1 / 39

OpenVAS Vulnerability Test

OpenVAS Vulnerability Test. Team Members: Yingchao Zhu; Chen Qian; Xingyu Wu; XuZhuo Zhang; Igibek Koishybayev;. EC521: Cybersecurity OpenVAS. Agenda. What we have done? How OpenVAS work? Mailbox Browser Web application with XSS vulnerabilities What to do next….

abel-black
Download Presentation

OpenVAS Vulnerability Test

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. OpenVASVulnerabilityTest Team Members: Yingchao Zhu; Chen Qian; Xingyu Wu; XuZhuo Zhang; Igibek Koishybayev; • EC521: Cybersecurity OpenVAS

  2. Agenda • What we have done? • How OpenVAS work? • Mailbox • Browser • Web application with XSS vulnerabilities • What to do next… • EC521: Cybersecurity OpenVAS

  3. What we have done? • We were divided into 4 parts and each in charge of web server, web application, mailbox, and web browser. • learning the basic protocols that running on the contemporary Internet(basic knowledge charging) • Research (a lot of reading): • OpenVAS – documentation • How to setup and run the OpenVAS • Understanding the vulnerability of Mailbox • Coding • Web Application • Writing scripts • EC521: Cybersecurity OpenVAS

  4. What we have done? • Build up the working environment • Kali linux OS(set up on virtual machine) • install openVAS in Kali linux • Find and study(then maybe audit) open source files to set up our targets(i.e. mailbox etc.) • Use openVAS to give initial test scan to these targets • Then figure out how we can utilize these vulnerability

  5. DEMO - OpenVAS • EC521: Cybersecurity OpenVAS

  6. OpenVAS • Source Packages Installation • NVT sync, Add admin/user • GSA: https://localhost:9392/

  7. EC521: Cybersecurity OpenVAS

  8. EC521: Cybersecurity OpenVAS

  9. EC521: Cybersecurity OpenVAS

  10. EC521: Cybersecurity OpenVAS

  11. EC521: Cybersecurity OpenVAS

  12. EC521: Cybersecurity OpenVAS

  13. Target–Xampp/DVWA • EC521: Cybersecurity OpenVAS

  14. xampp XAMPP's name is an acronym for: • X (to be read as "cross", meaning cross-platform) • Apache HTTP Server • MySQL • PHP • Perl • EC521: Cybersecurity OpenVAS

  15. DVWA • Damn Vulnerable Web App (DVWA) is a PHP/MySQL web application that is damn vulnerable. Its main goals are to be an aid for security professionals to test their skills and tools in a legal environment, help web developers better understand the processes of securing web applications and aid teachers/students to teach/learn web application security in a class room environment. • EC521: Cybersecurity OpenVAS

  16. EC521: Cybersecurity OpenVAS

  17. EC521: Cybersecurity OpenVAS

  18. EC521: Cybersecurity OpenVAS

  19. EC521: Cybersecurity OpenVAS

  20. Webmail Vulnerability • EC521: Cybersecurity OpenVAS

  21. Webmail vulnerability Mail Server Set-Up Environment (Local) • OS : CentOS-6.5 • SMTP : Postfix-2.6 + Sasl • IMAP/POP3 : Dovecot-2.0 • Web : Apache-2.2 • Webmail : Openwebmail-2.30 (perl)/ Squirrelmail-1.4.22 (php) • EC521: Cybersecurity OpenVAS

  22. Webmail vulnerability Postfix • Configure : main.cf • Enable Sasl : smtpd_sasl_auth_enable = yes Dovecot • Protocol = pop3(port: 110) imap(port: 143) • Netstat –tulpn | grep dovecot • EC521: Cybersecurity OpenVAS

  23. Webmail vulnerability Openwebmail • http://www.openwebmail.org/ • Online Demo  http://openwebmail.amcpl.net/ • Install openwebmail-2.30.tar.gz • EC521: Cybersecurity OpenVAS

  24. OpenwebmailVulnerbilities • EC521: Cybersecurity OpenVAS

  25. Openwebmail Ver. 2.30 • EC521: Cybersecurity OpenVAS

  26. Webmail vulnerability Apache • Httpdconfig : /etc/httpd/conf/httpd.conf set directory • Serv. restart : /etc/init.d/httpd restart • localhost/cgi-bin/openwebmail/openwebmail.pl • EC521: Cybersecurity OpenVAS

  27. EC521: Cybersecurity OpenVAS

  28. EC521: Cybersecurity OpenVAS

  29. EC521: Cybersecurity OpenVAS

  30. First Try • EC521: Cybersecurity OpenVAS

  31. Webmail vulnerability Next… • Keep digging vulnerabilities (Maybe elder ver.) • Patches & Penetration (Burpsuite) • Localhost =>LAN • EC521: Cybersecurity OpenVAS

  32. Web Application (Blackboard) • EC521: Cybersecurity OpenVAS

  33. DEMO: Web Application (Blackboard) Description: Blackboard is the web application used by students to post their homework solutions, which vulnerable to XSS and CSRF attack. • EC521: Cybersecurity OpenVAS

  34. DEMO: Web Application (Blackboard) Story on behalf: You (hacker) don’t know solution to the homework and want to steal the solutions from others. Also you want to steal final exam questions from teacher in a such way that no one will find out that it was you. (i.e. like a ninja) • EC521: Cybersecurity OpenVAS

  35. DEMO: Web Application (Blackboard) Mission: • Steal the solutions from “nerd”; • Make “badguy” to steal final exam q/a for you; • Be the smartest guy (ninja, hacker) in the class; • EC521: Cybersecurity OpenVAS

  36. DEMO: Web Application (Blackboard) Wait a minute…where is OpenVAS??? We will make security assessment on our web application using OpenVAS. (in near future) • EC521: Cybersecurity OpenVAS

  37. What to do next… • Write plugins • OpenVAS • Integrate everything • ModifythephpcodeinDVWA, dotheopenvasscanagain,comparethereport • Local => LAN; Penetration (Burpsuite) and Patches • EC521: Cybersecurity OpenVAS

  38. Questions? • EC521: Cybersecurity OpenVAS

More Related