Soumettre la recherche
Mettre en ligne
Infosecurity 2014 - Superbees Wanted
•
Télécharger en tant que PPSX, PDF
•
1 j'aime
•
729 vues
Malik Mesellem
Suivre
Event: Infosecurity 2014 Topic: Superbees Wanted Location: Brussels Expo
Lire moins
Lire la suite
Présentations et discours publics
Technologie
Signaler
Partager
Signaler
Partager
1 sur 84
Télécharger maintenant
Recommandé
Cyber Security Workshop @SPIT- 3rd October 2015
Cyber Security Workshop @SPIT- 3rd October 2015
Nilesh Sapariya
Hanssens Telecom Roadshow 2015 - Hacking 101
Hanssens Telecom Roadshow 2015 - Hacking 101
Malik Mesellem
SANS 2015 - Superbees Wanted
SANS 2015 - Superbees Wanted
Malik Mesellem
Sophos Day Belux 2014
Sophos Day Belux 2014
Malik Mesellem
Job Offer - Junior Security Consultant
Job Offer - Junior Security Consultant
Malik Mesellem
MME Company Presentation
MME Company Presentation
Malik Mesellem
SANS 2014 - Superbees Wanted
SANS 2014 - Superbees Wanted
Malik Mesellem
TDIS 2014 - Dealing with the risks: web applications
TDIS 2014 - Dealing with the risks: web applications
Malik Mesellem
Recommandé
Cyber Security Workshop @SPIT- 3rd October 2015
Cyber Security Workshop @SPIT- 3rd October 2015
Nilesh Sapariya
Hanssens Telecom Roadshow 2015 - Hacking 101
Hanssens Telecom Roadshow 2015 - Hacking 101
Malik Mesellem
SANS 2015 - Superbees Wanted
SANS 2015 - Superbees Wanted
Malik Mesellem
Sophos Day Belux 2014
Sophos Day Belux 2014
Malik Mesellem
Job Offer - Junior Security Consultant
Job Offer - Junior Security Consultant
Malik Mesellem
MME Company Presentation
MME Company Presentation
Malik Mesellem
SANS 2014 - Superbees Wanted
SANS 2014 - Superbees Wanted
Malik Mesellem
TDIS 2014 - Dealing with the risks: web applications
TDIS 2014 - Dealing with the risks: web applications
Malik Mesellem
Open Source Camp Kubernetes 2024 | Monitoring Kubernetes With Icinga by Eric ...
Open Source Camp Kubernetes 2024 | Monitoring Kubernetes With Icinga by Eric ...
NETWAYS
Presentation for the Strategic Dialogue on the Future of Agriculture, Brussel...
Presentation for the Strategic Dialogue on the Future of Agriculture, Brussel...
Krijn Poppe
Genesis part 2 Isaiah Scudder 04-24-2024.pptx
Genesis part 2 Isaiah Scudder 04-24-2024.pptx
FamilyWorshipCenterD
Re-membering the Bard: Revisiting The Compleat Wrks of Wllm Shkspr (Abridged)...
Re-membering the Bard: Revisiting The Compleat Wrks of Wllm Shkspr (Abridged)...
Hasting Chen
ANCHORING SCRIPT FOR A CULTURAL EVENT.docx
ANCHORING SCRIPT FOR A CULTURAL EVENT.docx
NikitaBankoti2
VVIP Call Girls Nalasopara : 9892124323, Call Girls in Nalasopara Services
VVIP Call Girls Nalasopara : 9892124323, Call Girls in Nalasopara Services
Pooja Nehwal
Call Girl Number in Khar Mumbai📲 9892124323 💞 Full Night Enjoy
Call Girl Number in Khar Mumbai📲 9892124323 💞 Full Night Enjoy
Pooja Nehwal
Night 7k Call Girls Noida Sector 128 Call Me: 8448380779
Night 7k Call Girls Noida Sector 128 Call Me: 8448380779
Delhi Call girls
Andrés Ramírez Gossler, Facundo Schinnea - eCommerce Day Chile 2024
Andrés Ramírez Gossler, Facundo Schinnea - eCommerce Day Chile 2024
eCommerce Institute
Mohammad_Alnahdi_Oral_Presentation_Assignment.pptx
Mohammad_Alnahdi_Oral_Presentation_Assignment.pptx
mohammadalnahdi22
SaaStr Workshop Wednesday w: Jason Lemkin, SaaStr
SaaStr Workshop Wednesday w: Jason Lemkin, SaaStr
saastr
No Advance 8868886958 Chandigarh Call Girls , Indian Call Girls For Full Nigh...
No Advance 8868886958 Chandigarh Call Girls , Indian Call Girls For Full Nigh...
Sheetaleventcompany
OSCamp Kubernetes 2024 | Zero-Touch OS-Infrastruktur für Container und Kubern...
OSCamp Kubernetes 2024 | Zero-Touch OS-Infrastruktur für Container und Kubern...
