SlideShare une entreprise Scribd logo

Penetration Testing and Social Engineering Overview

SensePost
SensePost

Yve]e, thanks for the informa1ve presenta1on. Social engineering is a complex topic that requires care and discre1on.

TechnologieArt & Photos
1  sur  23
Télécharger pour lire hors ligne
What  will  we   do  today?     •  Penetra1on  Tes1ng   discussion   •  Non-­‐tech  view   –  Types  of  services   –  Dark  side?   •  Social  Engineering   •  Interac1ve   –  Real-­‐life  examples    
Penetra1on   Tes1ng       •  What?   –  Rude  word……   –  What  do  you  think?  
Breakdown     •  Build  Review   •  WLAN   •  Infrastructure   •  Database   •  Applica1on   •  AD   •  Code  Review   •  Reverse  Engineering   •  MVS  (PCI,  Int,  Ext  etc)  
Ops  J     •  Client  discussions   •  Report   •  Proposal   •  Invoice   •  Acceptance  /  PO   •  Rest  of  paperwork   (SOW  et  al)   •  Resources  /  Schedule   •  Delivery  
Oops    L     •  What  can  go  wrong?   –  DoS   –  Wrong  scope   –  Mis-­‐match  resources   –  Dissa1sfied  clients   –  Non-­‐payment  
Social   Engineering   (SE)     •  Art  of  decep1on?   –  Manipula1on   –  Disclosure   •  What  do  you  see  as  SE?   –  Examples  
SE:  Anatomy     •  Agree  scope   –  What  is  in?   –  What  is  out?  MAKE  THIS  VERY  CLEAR   •  Reconnaissance   –  Onsite   –  Web   –  News  
SE:  Anatomy   Cont’d     •  Plan  based  on  reconnaissance   –  Approximate  idea  of  execu1on   –  Poten1al  back-­‐up  plans  of  delivery  failure   –  Changing  course  based  on  scenario  
SE:   Characteris1cs     &  Tools     CHARACTERISTICS   TOOLS   •  Guts   •  Internet   •  Keep  calm   •  Google  Earth   •  Think  on  your  feet   •  Charm   •  Change  tac1cs  whilst   •  Manners   keeping  your  wits   •  Gadgets  (phone,   about  you   camera)        
SE:   Outcome  /   Results   •  Report   •  Evidence  (MOST  IMPORTANT)      
SE:  Example   •  Crea1ng  a  fake  email  account  with  a  real   person’s  name.     •  Ellen  belongs  to  a  company  loosely   affiliated  with  the  target.  
SE:  Example   Cont’d   •  Sending  an  email  from  “Ellen”  to  many   hundreds  of  employees  of  the  target   company.     •  The  email  contents  is  based  on  a  real  event   that  the  target  company  held  (gleaned  from   their  news  website).     •  The  email  encourages  people  to  visit  a   website,  which  appears  to  be  legi1mate.    
SE:  Example   Cont’d     •  The  website  is  a  duplicate  of  the  target   company  website,  with  a  few  minor   modifica1ons  to  go  along  with  the  farcical   story  from  the  email.     •  The  page  a]empts  to  run  a  Java  applet   (next  slide).  
SE:  Example   Cont’d     •  Should  the  user  click  yes  to  running  the   applet  from  the  site,  some  hos1le  Java  will   execute  which  will  compromise  the   machine,  and  give  the  a]acker  full  control   (as  in  next  slide)  
SE:  Example   Cont’d     •  Pwnd  ;)     •  Logs  of  people  visi1ng  the  site  
SE:  Example   Cont’d   •  Oddly  enough,  a  real  employee  (Fred)   replied  to  the  a]acker  with  real  comments   about  the  site.     •  This  was  useful  as  it  gave  us  his  name  /   email  signature  etc.  which  could  be  used  to   create  another  fake  email  account  abusing   his  informa1on.  
SE:  Example   Cont’d     Crea1ng  a  fake  account  for  target  company   employee  Fred  
SE:  Example   Cont’d   •  The  en1re  email  is  forged  from  Fred,  but  it   appears  as  though  he  is  forwarding  on  an   email  –  which  is  made  to  look  like  it  came   from  a  real  employee.     •  Here  we  abuse  the  chain  of  trust.     •  The  email  encourages  users  to  go  to  a   Microsob  website  to  download  an  urgent   update  
SE:  Example   Cont’d       •  The  a]acker  has  downloaded  a  real  MS   update,  but  sneakily  inserted  some  hos1le   code  (The  “hot”  file).     •  This  is  hosted  on  a  fake  MS  website  (next   slide)  
SE:  Example   Cont’d     Looks  legit?  Almost  too  good  to  be  true.  
SE:  Example   Cont’d     •  Here  we  see  a  user  downloading  and   running  the  file-­‐  the  result  of  which  his  AV   being  killed,  a  screenshot  of  his  desktop   being  taken,  and  full  control  of  his  machine   given  to  the  a]acker.   •  Game  over.  
        Ques1ons  
Contact   Details   Name:  Yve]e  du  Toit   Email:    yve]e@sensepost.com  

