html5-img
1 / 23

Commercial Attack Tools

Commercial Attack Tools. Team BAM! Scott Amack, Everett Bloch, Maxine Major. Overview. Why Commercial? Uses Good Evil Tool Comparisons Demo Considerations. Why Commercial?. (When freeware is just as good) Additional functionality for professional environments Advanced reporting

malia
Download Presentation

Commercial Attack Tools

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Commercial Attack Tools Team BAM!Scott Amack, Everett Bloch, Maxine Major

  2. Overview • Why Commercial? • Uses • Good • Evil • Tool Comparisons • Demo • Considerations

  3. Why Commercial? (When freeware is just as good) • Additional functionality for professional environments • Advanced reporting • Audit logs • All-in-one suites • Professionally maintained & supported

  4. Why Commercial? • More immediate protection • Exploits (and vulnerability awareness) made available before freeware “black-hat hackers typically rely on other tool kits that are less focused on research and more focused on swift, illegal break-ins.“ (Canberra Times)

  5. Who Uses These Tools? • Aerospace industry • Universities / Education • E-commerce • Energy & Utilities • Financial Services • Healthcare • Manufacturing • Security Consulting • … and several unnamed “major federal U.S. agencies”

  6. Commercial Hacking • Commercial not always Ethical • Not all entities willing to pay large amounts of money for these tools want to use them ethically. • Many foreign governments buy & use these tools unethically on their people and other countries. • Not all hacking tools are “good” • Marketed as “lawful intercept tools” • Can violate human rights • "Corporate Enemies of the Internet” – identified by Reporters Without Borders

  7. Five Corporate Enemies of the Internet 2013 • Gamma Group (U.K.) • trovicor(Germany) • HackingTeam(Italy) • Amesys(France) • Blue Coat Systems (U.S.)

  8. Five Corporate Enemies of the Internet 2013 • Company: Gamma (UK)Product: FinFisher (FinSpy) • Commercial surveillance software suite • Used to target Bahraini activists (May 2012) • During the fall of Egypt’s Pres. Murbarak, dissidents found FinFisher marketed to Egypt’s secret police (July 2002) • Discovered iTunes Flaw that allowed third parties to use iTunes update to install unauthorized programs. Discovered in 2008. not patched until Nov 2011.

  9. Five Corporate Enemies of the Internet 2013 • Company: trovicor (Germany)Product: trovicor Monitoring Center • Communication interception: “collect, retain, analyse and distribute voice and data communication as well as historical data.” (trovicor) • Enabled Bahrain’s royal family to spy on news providers and arrest them. • Work with Iran

  10. Five Corporate Enemies of the Internet 2013 • Company: HackerTeam (Italy)Product: Da Vinci • “For Governmental LEAs and Agencies ONLY.”

  11. Five Corporate Enemies of the Internet 2013 • Company: Blue Coat (California)Product: PacketShaper. • Filtering and censorship devices for countries such as Syria and Burma. • “Deep Packet Inspection (DPI) products developed by Blue Coat made it possible for the regime to spy on dissidents and netizens throughout the country, and to arrest and torture them.”

  12. Five Corporate Enemies of the Internet 2013 • Company: Amesys (France)Product: EAGLE System • EAGLE spyware sold to Libya while Muammar Gaddafi was in power • “mass surveillance system used to spy on dissidents, journalists, activists, and political opponents.” • “ do not have responsibility for how their tools are used once sold” • Accused of selling to Morocco and Qatar • EAGLE System sold to Nexa Technologies (2013)

  13. A Comparison Core Impact vs. Immunity Canvas “… penetration-testing frameworks that provide discovery tools, exploit code for remote and local vulnerabilities, remote agents, and other handy-dandy gadgets for exploring and exploiting a network.”

  14. A Comparison Core Impact • $25,000/year per seat • Created around 1997 • About 1650 Commercial-Grade exploits created in-house • User is denied the ability to create or import external exploits • Usable by almost anyone with basic computer knowledge Immunity Canvas • $3,101/year for a 10-seat license • Created around 2002 • Over 490 exploits, about 4 added every month • Ability for user to create custom exploits • Intended for people with a good understanding of computers and exploits

  15. A Comparison Core Impact • Intuitive and very easy to use GUI interface, “point and shoot” functionality • Requires little to no networking/programming knowledge • Each attack has a setup (Wizard) that walks through the entire process of setting up and exploiting a system, local or on a network • Offers no Command Line Interface

  16. A Comparison Immunity Canvas • Simple yet robust GUI for initiating attacks on targets • Simple three panel display makes for easy navigation and informative results • Offers a Command Line Interface in addition to the GUI

  17. A Comparison Core Impact • Won Secure Enterprise’s Tester’s Choice award for best penetration testing framework due to its flexibility and ease of use Immunity Canvas • Free tutorial videos and documentation available on immunity web page

  18. Commercial Metasploit • Advantages of Pro: • “Smart” exploitation • Password auditing • Penetration test reporting • Team workflow automation • Social engineering • Web app scanning • Web interface • Network discovery

  19. Commercial Metasploit • Pricing • $5000 initial purchaseper year, per seat • Renewal rates depend on licensing agreement with Rapid7

  20. Commercial Metasploit DEMONSTRATION Windows 7 Windows XP SP2 Ubuntu 8.04 (image provided by Metasploit)

  21. Conclusions • Commercial != Ethical • Cost of commercial tools is prohibitively expensive for individuals. • Commercial software is highly beneficial for professional pen. testing organizations.

  22. In Summary • Why Commercial? • Commercial Tools & Ethics • “Five corporate enemies of the internet” • Comparison of Tools • Core Impact vs. Immunity Canvas • Demonstration • Metasploit Pro • Conclusions

  23. References • http://www.softpedia.com/get/Network-Tools/Network-IP-Scanner/LANguard-Network-Security-Scanner.shtml • http://www.canberratimes.com.au/it-pro/security-it/free-hacking-tool-kits-fuel-cyber-arms-race-20121114-29bvb.html • https://citizenlab.org/2012/07/from-bahrain-with-love-finfishers-spy-kit-exposed/ • http://en.wikipedia.org/wiki/FinFisher • http://www.cso.com.au/article/431882/_crisis_os_x_trojan_made_by_lawful_intercept_vendor_hackingteam/ • http://www.rapid7.com • http://www.coresecurity.com/core-impact-pro • http://immunitysec.com/products-canvas.shtml • http://www.coresecurity.com/content/review-penetration-testing-software

More Related