NETWAYS
call girls in delhi malviya nagar @9811711561@
call girls in delhi malviya nagar @9811711561@
vikas rana
Motivation and Theory Maslow and Murray pdf
Motivation and Theory Maslow and Murray pdf
akankshagupta7348026
OSCamp Kubernetes 2024 | A Tester's Guide to CI_CD as an Automated Quality Co...
OSCamp Kubernetes 2024 | A Tester's Guide to CI_CD as an Automated Quality Co...
NETWAYS
CTAC 2024 Valencia - Henrik Hanke - Reduce to the max - slideshare.pdf
CTAC 2024 Valencia - Henrik Hanke - Reduce to the max - slideshare.pdf
henrik385807
Call Girls in Sarojini Nagar Market Delhi 💯 Call Us 🔝8264348440🔝
Call Girls in Sarojini Nagar Market Delhi 💯 Call Us 🔝8264348440🔝
soniya singh
WhatsApp 📞 9892124323 ✅Call Girls In Juhu ( Mumbai )
WhatsApp 📞 9892124323 ✅Call Girls In Juhu ( Mumbai )
Pooja Nehwal
Navi Mumbai Call Girls Service Pooja 9892124323 Real Russian Girls Looking Mo...
Navi Mumbai Call Girls Service Pooja 9892124323 Real Russian Girls Looking Mo...
Pooja Nehwal
2024 State of Marketing Report – by Hubspot
2024 State of Marketing Report – by Hubspot
Marius Sescu
Everything You Need To Know About ChatGPT
Everything You Need To Know About ChatGPT
Expeed Software
Contenu connexe
Dernier
Open Source Camp Kubernetes 2024 | Monitoring Kubernetes With Icinga by Eric ...
Open Source Camp Kubernetes 2024 | Monitoring Kubernetes With Icinga by Eric ...
NETWAYS
Presentation for the Strategic Dialogue on the Future of Agriculture, Brussel...
Presentation for the Strategic Dialogue on the Future of Agriculture, Brussel...
Krijn Poppe
Genesis part 2 Isaiah Scudder 04-24-2024.pptx
Genesis part 2 Isaiah Scudder 04-24-2024.pptx
FamilyWorshipCenterD
Re-membering the Bard: Revisiting The Compleat Wrks of Wllm Shkspr (Abridged)...
Re-membering the Bard: Revisiting The Compleat Wrks of Wllm Shkspr (Abridged)...
Hasting Chen
ANCHORING SCRIPT FOR A CULTURAL EVENT.docx
ANCHORING SCRIPT FOR A CULTURAL EVENT.docx
NikitaBankoti2
VVIP Call Girls Nalasopara : 9892124323, Call Girls in Nalasopara Services
VVIP Call Girls Nalasopara : 9892124323, Call Girls in Nalasopara Services
Pooja Nehwal
Call Girl Number in Khar Mumbai📲 9892124323 💞 Full Night Enjoy
Call Girl Number in Khar Mumbai📲 9892124323 💞 Full Night Enjoy
Pooja Nehwal
Night 7k Call Girls Noida Sector 128 Call Me: 8448380779
Night 7k Call Girls Noida Sector 128 Call Me: 8448380779
Delhi Call girls
Andrés Ramírez Gossler, Facundo Schinnea - eCommerce Day Chile 2024
Andrés Ramírez Gossler, Facundo Schinnea - eCommerce Day Chile 2024
eCommerce Institute
Mohammad_Alnahdi_Oral_Presentation_Assignment.pptx
Mohammad_Alnahdi_Oral_Presentation_Assignment.pptx
mohammadalnahdi22
SaaStr Workshop Wednesday w: Jason Lemkin, SaaStr
SaaStr Workshop Wednesday w: Jason Lemkin, SaaStr
saastr
No Advance 8868886958 Chandigarh Call Girls , Indian Call Girls For Full Nigh...
No Advance 8868886958 Chandigarh Call Girls , Indian Call Girls For Full Nigh...
Sheetaleventcompany
OSCamp Kubernetes 2024 | Zero-Touch OS-Infrastruktur für Container und Kubern...
OSCamp Kubernetes 2024 | Zero-Touch OS-Infrastruktur für Container und Kubern...
NETWAYS
call girls in delhi malviya nagar @9811711561@
call girls in delhi malviya nagar @9811711561@
vikas rana
Motivation and Theory Maslow and Murray pdf
Motivation and Theory Maslow and Murray pdf
akankshagupta7348026
OSCamp Kubernetes 2024 | A Tester's Guide to CI_CD as an Automated Quality Co...
OSCamp Kubernetes 2024 | A Tester's Guide to CI_CD as an Automated Quality Co...
