They need to be securing, which requires considerable resources, but some enterprises must meet mandatory regulatory requirements or pass the scrutiny of an audit. If enterprises do just enough to pass an audit, they may be dealing with a requirement, but they will not be providing the necessary level of protection. The real goal of security must be to protect enterprises from any serious breach, which inevitably will result in severe negative consequences for their business, clients, and executive management.

  26. Future Work • An Intrusion Detection System. • Vulnerability scanning of many sites in one go. • Cgi scanner. • A complete set for variants for more vigorous testing. • Convert it into GUI version. • Dictionary attacks for attacking the login forms. • A sniffer for the network monitoring. • A packet crafter.

  27. References • Python Programmers • Milw0rm: www.milw0rm.com • Wikipedia: www.wikipedia.com • Whatis.com: www.whatis.com • Security Focus: www.securityfocus.com

  28. Thank You Beenu Arora (CEH, MCSE, Darkcoder) beenu@beenuarora.com

More Related