Recommandé

Creativity in business 7
Creativity in business 7Creativity in business 7
Creativity in business 7Richard Randolph
 
Creating a Connected Foosball Table with Arduino, Raspberry Pi, and Salesforce
Creating a Connected Foosball Table with Arduino, Raspberry Pi, and SalesforceCreating a Connected Foosball Table with Arduino, Raspberry Pi, and Salesforce
Creating a Connected Foosball Table with Arduino, Raspberry Pi, and SalesforceSalesforce Developers
 
Berry.kevin
Berry.kevinBerry.kevin
Berry.kevinNASAPMC
 
Introducing (DET) the Data Exfiltration Toolkit
Introducing (DET) the Data Exfiltration ToolkitIntroducing (DET) the Data Exfiltration Toolkit
Introducing (DET) the Data Exfiltration ToolkitSensePost
 
M3 conf
M3 confM3 conf
M3 confErica Kendall
 
RMG202 Rainmakers: How Netflix Operates Clouds for Maximum Freedom and Agilit...
RMG202 Rainmakers: How Netflix Operates Clouds for Maximum Freedom and Agilit...RMG202 Rainmakers: How Netflix Operates Clouds for Maximum Freedom and Agilit...
RMG202 Rainmakers: How Netflix Operates Clouds for Maximum Freedom and Agilit...Amazon Web Services
 
Inside Wordnik's Architecture
Inside Wordnik's ArchitectureInside Wordnik's Architecture
Inside Wordnik's ArchitectureTony Tam
 
Linked Data: The Real Web 2.0 (from 2008)
Linked Data: The Real Web 2.0 (from 2008)Linked Data: The Real Web 2.0 (from 2008)
Linked Data: The Real Web 2.0 (from 2008)Uche Ogbuji
 

Recommandé

Creativity in business 7
Creativity in business 7Creativity in business 7
Creativity in business 7Richard Randolph
 
Creating a Connected Foosball Table with Arduino, Raspberry Pi, and Salesforce
Creating a Connected Foosball Table with Arduino, Raspberry Pi, and SalesforceCreating a Connected Foosball Table with Arduino, Raspberry Pi, and Salesforce
Creating a Connected Foosball Table with Arduino, Raspberry Pi, and SalesforceSalesforce Developers
 
Berry.kevin
Berry.kevinBerry.kevin
Berry.kevinNASAPMC
 
Introducing (DET) the Data Exfiltration Toolkit
Introducing (DET) the Data Exfiltration ToolkitIntroducing (DET) the Data Exfiltration Toolkit
Introducing (DET) the Data Exfiltration ToolkitSensePost
 
M3 conf
M3 confM3 conf
M3 confErica Kendall
 
RMG202 Rainmakers: How Netflix Operates Clouds for Maximum Freedom and Agilit...
RMG202 Rainmakers: How Netflix Operates Clouds for Maximum Freedom and Agilit...RMG202 Rainmakers: How Netflix Operates Clouds for Maximum Freedom and Agilit...
RMG202 Rainmakers: How Netflix Operates Clouds for Maximum Freedom and Agilit...Amazon Web Services
 
Inside Wordnik's Architecture
Inside Wordnik's ArchitectureInside Wordnik's Architecture
Inside Wordnik's ArchitectureTony Tam
 
