Cyber Security Fundamentals (M) & (H): Ethical Hacking\Penetration Testing I & II
Glasgow, 21st February 2022.
, School of Computing Science, University of Glasgow, Scotland. http://www.mariaevangelopoulou.com/
Copyright By PowCoder代写 加微信 powcoder
Structure of Lectures
Sections that will be covered:
Cyber Security Basic background, Look into networking,
Cyber Attacks and defence,
Web applications’ vulnerabilities, Trending in Cyber,
Penetration testing & Digital Forensics. Guest lectures to be confirmed.
CSF 2022 Ethical Hacking I & II
Lecturer’s instructions
When you see the red sign in a slide it means that you must not use anything described in the specific slide without the necessary authorisation. The lecturer of this course will not be responsible for any misuse.
When you see the green sign in a slide it means that you can use anything described in the specific slide on your own.
CSF 2022 Ethical Hacking I & II
➢Some tools need special permissions in order to run them in a secure manner without violating any laws!!! Because of this we have created these signs to indicate to you which tools are ok to be used and which are not!
➢ One of the most important slides as if you don’t follow this rule it can have serious impact on you, so please don’t use anything under the banner of the red (first) sign.
Good or Bad?
Penetration Tester
CSF 2022 Ethical Hacking I & II
Ethical Hacker
➢ To be a hacker and an ethical hacker it has a completely different meaning. Hackers might act in a positive (activists) or negative way (purpose of extortion). However hackers are criminals as they act with no permission/authorisation.
➢ On the other hand, Ethical hackers use the same techniques but act legally as they have obtained authorisation first and therefore they are not breaking any law. Be aware that authorisation will be given as a signed written document (contract) and will contain information and specific details on what exactly is legal to do; it will contain limitations too. For example someone might be allowed to scan IPs of a company but not in all their infrastructure.
➢ Be aware that precautions must be taken in order to ensure no damage or disruption will be caused upon testing. If there is any kind of damage, then it will have an impact on you as a penetration tester. Grey Hats are also hackers, but they claim to do something for the overall good! So there is not a hidden or bad agenda.
Passive testing like vulnerability scanning.
In this way you simple try to identify potential security issues by scanning your system.
Active testing like penetration testing.
Scope is to identify exploits in order to make the system more secure (actual vulnerabilities).
Passive Vs Active Testing
CSF 2022 Ethical Hacking I & II
➢ Passive testing is one of the slight testing strategies that can avoid detection. For example, sniffing the traffic for information is a passive technique that can reveal what information can be gained if someone has gained unauthorised access.
➢ Active testing is a bit more aggressive kind of testing and can be identified easily if the correct configuration has been put into place. For example an in depth scanning tool as nmap or OpenVas has a bit more active role (will discuss later in slides).
Types of Pen Testing
CSF 2022 Ethical Hacking I & II
➢ The white box testing is a thorough testing of the system that the target is aware of and though, no covering tracks step is needed. Not realistic as the black box testing and is not testing the incident response procedures of the company under investigation.
➢ Black box pen testing is a “stealth mode” testing. The attacker concentrates in identifying one vulnerability that can give him\her access to the system first. Usually only the CISO of the company knows that the test is taking place. It normally takes a lot more time than the white box testing; 20-30 days. The white box, as you will have the necessary access to perform any pen test action, usually takes a couple of weeks; depending always on the infrastructure in question.
The steps of Ethical Hacking
CSF 2022 Ethical Hacking I & II
➢ These are the five main steps of Pen Testing\Ethical Hacking. We will explain every single one in more detail and we will see demos of relevant tools for all the steps.
➢ Note that some tools can be used in more than one steps and some steps can be repeated; it all depends on the complexity of the task ahead.
Step 1 – Reconnaissance
Gathering information!
Social Engineering + Online Tools!!!
CSF 2022 Ethical Hacking I & II
@wired.com
➢ decided to switch careers when he realized the potentials of his skills. He became news when he hacked into Yahoo!, Microsoft, Google, and The New York Times in 2003. He was a guy who would hack into top-notch accounts sitting in the spacious and comforting cafeterias, libraries, internet cafes. He was the man who turned Wikileaks suspect over to FBI. While Manning was arrested for leaking several hundred sensitive US government documents, Lamo went hiding or should maybe, undercover?
➢ One of the most important steps is the recon. Lots of people don’t think it is important but it is the basic step that an attacker will use to design an attack. You can use something called Social Engineering; you have seen in movies people dressed as cleaners, workers etc. to infiltrate a company. Phone calls that ask you for details that you should not give to anyone like your social security number etc. However, with the extensive use of Internet most of the needed information for the recon stage can be found online.
What information can be found?
• Public IPs
• Operating System
• Connection with other companies
• Mailing list of the company
• DNS (Domain Name Service) Records
• Social Engineering Tool • WhoIs tools
• Google Hacking
CSF 2022 Ethical Hacking I & II
Social Engineering Tool
www.threatcrowd.org
http://scanme.nmap.org 45.33.32.156
CSF 2022 Ethical Hacking I & II @alienvault
Search Tool 1/3 vol.1
http://www.ipvoid.com/
CSF 2022 Ethical Hacking I & II
http://scanme.nmap.org 45.33.32.156
@ipvoid.com
Search Tool 1/3 vol.2
This online Gzip test tool allows you to check if Gzip compression is enabled on your website. Quickly test if your server is using Gzip compression (i.e Content-Encoding: gzip) to improve page load speed. This tool is the easiest way to check if Gzip compression is enabled on your website. This online link extractor tool lets you extract valid HREF links from a web page. Just enter the URL in the form below and our service will extract all links (href, img, script, etc) from the submitted web page. Useful to find all link present on a web page. Doesn’t support following redirect. Use this htpasswd generator to create valid passwords for .htpasswd files. Enter the password on the form below and this service will generate the encrypted password that you can use with your .htpasswd file. The text submitted here is NEVER saved or cached in our servers.
Search Tool 2/3
http://www.netcraft.com/
CSF 2022 Ethical Hacking I & II @netcraft.com
http://scanme.nmap.org 45.33.32.156
Search Tool 3/3
CentralOps.net
CSF 2022 Ethical Hacking I & II @centralops.net
http://scanme.nmap.org 45.33.32.156
Command Line Approach
http://scanme.nmap.org 45.33.32.156
CSF 2022 Ethical Hacking I & II
https://www.httrack.com/
Website content
CSF 2022 Ethical Hacking I & II @httrack.com
Step 2 – Scanning
Gathering even more information!
Network Scanning + Port Scanning + Vulnerability Scanning!!!
CSF 2022 Ethical Hacking I & II
@twitter.com
www.angryip.org
http://scanme.nmap.org 45.33.32.156
CSF 2022 Ethical Hacking I & II @angryip.org
www.advanced-ip-scanner.com
Advanced Port scanner
http://scanme.nmap.org 45.33.32.156
CSF 2022 Ethical Hacking I & II
@advanced-ipscanner.com
www.nmap.org
http://scanme.nmap.org 45.33.32.156
CSF 2022 Ethical Hacking I & II @nmap.org
www.openvas.org
http://scanme.nmap.org 45.33.32.156
CSF 2022 Ethical Hacking I & II @openvas.org
Basic terms on the world of Ethical Hacking.
What are the five stages?
Why recon is important and what information is available
What are the different scanning techniques? What tools can someone use?
CSF 2022 Ethical Hacking I & II
Please take a note of any questions for the live session!
程序代写 CS代考 加微信: powcoder QQ: 1823890830 Email: powcoder@163.com