White Hat Hacking

Kali Linux. • Debian-derived Linux distribution designed for digital forensics and penetration testing. • Pre-installed with >600 penetration-testing ...

89 downloads 860 Views 483KB Size
Introduction to Penetration Testing Dr. Patrick McDaniel Meghan Riegel Fall 2015

What is Penetration Testing? • Attacking a system to find security vulnerabilities in order to fix them

before a malicious party attacks the system • Legal if you get permission, but be careful to not break the law! • Tons of online penetration testing sandboxes, vulnerable distributions, and vulnerable sites available online: ‣ Hack This Site! ‣ Hack.me ‣ Metasploitable ‣ OverTheWire.org ‣ Captf.com Page

I don’t want to do IT… why is this important? • In order to be able to develop new security software or do

new security research, you need to understand how systems are vulnerable to attacks • Attackers are using these attacks on your computer, your university’s servers, your bank’s servers, your cloud storage servers, your email service’s servers… everything. • Hacking is fun!

Page

Kali Linux • Debian-derived Linux distribution designed for digital

forensics and penetration testing • Pre-installed with >600 penetration-testing programs ‣ Nmap ‣ Wireshark ‣ Burp ‣ Jack the Ripper ‣ Metasploit Page

Metasploit • Framework designed for developing, exploiting, and

assisting in attacks (over 900 exploits available) • Built with research in mind • Written in Ruby

Page

SQL Injection • A type of web app security vulnerability in which an

attacker is able ot submit a database SQL command that is executed by a web application, exposing the back-end database. • Tools to use: SQLMap, SQLNinja • Tutorial

Page

Cross-Site Scripting (XSS) • Enables attackers to inject client-side script into web • • • •



pages Used to bypass access controls Account for roughly 84% of all vulnerabilities Tool: BeEF Exploitation Framework Cheat Sheet: https://www.owasp.org/index.php/XSS_Filter_Evasion_C heat_Sheet https://xss-game.appspot.com/ Page

Password Cracking • Configurations comprised of 3 parts:

‣ Wordlists: contain password lists in plaintext • Can be downloaded off the internet ‣ Rules: modifications to the wordlist ‣ Hash Algorithm: used to generate the password

hash • Examples: MD5, SHA1

• Tools: Jack the Ripper, OCLHashCat Page

Lab • We will utilize the tools learned in this hands-on lecture to

learn some hacking! We will play some Capture The Flag. • Hack.lu

Page