Linked Data: The Real Web 2.0 (from 2008)
Linked Data: The Real Web 2.0 (from 2008)Linked Data: The Real Web 2.0 (from 2008)
Linked Data: The Real Web 2.0 (from 2008)Uche Ogbuji
 
Logos, Labels and Login - Rod Widdowson
Logos, Labels and Login - Rod WiddowsonLogos, Labels and Login - Rod Widdowson
Logos, Labels and Login - Rod WiddowsonEduserv
 
Cloud Computing with .Net
Cloud Computing with .NetCloud Computing with .Net
Cloud Computing with .NetWesley Faler
 
Web APIs: The future of software
Web APIs: The future of softwareWeb APIs: The future of software
Web APIs: The future of softwareReuven Lerner
 
How to Get More Out of Your Project Teams
How to Get More Out of Your Project TeamsHow to Get More Out of Your Project Teams
How to Get More Out of Your Project TeamsInnoTech
 
Lessons from Branch's launch
Lessons from Branch's launchLessons from Branch's launch
Lessons from Branch's launchaflock
 
Requirements at the speed of light
Requirements at the speed of lightRequirements at the speed of light
Requirements at the speed of lightseimel
 
Completely Test-Driven
Completely Test-DrivenCompletely Test-Driven
Completely Test-DrivenIan Truslove
 
Changing rules 1_stopcheating_slideshare
Changing rules 1_stopcheating_slideshareChanging rules 1_stopcheating_slideshare
Changing rules 1_stopcheating_slideshareSOASTA
 
Learnings from Excel
Learnings from ExcelLearnings from Excel
Learnings from ExcelHolger Schill
 
Large Scale Data Management
Large Scale Data ManagementLarge Scale Data Management
Large Scale Data ManagementThomas Miller
 
What Drove Wordnik Non-Relational?
What Drove Wordnik Non-Relational?What Drove Wordnik Non-Relational?
What Drove Wordnik Non-Relational?DATAVERSITY
 
Prototypes, Prototypes, Prototypes
Prototypes, Prototypes, PrototypesPrototypes, Prototypes, Prototypes
Prototypes, Prototypes, PrototypesShane Morris
 
Netflix Cloud Platform Building Blocks
Netflix Cloud Platform Building BlocksNetflix Cloud Platform Building Blocks
Netflix Cloud Platform Building BlocksSudhir Tonse
 
Data Driven Security, from Gartner Security Summit 2012
Data Driven Security, from Gartner Security Summit 2012Data Driven Security, from Gartner Security Summit 2012
Data Driven Security, from Gartner Security Summit 2012Nick Galbreath
 
Dev ops lessons learned - Michael Collins
Dev ops lessons learned - Michael CollinsDev ops lessons learned - Michael Collins
Dev ops lessons learned - Michael CollinsDevopsdays
 
Social dev camp_2011
Social dev camp_2011Social dev camp_2011
Social dev camp_2011Craig Ulliott
 
User
UserUser
Userguest457430
 
Devops down-under
Devops down-underDevops down-under
Devops down-underRobert Postill
 
Five Cliches of Online Game Development
Five Cliches of Online Game DevelopmentFive Cliches of Online Game Development
Five Cliches of Online Game Developmentiandundore
 
Making an Impact: UX Team of One
Making an Impact: UX Team of OneMaking an Impact: UX Team of One
Making an Impact: UX Team of Onevmcagwin
 
objection - runtime mobile exploration
objection - runtime mobile explorationobjection - runtime mobile exploration
objection - runtime mobile explorationSensePost
 
Vulnerabilities in TN3270 based Application
Vulnerabilities in TN3270 based ApplicationVulnerabilities in TN3270 based Application
Vulnerabilities in TN3270 based ApplicationSensePost
 

Contenu connexe

Similaire à Penetration Testing and Social Engineering Overview

Logos, Labels and Login - Rod Widdowson
Logos, Labels and Login - Rod WiddowsonLogos, Labels and Login - Rod Widdowson
Logos, Labels and Login - Rod WiddowsonEduserv
 
