Automatic penetration testing and security services
This presentation is the property of its rightful owner.
Sponsored Links
1 / 28

Automatic Penetration Testing and Security Services PowerPoint PPT Presentation


  • 70 Views
  • Uploaded on
  • Presentation posted in: General

Automatic Penetration Testing and Security Services. Beenu Arora 0361483104 www.BeenuArora.com. Presentation Overview. Introduction Cyber Attacks : 1 case study Need for such tool Information about Project. INTRODUCTION.

Download Presentation

Automatic Penetration Testing and Security Services

An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -

Presentation Transcript


Automatic penetration testing and security services

Automatic Penetration Testing and Security Services

Beenu Arora

0361483104

www.BeenuArora.com


Presentation overview

Presentation Overview

  • Introduction

  • Cyber Attacks : 1 case study

  • Need for such tool

  • Information about Project


Introduction

INTRODUCTION

  • Computer related incidents increased at a tremendous rate by the end of the 1990's, and into the 2000's. Many of the computer incidents exploited confidential information being stored by companies in a variety of different industries. The ability to carry out threats against information systems has been made easier due to the sharp increase in system vulnerabilities.

  • Unauthorized Access to confidential information was also the result of weak or non-existent information security practices. Not identifying and mitigating risks is a leading cause of unauthorized access and the exploitation of vulnerabilities. While there are a number of different internal and external threats to information, not all information systems are at risk because of their design, or the information that they maintain. The number of vulnerabilities can impact the associated risk of a threat.


Why we need penetration testing

Why we need penetration testing ?


Penetration tests process

Penetration Tests Process

Footprinting

Scanning

Automatic Penetration Testing

Exploiting

Report Generation


Earlier version of apt drawbacks

Earlier Version of APT Drawbacks

  • Limited Number of task ( No Footprinting and No in depth scanning)

  • Platform Dependent ( Microsoft Based OS)

  • The application was not stable since the platform is itself not very stable ( VB 6.0)

  • The process was not completely automatic as user had to configure


Authentication

Authentication

Since the password can be easily cracked , then what’s the point of keeping

It . The next slide explain this. So there was a need to make a strong algorithm

From some existing one.


The authentication algorithm was too weak

The authentication algorithm was too weak

Note: The key was cracked using IDA Pro. application


Some slides of old version

Some Slides of Old Version.

Note: A glimpse of APT v1.0


What new version include

What New version include?

  • A complete cycle of the penetration testing including the missing links of earlier APT.

  • Platform independent environment ( IDE Python).

  • Intensive scanning for the web application including CMS’s like Joomla , Mambo, Xoops, Php-Nuke.

  • Password cracking algorithms of MD5 , SHA1, Base64, Shadows.

  • A dummy honey pot.

  • An Enhanced Encryption Algorithm to avoid the application crack.


Automatic penetration testing and security services

Solution

Implement an encryption system developed from existing system.

Traditional Process in various web applications

Plaintext ================================= MD5 Hash

(User Enters Password) MD5 Algorithm (128 bit hash)

Enhanced Encryption System

(User enter Password)

(H1) (H2) (H3) (H4) (H-N)

Plaintext=====Hash====Hash====Hash====Hash---process continues

MD5 MD5 MD5 MD5 n-times where n is

length of password

Hence n becomes the private key of the user and at the database H-N is stored


Ip auditing

IP Auditing

  • Foot printing module has been developed with features:

    • Who is lookup.

    • IP location

    • Scripting Language used.


Scanning ip auditing

Scanning: IP Auditing

  • Web Server Detection and Version

  • Port Scanning

  • Anonymous ftp login checker


Exploiting ip audit

Exploiting:IP Audit.

  • Fetching Robots.txt

  • Website Title

  • Website Description

  • Website Keywords

  • Website crawler


Continued exploiting ip auditing

Continued: Exploiting: IP Auditing

  • Generation of crawled links on a text files

  • Link scans each page for XSS, SQL Injection, LFI, RFI, RCE


Link scan continued exploiting ip auditing

Link Scan Continued: Exploiting: IP Auditing


Exploitation based on the web server detected application based attack ip auditing

Exploitation based on the web server detected ( Application based attack) : IP Auditing

  • The included ones yet are:

  • GlobalFTP 3.0 Secure Server Exploit

  • Microsoft Windows NAT Helper Components (ipnathlp.dll) 0day Remote DoS Exploit

  • MiniWebSvr 0.0.9a Directory Transversal Vulnerability

  • WFTPD Pro Server 3.23.1.1 Buffer Overflow

  • TFTP Server for Windows V1.4 ST (0day)


Exploiting continued ip auditing

Exploiting :Continued: IP Auditing

  • Checking for sensitive directories


Cms based attacks exploitation ip auditing

CMS based attacks: Exploitation: IP Auditing

  • Joomla, Mambo, Xoops, Php-Nuke

    • Detection


Exploiting cms based websites ip auditing

Exploiting CMS based Websites : IP Auditing


Security services

SECURITY SERVICES

  • Honeypot


Hash generator security services

Hash Generator: Security Services

  • The script is capable of creating the hashes of string and the supported algorithms are MD5, Sha256, sha384, sha512. May be in few days would also include the algorithm to encrypt the string using base64.


Crack the c0de security services

Crack the C0de: Security Services


Knock the d00r security services

Knock the D00r: Security Services

  • The dictionary attack has been implemented for FTP, POP3, Telnet, and MySQL.


Conclusion

Conclusion

  • It is the role of Information Security to provide the basic requirements to successfully integrate security into Information Technology in a manner that properly addresses real threats. It is the goal of Information Security to ensure the confidentiality, integrity, and availability of information. Implementing weak Information Security controls can result in the loss of trust, reputation, and money .Implementing weak Information Security controls can result in the loss of trust, reputation, and money for consumers, businesses, and governments. The sharp increase in the number of fraud, extortion, and identity theft crimes is a primary result of weak Information Security controls. The cost of implementing basic controls to protect information is generally much less expensive than a security breach. Cyber criminals are becoming more sophisticated and are making use of state-of-threat tools to steal high-value data for profit. Many existing security solutions are not being used effectively enough to thwart dedicated attackers. However, many enterprises have a dilemma. They need to be securing, which requires considerable resources, but some enterprises must meet mandatory regulatory requirements or pass the scrutiny of an audit. If enterprises do just enough to pass an audit, they may be dealing with a requirement, but they will not be providing the necessary level of protection. The real goal of security must be to protect enterprises from any serious breach, which inevitably will result in severe negative consequences for their business, clients, and executive management.


Future work

Future Work

  • An Intrusion Detection System.

  • Vulnerability scanning of many sites in one go.

  • Cgi scanner.

  • A complete set for variants for more vigorous testing.

  • Convert it into GUI version.

  • Dictionary attacks for attacking the login forms.

  • A sniffer for the network monitoring.

  • A packet crafter.


References

References

  • Python Programmers

  • Milw0rm: www.milw0rm.com

  • Wikipedia: www.wikipedia.com

  • Whatis.com: www.whatis.com

  • Security Focus: www.securityfocus.com


Automatic penetration testing and security services

Thank You

Beenu Arora

(CEH, MCSE, Darkcoder)

[email protected]


  • Login