NETWAYS
CTAC 2024 Valencia - Henrik Hanke - Reduce to the max - slideshare.pdf
CTAC 2024 Valencia - Henrik Hanke - Reduce to the max - slideshare.pdf
henrik385807
Call Girls in Sarojini Nagar Market Delhi 💯 Call Us 🔝8264348440🔝
Call Girls in Sarojini Nagar Market Delhi 💯 Call Us 🔝8264348440🔝
soniya singh
WhatsApp 📞 9892124323 ✅Call Girls In Juhu ( Mumbai )
WhatsApp 📞 9892124323 ✅Call Girls In Juhu ( Mumbai )
Pooja Nehwal
Navi Mumbai Call Girls Service Pooja 9892124323 Real Russian Girls Looking Mo...
Navi Mumbai Call Girls Service Pooja 9892124323 Real Russian Girls Looking Mo...
Pooja Nehwal
Dernier
(20)
Open Source Camp Kubernetes 2024 | Monitoring Kubernetes With Icinga by Eric ...
Open Source Camp Kubernetes 2024 | Monitoring Kubernetes With Icinga by Eric ...
Presentation for the Strategic Dialogue on the Future of Agriculture, Brussel...
Presentation for the Strategic Dialogue on the Future of Agriculture, Brussel...
Genesis part 2 Isaiah Scudder 04-24-2024.pptx
Genesis part 2 Isaiah Scudder 04-24-2024.pptx
Re-membering the Bard: Revisiting The Compleat Wrks of Wllm Shkspr (Abridged)...
Re-membering the Bard: Revisiting The Compleat Wrks of Wllm Shkspr (Abridged)...
ANCHORING SCRIPT FOR A CULTURAL EVENT.docx
ANCHORING SCRIPT FOR A CULTURAL EVENT.docx
VVIP Call Girls Nalasopara : 9892124323, Call Girls in Nalasopara Services
VVIP Call Girls Nalasopara : 9892124323, Call Girls in Nalasopara Services
Call Girl Number in Khar Mumbai📲 9892124323 💞 Full Night Enjoy
Call Girl Number in Khar Mumbai📲 9892124323 💞 Full Night Enjoy
Night 7k Call Girls Noida Sector 128 Call Me: 8448380779
Night 7k Call Girls Noida Sector 128 Call Me: 8448380779
Andrés Ramírez Gossler, Facundo Schinnea - eCommerce Day Chile 2024
Andrés Ramírez Gossler, Facundo Schinnea - eCommerce Day Chile 2024
Mohammad_Alnahdi_Oral_Presentation_Assignment.pptx
Mohammad_Alnahdi_Oral_Presentation_Assignment.pptx
SaaStr Workshop Wednesday w: Jason Lemkin, SaaStr
SaaStr Workshop Wednesday w: Jason Lemkin, SaaStr
No Advance 8868886958 Chandigarh Call Girls , Indian Call Girls For Full Nigh...
No Advance 8868886958 Chandigarh Call Girls , Indian Call Girls For Full Nigh...
OSCamp Kubernetes 2024 | Zero-Touch OS-Infrastruktur für Container und Kubern...
OSCamp Kubernetes 2024 | Zero-Touch OS-Infrastruktur für Container und Kubern...
call girls in delhi malviya nagar @9811711561@
call girls in delhi malviya nagar @9811711561@
Motivation and Theory Maslow and Murray pdf
Motivation and Theory Maslow and Murray pdf
OSCamp Kubernetes 2024 | A Tester's Guide to CI_CD as an Automated Quality Co...
OSCamp Kubernetes 2024 | A Tester's Guide to CI_CD as an Automated Quality Co...
CTAC 2024 Valencia - Henrik Hanke - Reduce to the max - slideshare.pdf
CTAC 2024 Valencia - Henrik Hanke - Reduce to the max - slideshare.pdf
Call Girls in Sarojini Nagar Market Delhi 💯 Call Us 🔝8264348440🔝
Call Girls in Sarojini Nagar Market Delhi 💯 Call Us 🔝8264348440🔝
WhatsApp 📞 9892124323 ✅Call Girls In Juhu ( Mumbai )
WhatsApp 📞 9892124323 ✅Call Girls In Juhu ( Mumbai )
Navi Mumbai Call Girls Service Pooja 9892124323 Real Russian Girls Looking Mo...
Navi Mumbai Call Girls Service Pooja 9892124323 Real Russian Girls Looking Mo...
