Automatic Penetration Testing and Security Services

Please download to get full document.

View again

of 28
All materials on our website are shared by users. If you have any questions about copyright issues, please report us to resolve them. We are always happy to assist you.
Categories
Published
Automatic Penetration Testing and Security Services. Beenu Arora 0361483104 www.BeenuArora.com. Presentation Overview. Introduction Cyber Attacks : 1 case study Need for such tool Information about Project. INTRODUCTION.
Automatic Penetration Testing and Security ServicesBeenu Arora0361483104www.BeenuArora.comPresentation Overview
  • Introduction
  • Cyber Attacks : 1 case study
  • Need for such tool
  • Information about Project
  • INTRODUCTION
  • Computer related incidents increased at a tremendous rate by the end of the 1990's, and into the 2000's. Many of the computer incidents exploited confidential information being stored by companies in a variety of different industries. The ability to carry out threats against information systems has been made easier due to the sharp increase in system vulnerabilities.
  • Unauthorized Access to confidential information was also the result of weak or non-existent information security practices. Not identifying and mitigating risks is a leading cause of unauthorized access and the exploitation of vulnerabilities. While there are a number of different internal and external threats to information, not all information systems are at risk because of their design, or the information that they maintain. The number of vulnerabilities can impact the associated risk of a threat.
  • Why we need penetration testing ?Penetration Tests ProcessFootprintingScanningAutomatic Penetration TestingExploitingReport GenerationEarlier Version of APT Drawbacks
  • Limited Number of task ( No Footprinting and No in depth scanning)
  • Platform Dependent ( Microsoft Based OS)
  • The application was not stable since the platform is itself not very stable ( VB 6.0)
  • The process was not completely automatic as user had to configure
  • AuthenticationSince the password can be easily cracked , then what’s the point of keeping It . The next slide explain this. So there was a need to make a strong algorithmFrom some existing one.The authentication algorithm was too weak Note: The key was cracked using IDA Pro. applicationSome Slides of Old Version.Note: A glimpse of APT v1.0What New version include?
  • A complete cycle of the penetration testing including the missing links of earlier APT.
  • Platform independent environment ( IDE Python).
  • Intensive scanning for the web application including CMS’s like Joomla , Mambo, Xoops, Php-Nuke.
  • Password cracking algorithms of MD5 , SHA1, Base64, Shadows.
  • A dummy honey pot.
  • An Enhanced Encryption Algorithm to avoid the application crack.
  • SolutionImplement an encryption system developed from existing system.Traditional Process in various web applications Plaintext ================================= MD5 Hash (User Enters Password) MD5 Algorithm (128 bit hash)Enhanced Encryption System(User enter Password) (H1) (H2) (H3) (H4) (H-N) Plaintext=====Hash====Hash====Hash====Hash---process continues MD5 MD5 MD5 MD5 n-times where n is length of passwordHence n becomes the private key of the user and at the database H-N is storedIP Auditing
  • Foot printing module has been developed with features:
  • Who is lookup.
  • IP location
  • Scripting Language used.
  • Scanning: IP Auditing
  • Web Server Detection and Version
  • Port Scanning
  • Anonymous ftp login checker
  • Exploiting:IP Audit.
  • Fetching Robots.txt
  • Website Title
  • Website Description
  • Website Keywords
  • Website crawler
  • Continued: Exploiting: IP Auditing
  • Generation of crawled links on a text files
  • Link scans each page for XSS, SQL Injection, LFI, RFI, RCE
  • Link Scan Continued: Exploiting: IP AuditingExploitation based on the web server detected ( Application based attack) : IP Auditing
  • The included ones yet are:
  • GlobalFTP 3.0 Secure Server Exploit
  • Microsoft Windows NAT Helper Components (ipnathlp.dll) 0day Remote DoS Exploit
  • MiniWebSvr 0.0.9a Directory Transversal Vulnerability
  • WFTPD Pro Server 3.23.1.1 Buffer Overflow
  • TFTP Server for Windows V1.4 ST (0day)
  • Exploiting :Continued: IP Auditing
  • Checking for sensitive directories
  • CMS based attacks: Exploitation: IP Auditing
  • Joomla, Mambo, Xoops, Php-Nuke
  • Detection
  • Exploiting CMS based Websites : IP AuditingSECURITY SERVICES
  • Honeypot
  • Hash Generator: Security Services
  • The script is capable of creating the hashes of string and the supported algorithms are MD5, Sha256, sha384, sha512. May be in few days would also include the algorithm to encrypt the string using base64.
  • Crack the C0de: Security ServicesKnock the D00r: Security Services
  • The dictionary attack has been implemented for FTP, POP3, Telnet, and MySQL.
  • Conclusion
  • It is the role of Information Security to provide the basic requirements to successfully integrate security into Information Technology in a manner that properly addresses real threats. It is the goal of Information Security to ensure the confidentiality, integrity, and availability of information. Implementing weak Information Security controls can result in the loss of trust, reputation, and money .Implementing weak Information Security controls can result in the loss of trust, reputation, and money for consumers, businesses, and governments. The sharp increase in the number of fraud, extortion, and identity theft crimes is a primary result of weak Information Security controls. The cost of implementing basic controls to protect information is generally much less expensive than a security breach. Cyber criminals are becoming more sophisticated and are making use of state-of-threat tools to steal high-value data for profit. Many existing security solutions are not being used effectively enough to thwart dedicated attackers. However, many enterprises have a dilemma. They need to be securing, which requires considerable resources, but some enterprises must meet mandatory regulatory requirements or pass the scrutiny of an audit. If enterprises do just enough to pass an audit, they may be dealing with a requirement, but they will not be providing the necessary level of protection. The real goal of security must be to protect enterprises from any serious breach, which inevitably will result in severe negative consequences for their business, clients, and executive management.
  • Future Work
  • An Intrusion Detection System.
  • Vulnerability scanning of many sites in one go.
  • Cgi scanner.
  • A complete set for variants for more vigorous testing.
  • Convert it into GUI version.
  • Dictionary attacks for attacking the login forms.
  • A sniffer for the network monitoring.
  • A packet crafter.
  • References
  • Python Programmers
  • Milw0rm: www.milw0rm.com
  • Wikipedia: www.wikipedia.com
  • Whatis.com: www.whatis.com
  • Security Focus: www.securityfocus.com
  • Thank YouBeenu Arora(CEH, MCSE, Darkcoder)beenu@beenuarora.com
    We Need Your Support
    Thank you for visiting our website and your interest in our free products and services. We are nonprofit website to share and download documents. To the running of this website, we need your help to support us.

    Thanks to everyone for your continued support.

    No, Thanks
    SAVE OUR EARTH

    We need your sign to support Project to invent "SMART AND CONTROLLABLE REFLECTIVE BALLOONS" to cover the Sun and Save Our Earth.

    More details...

    Sign Now!

    We are very appreciated for your Prompt Action!

    x