En vedette
2024 State of Marketing Report – by Hubspot
2024 State of Marketing Report – by Hubspot
Marius Sescu
Everything You Need To Know About ChatGPT
Everything You Need To Know About ChatGPT
Expeed Software
Product Design Trends in 2024 | Teenage Engineerings
Product Design Trends in 2024 | Teenage Engineerings
Pixeldarts
How Race, Age and Gender Shape Attitudes Towards Mental Health
How Race, Age and Gender Shape Attitudes Towards Mental Health
ThinkNow
AI Trends in Creative Operations 2024 by Artwork Flow.pdf
AI Trends in Creative Operations 2024 by Artwork Flow.pdf
marketingartwork
Skeleton Culture Code
Skeleton Culture Code
Skeleton Technologies
PEPSICO Presentation to CAGNY Conference Feb 2024
PEPSICO Presentation to CAGNY Conference Feb 2024
Neil Kimberley
Content Methodology: A Best Practices Report (Webinar)
Content Methodology: A Best Practices Report (Webinar)
contently
How to Prepare For a Successful Job Search for 2024
How to Prepare For a Successful Job Search for 2024
Albert Qian
Social Media Marketing Trends 2024 // The Global Indie Insights
Social Media Marketing Trends 2024 // The Global Indie Insights
Kurio // The Social Media Age(ncy)
Trends In Paid Search: Navigating The Digital Landscape In 2024
Trends In Paid Search: Navigating The Digital Landscape In 2024
Search Engine Journal
5 Public speaking tips from TED - Visualized summary
5 Public speaking tips from TED - Visualized summary
SpeakerHub
ChatGPT and the Future of Work - Clark Boyd
ChatGPT and the Future of Work - Clark Boyd
Clark Boyd
Getting into the tech field. what next
Getting into the tech field. what next
Tessa Mero
Google's Just Not That Into You: Understanding Core Updates & Search Intent
Google's Just Not That Into You: Understanding Core Updates & Search Intent
Lily Ray
How to have difficult conversations
How to have difficult conversations
Rajiv Jayarajah, MAppComm, ACC
Introduction to Data Science
Introduction to Data Science
Christy Abraham Joy
Time Management & Productivity - Best Practices
Time Management & Productivity - Best Practices
Vit Horky
The six step guide to practical project management
The six step guide to practical project management
MindGenius
Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...
Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...
RachelPearson36
En vedette
(20)
2024 State of Marketing Report – by Hubspot
2024 State of Marketing Report – by Hubspot
Everything You Need To Know About ChatGPT
Everything You Need To Know About ChatGPT
Product Design Trends in 2024 | Teenage Engineerings
Product Design Trends in 2024 | Teenage Engineerings
How Race, Age and Gender Shape Attitudes Towards Mental Health
How Race, Age and Gender Shape Attitudes Towards Mental Health
AI Trends in Creative Operations 2024 by Artwork Flow.pdf
AI Trends in Creative Operations 2024 by Artwork Flow.pdf
Skeleton Culture Code
Skeleton Culture Code
PEPSICO Presentation to CAGNY Conference Feb 2024
PEPSICO Presentation to CAGNY Conference Feb 2024
Content Methodology: A Best Practices Report (Webinar)
Content Methodology: A Best Practices Report (Webinar)
How to Prepare For a Successful Job Search for 2024
How to Prepare For a Successful Job Search for 2024
Social Media Marketing Trends 2024 // The Global Indie Insights
Social Media Marketing Trends 2024 // The Global Indie Insights
Trends In Paid Search: Navigating The Digital Landscape In 2024
Trends In Paid Search: Navigating The Digital Landscape In 2024
5 Public speaking tips from TED - Visualized summary
5 Public speaking tips from TED - Visualized summary
ChatGPT and the Future of Work - Clark Boyd
ChatGPT and the Future of Work - Clark Boyd
Getting into the tech field. what next
Getting into the tech field. what next
Google's Just Not That Into You: Understanding Core Updates & Search Intent
Google's Just Not That Into You: Understanding Core Updates & Search Intent
How to have difficult conversations
How to have difficult conversations
Introduction to Data Science
Introduction to Data Science
Time Management & Productivity - Best Practices
Time Management & Productivity - Best Practices
The six step guide to practical project management
The six step guide to practical project management
Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...
Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...
Infosecurity 2014 - Superbees Wanted
1.
What is bWAPP?
| © 2014 Malik Mesellem, all rights reserved. What is bWAPP? Malik Mesellem Defense Needed, Superbees Wanted
2.
What is bWAPP?
| © 2014 Malik Mesellem, all rights reserved. About Me Malik Mesellem Email | malik@itsecgames.com LinkedIn | be.linkedin.com/in/malikmesellem Twitter | twitter.com/MME_IT Blog | itsecgames.blogspot.com
3.
What is bWAPP?
| © 2014 Malik Mesellem, all rights reserved. What is bWAPP? Contents Defense Needed bWAPP and bee-box Web App Pentesting Exploiting Vulnerabilities Superbees Wanted
4.
What is bWAPP?
| © 2014 Malik Mesellem, all rights reserved. What is bWAPP? Contents Defense Needed bWAPP and bee-box Web App Pentesting Exploiting Vulnerabilities Superbees Wanted
5.
What is bWAPP?
| © 2014 Malik Mesellem, all rights reserved. Defense Needed Web application security is today's most overlooked aspect of securing the enterprise Hackers are concentrating their efforts on websites and web applications Web apps are an attractive target for cyber criminality, cyber warfare and hacktivism
6.
What is bWAPP?
| © 2014 Malik Mesellem, all rights reserved. Defense Needed Why are web applications an attractive target? Easily available via the Internet (24/7) Mission-critical business applications with sensitive data Often direct access to backend data Traditional firewalls and SSL provide no protection Many applications are custom-made == vulnerable
7.
What is bWAPP?
| © 2014 Malik Mesellem, all rights reserved. Defense Needed Why are web applications an attractive target? Easily available via the Internet (24/7) Mission-critical business applications with sensitive data Often direct access to backend data Traditional firewalls and SSL provide no protection Many applications are custom-made == vulnerable
8.
What is bWAPP?
| © 2014 Malik Mesellem, all rights reserved. DEFENSE is needed !
9.
What is bWAPP?
| © 2014 Malik Mesellem, all rights reserved. What is bWAPP? Contents Defense Needed bWAPP and bee-box Web App Pentesting Exploiting Vulnerabilities Superbees Wanted
10.
What is bWAPP?
| © 2014 Malik Mesellem, all rights reserved. bWAPP == defense bWAPP, or a buggy Web APPlication Deliberately insecure web application, includes all major known web vulnerabilities Helps security enthusiasts, developers and students to discover and to prevent issues Prepares one for successful penetration testing and ethical hacking projects
11.
What is bWAPP?
| © 2014 Malik Mesellem, all rights reserved. bWAPP
12.
What is bWAPP?
| © 2014 Malik Mesellem, all rights reserved. bWAPP Web application security is not just installing a firewall, or scanning a site for ‘potential’ issues Black-box penetration testing, simulating real attack scenarios, is still needed! Confirms potential vulnerabilities, and excludes false positives Guarantees that your defense measures are working effectively bWAPP helps to improve your security-testing skills…
13.
What is bWAPP?
| © 2014 Malik Mesellem, all rights reserved.
14.
What is bWAPP?
| © 2014 Malik Mesellem, all rights reserved. bWAPP Testimonials Awesome! It's good to see fantastic tools staying up to date ... - Ed Skoudis Founder of Counter Hack I just installed bWAPP 1.6 into the next release of SamuraiWTF ... Its a great app ... - Justin Searle Managing Partner at UtiliSec Great progress on bWAPP BTW! :) - Vivek Ramachandran Owner of SecurityTube
15.
What is bWAPP?
| © 2014 Malik Mesellem, all rights reserved. bWAPP Architecture Open source PHP application Backend MySQL database Hosted on Linux/Windows with Apache/IIS Supported on WAMP or XAMPP
16.
What is bWAPP?
| © 2014 Malik Mesellem, all rights reserved. bWAPP Features (1) Very easy to use and to understand Well structured and documented PHP code Different security levels (low/medium/high) ‘New user’ creation (password/secret) ‘Reset application/database’ feature Manual intervention page Email functionalities
17.
What is bWAPP?
| © 2014 Malik Mesellem, all rights reserved. bWAPP Features (2) Local PHP settings file No-authentication mode (A.I.M.) ‘Evil Bee’ mode, bypassing security checks ‘Evil’ directory, including attack scripts WSDL file (Web Services/SOAP) Fuzzing possibilities
18.
What is bWAPP?
| © 2014 Malik Mesellem, all rights reserved. bWAPP What makes bWAPP so unique? Well, it has over 70 web bugs! Covering all major known web vulnerabilities Including all risks from the OWASP Top 10 project
19.
What is bWAPP?
| © 2014 Malik Mesellem, all rights reserved. bWAPP Which bug do you want to hack today?
20.
What is bWAPP?
| © 2014 Malik Mesellem, all rights reserved. bWAPP Which bug do you want to hack today? (1) SQL, HTML, SSI, OS Command, XML, XPath, LDAP, PHP Code, Host Header and SMTP injections Authentication, authorization and session management issues Malicious, unrestricted file uploads and backdoor files Arbitrary file access and directory traversals PHP-CGI remote code execution Local and remote file inclusions (LFI/RFI) Server Side Request Forgery (SSRF)
21.
What is bWAPP?
| © 2014 Malik Mesellem, all rights reserved. bWAPP Which bug do you want to hack today? (2) Configuration issues: Man-in-the-Middle, Cross-Domain policy file, FTP, WebDAV, information disclosures,... HTTP parameter pollution and HTTP response splitting XML External Entity attacks (XXE) HTML5 ClickJacking, Cross-Origin Resource Sharing (CORS) and web storage issues Unvalidated redirects and forwards Denial-of-Service (DoS) attacks
22.
What is bWAPP?
| © 2014 Malik Mesellem, all rights reserved. bWAPP Which bug do you want to hack today? (3) Cross-Site Scripting (XSS), Cross-Site Tracing (XST) and Cross-Site Request Forgery (CSRF) AJAX and Web Services issues (JSON/XML/SOAP) Parameter tampering and cookie poisoning HTTP verb tampering Local privilege escalation And much more
23.
What is bWAPP?
| © 2014 Malik Mesellem, all rights reserved. bWAPP
24.
What is bWAPP?
| © 2014 Malik Mesellem, all rights reserved. bWAPP External links Home page - www.itsecgames.com Download location - sourceforge.net/projects/bwapp Blog - itsecgames.blogspot.com
25.
What is bWAPP?
| © 2014 Malik Mesellem, all rights reserved. bee-box Every bee needs a home… the bee-box VM pre-installed with bWAPP LAMP environment: Linux, Apache, MySQL and PHP Compatible with VMware and VirtualBox Requires zero installation
26.
What is bWAPP?
| © 2014 Malik Mesellem, all rights reserved. bee-box bee-box is also made deliberately insecure… Opportunity to explore all bWAPP vulnerabilities Gives you several ways to hack and deface bWAPP Even possible to hack the bee-box to get full root access! Hacking, defacing and exploiting without going to jail You can download bee-box from here
27.
What is bWAPP?
| © 2014 Malik Mesellem, all rights reserved. bee-box
28.
What is bWAPP?
| © 2014 Malik Mesellem, all rights reserved. bee-box Features (1) Apache, MySQL and PHP installed Several PHP extensions installed Vulnerable PHP-CGI phpMyAdmin installed Postfix installed and configured Insecure FTP and WebDAV configurations AppArmor disabled
29.
What is bWAPP?
| © 2014 Malik Mesellem, all rights reserved. bee-box Features (2) Weak self-signed SSL certificate ‘Fine-tuned’ file access permissions .htaccess files support enabled Some basic security tools installed Shortcuts to start, install and update bWAPP An amazing wallpaper An outdated Linux kernel…
30.
What is bWAPP?
| © 2014 Malik Mesellem, all rights reserved. bWAPP and bee-box Both are part of the ITSEC GAMES project A funny approach to IT security education IT security, ethical hacking, training and fun... All ingredients mixed together Educational and recreational InfoSec training
31.
What is bWAPP?
| © 2014 Malik Mesellem, all rights reserved. bWAPP and bee-box Ready, set, and hack! There’s just one thing to remember The logon credentials are…
32.
What is bWAPP?
| © 2014 Malik Mesellem, all rights reserved. bee/bug
33.
What is bWAPP?
| © 2014 Malik Mesellem, all rights reserved. bWAPP and bee-box Ready, set, and hack! There’s just one thing to remember The logon credentials are bee/bug So please don’t bug me anymore
34.
What is bWAPP?
| © 2014 Malik Mesellem, all rights reserved. bWAPP and bee-box Installation and configuration Install VMware Player or Oracle VirtualBox Extract, install, and start the bee-box VM Configure or check the IP settings Browse to the bWAPP web app http://[IP]/bWAPP/ Login with bee/bug
35.
What is bWAPP?
| © 2014 Malik Mesellem, all rights reserved. bWAPP and bee-box General application settings settings.php, located under the bWAPP admin folder Connection settings SMTP settings A.I.M. mode Evil bee mode Static credentials
36.
What is bWAPP?
| © 2014 Malik Mesellem, all rights reserved. bWAPP and bee-box Settings
37.
What is bWAPP?
| © 2014 Malik Mesellem, all rights reserved. bWAPP and bee-box A.I.M. Authentication Is Missing, a no-authentication mode May be used for testing web scanners and crawlers Procedure Change the IP address in the settings file Point your web scanner or crawler to http://[IP]/bWAPP/aim.php All hell breaks loose…
38.
What is bWAPP?
| © 2014 Malik Mesellem, all rights reserved. bWAPP and bee-box Worst-case-scenario-options Reset the application http://[IP]/bWAPP/reset.php Reset the application + database http://[IP]/bWAPP/reset.php?secret=bWAPP Reinstall the database Drop the database from phpMyAdmin http://[IP]/bWAPP/install.php
39.
What is bWAPP?
| © 2014 Malik Mesellem, all rights reserved. Finally, time for a DEMO
40.
What is bWAPP?
| © 2014 Malik Mesellem, all rights reserved. Demo
41.
What is bWAPP?
| © 2014 Malik Mesellem, all rights reserved. What is bWAPP? Contents Defense Needed bWAPP and bee-box Web App Pentesting Exploiting Vulnerabilities Superbees Wanted
42.
What is bWAPP?
| © 2014 Malik Mesellem, all rights reserved. Penetration Testing Penetration testing, or pentesting Method of evaluating computer, network or application security by simulating an attack Active analysis of potential vulnerabilities by using ethical hacking techniques Penetration tests are sometimes a component of a full security audit
43.
What is bWAPP?
| © 2014 Malik Mesellem, all rights reserved. Web App Penetration Testing Web application pentesting is focusing on evaluating the security of a web application Application is tested for known web vulnerabilities Manual, automatic and semi-automatic tests Source code analysis and web server configuration review as an option
44.
What is bWAPP?
| © 2014 Malik Mesellem, all rights reserved. Web App Penetration Testing It’s all about identifying, exploiting, and reporting vulnerabilities Some considerations… Commercial tools vs. open source tools Not a best practice to use only one tool Most commercial scanners don’t exploit False positives are not allowed! People don’t like auto-generated reports
45.
What is bWAPP?
| © 2014 Malik Mesellem, all rights reserved. Testing Methodologies A simple testing methodology
46.
What is bWAPP?
| © 2014 Malik Mesellem, all rights reserved. Testing Methodologies A more advanced testing methodology
47.
What is bWAPP?
| © 2014 Malik Mesellem, all rights reserved. OWASP OWASP, or Open Web Application Security Project Worldwide non-profit organization focused on improving the security of software Freely-available articles, methodologies, documentation, tools, and technologies Vendor neutral, no recommendations for commercial products or services!
48.
What is bWAPP?
| © 2014 Malik Mesellem, all rights reserved. OWASP Current OWASP Projects Top 10 Project and Testing Guide Development and Code Review Guide Application Security Verification Standard Broken Web Applications (BWA) Zed Attack Proxy (ZAP)
49.
What is bWAPP?
| © 2014 Malik Mesellem, all rights reserved. OWASP OWASP Top 10 Project, lists the 10 most severe web application security risks Constantly updated, latest version released in 2013 Referenced by many standards, books, tools, and organizations, including MITRE and PCI DSS Good starting point for a web application pentest What to test? How to test? How to prevent?
50.
What is bWAPP?
| © 2014 Malik Mesellem, all rights reserved. OWASP OWASP Top 10 Application Security Risks
51.
What is bWAPP?
| © 2014 Malik Mesellem, all rights reserved. OWASP OWASP Top 10 placement
52.
What is bWAPP?
| © 2014 Malik Mesellem, all rights reserved. Introduction to Kali Linux Kali Linux is a Debian-derived Linux distribution Designed for digital forensics and penetration testing Formerly known as BackTrack Maintained and funded by Offensive Security Support for x86 and ARM
53.
What is bWAPP?
| © 2014 Malik Mesellem, all rights reserved. Introduction to Kali Linux Includes many web app pentesting tools Burp Suite DirBuster Metasploit Nikto sqlmap w3af WebSploit ZAP
54.
What is bWAPP?
| © 2014 Malik Mesellem, all rights reserved. Intercepting Proxies Intercepting proxies are testing tools acting as a legitimate Man-in-the-Middle (MitM) Located between the browser and the web application Ability to intercept and to modify requests/responses Provide a historical record of all requests Include integrated tools to discover vulnerabilities, and to crawl and brute force files and directories
55.
What is bWAPP?
| © 2014 Malik Mesellem, all rights reserved. Intercepting Proxies ZAP, Zed Attack Proxy OWASP project, by Simon Bennetts Java application, released in September 2010 Fork of the Paros intercepting proxy Pentesting tool for finding vulnerabilities Provides automated scanning, as well as a set of tools to find security vulnerabilities manually
56.
What is bWAPP?
| © 2014 Malik Mesellem, all rights reserved. Intercepting Proxies ZAP, Zed Attack Proxy Functionalities Intercepting proxy, listening on TCP/8080 Traditional and AJAX spider Automated and passive scanner Fuzzing and brute force capabilities Smartcard and client certificate support Authentication and session support
57.
What is bWAPP?
| © 2014 Malik Mesellem, all rights reserved. Intercepting Proxies ZAP, Zed Attack Proxy
58.
What is bWAPP?
| © 2014 Malik Mesellem, all rights reserved. Demo ZAP, Zed Attack Proxy Parameter/cookie tampering Online password attack Detecting vulnerabilities
59.
What is bWAPP?
| © 2014 Malik Mesellem, all rights reserved. Commercial Web Scanners Netsparker Automated ‘false positive free’ web security scanner Identifies security issues and vulnerabilities such as SQL injection and Cross-Site Scripting (XSS) Automatically exploits detected vulnerabilities to ensure no false positives are reported Site: https://www.netsparker.com/
60.
What is bWAPP?
| © 2014 Malik Mesellem, all rights reserved. Commercial Web Scanners
61.
What is bWAPP?
| © 2014 Malik Mesellem, all rights reserved. Commercial Web Scanners Netsparker
62.
What is bWAPP?
| © 2014 Malik Mesellem, all rights reserved. Ready to Exploit some bugs?
63.
What is bWAPP?
| © 2014 Malik Mesellem, all rights reserved. What is bWAPP? Contents Defense Needed bWAPP and bee-box Web App Pentesting Exploiting Vulnerabilities Superbees Wanted
64.
What is bWAPP?
| © 2014 Malik Mesellem, all rights reserved. SQL Injection SQL injection is very common in web applications Occurs when user input is sent to a SQL interpreter as part of a query The attacker tricks the interpreter into executing unintended SQL queries
65.
What is bWAPP?
| © 2014 Malik Mesellem, all rights reserved. SQL Injection Injection in the OWASP Top 10
66.
What is bWAPP?
| © 2014 Malik Mesellem, all rights reserved. SQL Injection Normal operation DATABASE SQL interpreter WEB APP HTML | SQL BROWSER HTML (GET/POST) login password SELECT * FROM table WHERE login = ‘login’ AND password = ‘password’ result HTML SQL
67.
What is bWAPP?
| © 2014 Malik Mesellem, all rights reserved. DATABASE SQL interpreter WEB APP HTML | SQL BROWSER HTML (GET/POST) login ’ or 1=1-- SELECT * FROM table WHERE login = ‘login’ AND password = ‘’ or 1=1-- ’ result HTML SQL SQL Injection Abnormal operation
68.
What is bWAPP?
| © 2014 Malik Mesellem, all rights reserved. SQL Injection Simple injections '-- ' or 'a'='a ' or 'a'='a'-- ' or '1'='1 ' or 1=1--
69.
What is bWAPP?
| © 2014 Malik Mesellem, all rights reserved. SQL Injection Union injections ' UNION SELECT field1, field2 FROM table-- ' UNION SELECT table_name FROM INFORMATION_SCHEMA.TABLES WHERE table_schema=database()-- Stacked queries '; DROP TABLE table;--
70.
What is bWAPP?
| © 2014 Malik Mesellem, all rights reserved. SQL Injection
71.
What is bWAPP?
| © 2014 Malik Mesellem, all rights reserved. Demo SQL Injection Bypassing login forms Manually extracting data Automated SQL injection
72.
What is bWAPP?
| © 2014 Malik Mesellem, all rights reserved. HTML Injection HTML injection occurs when a user inserts HTML code via a specific input field or parameter Insufficient validation of user-supplied data Dangerous when it is stored permanently! HTML injections can lead to Website defacements Phishing attacks Client-side exploitation
73.
What is bWAPP?
| © 2014 Malik Mesellem, all rights reserved. Demo HTML Injection Website defacement Phishing attack Client-side exploitation
74.
What is bWAPP?
| © 2014 Malik Mesellem, all rights reserved. Denial-of-Service Denial-of-Service attack, or DoS attack An attacker attempts to prevent legitimate users from accessing the application, server or network Consumes network bandwidth, server sockets, threads, or CPU resources Distributed Denial-of-Service attack, or DDoS Popular techniques used by hacktivists
75.
What is bWAPP?
| © 2014 Malik Mesellem, all rights reserved. Denial-of-Service Newer layer 7 DoS attacks are more powerful! “Low-bandwidth application layer DoS” Advantages of layer 7 DoS Legitimate TCP/UDP connections, difficult to differentiate from normal traffic Requires lesser number of connections, possibility to stop a web server from a single attack Reach resource limits of services, regardless of the hardware capabilities of the server
76.
What is bWAPP?
| © 2014 Malik Mesellem, all rights reserved. Denial-of-Service Layer 7 DoS methods HTTP Slow Headers HTTP Slow POST HTTP Slow Reading Apache Range Header SSL/TLS Renegotiation XML Bombs
77.
What is bWAPP?
| © 2014 Malik Mesellem, all rights reserved. Demo Denial-of-Service HTTP Slow POST XML Bombs
78.
What is bWAPP?
| © 2014 Malik Mesellem, all rights reserved. Unrestricted File Uploads Malicious, or Unrestricted File Uploads File upload flaws occur when an attacker can upload files without any restrictions, or bypassing weak restrictions The first step in many attacks is to get some code to the system to be attacked! Using an unrestricted file upload helps the attacker… The attack only needs to find a way to get the code executed
79.
What is bWAPP?
| © 2014 Malik Mesellem, all rights reserved. Unrestricted File Uploads Web shells are malicious web pages that provide an attacker functionality on a web server Making use of server-side scripting languages like PHP, ASP, ASPX, JSP, CFM, Perl,... Web shell functionalities File transfer Command execution Network reconnaissance Database connectivity
80.
What is bWAPP?
| © 2014 Malik Mesellem, all rights reserved. Unrestricted File Uploads External attack vectors for using web shells Unrestricted File Uploads Remote File Inclusion SQL Injection OS Command Injection Insecure FTP, WebDAV,…
81.
What is bWAPP?
| © 2014 Malik Mesellem, all rights reserved. Demo Unrestricted File Uploads Shell access Escalating privileges... Getting r00t access!
82.
What is bWAPP?
| © 2014 Malik Mesellem, all rights reserved. What is bWAPP? Contents Defense Needed bWAPP and bee-box Web App Pentesting Exploiting Vulnerabilities Superbees Wanted
83.
What is bWAPP?
| © 2014 Malik Mesellem, all rights reserved. And we have so much more bugs to exploit… It’s definitely time to improve your web security Defense is needed, and testing is required! Downloading bWAPP is a first start Remember: every bee needs a superbee Are you that superbee? Superbees Wanted @MME_IT #bWAPP
84.
What is bWAPP?
| © 2014 Malik Mesellem, all rights reserved. Contact Me Malik Mesellem Email | malik@itsecgames.com LinkedIn | be.linkedin.com/in/malikmesellem Twitter | twitter.com/MME_IT Blog | itsecgames.blogspot.com
Télécharger maintenant