Cloud Computing with .Net
Cloud Computing with .NetCloud Computing with .Net
Cloud Computing with .NetWesley Faler
 
Web APIs: The future of software
Web APIs: The future of softwareWeb APIs: The future of software
Web APIs: The future of softwareReuven Lerner
 
How to Get More Out of Your Project Teams
How to Get More Out of Your Project TeamsHow to Get More Out of Your Project Teams
How to Get More Out of Your Project TeamsInnoTech
 
Lessons from Branch's launch
Lessons from Branch's launchLessons from Branch's launch
Lessons from Branch's launchaflock
 
Requirements at the speed of light
Requirements at the speed of lightRequirements at the speed of light
Requirements at the speed of lightseimel
 
Completely Test-Driven
Completely Test-DrivenCompletely Test-Driven
Completely Test-DrivenIan Truslove
 
Changing rules 1_stopcheating_slideshare
Changing rules 1_stopcheating_slideshareChanging rules 1_stopcheating_slideshare
Changing rules 1_stopcheating_slideshareSOASTA
 
Learnings from Excel
Learnings from ExcelLearnings from Excel
Learnings from ExcelHolger Schill
 
Large Scale Data Management
Large Scale Data ManagementLarge Scale Data Management
Large Scale Data ManagementThomas Miller
 
What Drove Wordnik Non-Relational?
What Drove Wordnik Non-Relational?What Drove Wordnik Non-Relational?
What Drove Wordnik Non-Relational?DATAVERSITY
 
Prototypes, Prototypes, Prototypes
Prototypes, Prototypes, PrototypesPrototypes, Prototypes, Prototypes
Prototypes, Prototypes, PrototypesShane Morris
 
Netflix Cloud Platform Building Blocks
Netflix Cloud Platform Building BlocksNetflix Cloud Platform Building Blocks
Netflix Cloud Platform Building BlocksSudhir Tonse
 
Data Driven Security, from Gartner Security Summit 2012
Data Driven Security, from Gartner Security Summit 2012Data Driven Security, from Gartner Security Summit 2012
Data Driven Security, from Gartner Security Summit 2012Nick Galbreath
 
Dev ops lessons learned - Michael Collins
Dev ops lessons learned - Michael CollinsDev ops lessons learned - Michael Collins
Dev ops lessons learned - Michael CollinsDevopsdays
 
Social dev camp_2011
Social dev camp_2011Social dev camp_2011
Social dev camp_2011Craig Ulliott
 
Five Cliches of Online Game Development
Five Cliches of Online Game DevelopmentFive Cliches of Online Game Development
Five Cliches of Online Game Developmentiandundore
 
Making an Impact: UX Team of One
Making an Impact: UX Team of OneMaking an Impact: UX Team of One
Making an Impact: UX Team of Onevmcagwin
 

Similaire à Penetration Testing and Social Engineering Overview (20)

Logos, Labels and Login - Rod Widdowson
Logos, Labels and Login - Rod WiddowsonLogos, Labels and Login - Rod Widdowson
Logos, Labels and Login - Rod Widdowson
 
Cloud Computing with .Net
Cloud Computing with .NetCloud Computing with .Net
Cloud Computing with .Net
 
Web APIs: The future of software
Web APIs: The future of softwareWeb APIs: The future of software
Web APIs: The future of software
 
How to Get More Out of Your Project Teams
How to Get More Out of Your Project TeamsHow to Get More Out of Your Project Teams
How to Get More Out of Your Project Teams
 
Lessons from Branch's launch
Lessons from Branch's launchLessons from Branch's launch
Lessons from Branch's launch
 
Requirements at the speed of light
Requirements at the speed of lightRequirements at the speed of light
Requirements at the speed of light
 
Completely Test-Driven
Completely Test-DrivenCompletely Test-Driven
Completely Test-Driven
 
Changing rules 1_stopcheating_slideshare
Changing rules 1_stopcheating_slideshareChanging rules 1_stopcheating_slideshare
Changing rules 1_stopcheating_slideshare
 
Learnings from Excel
Learnings from ExcelLearnings from Excel
Learnings from Excel
 
Large Scale Data Management
Large Scale Data ManagementLarge Scale Data Management
Large Scale Data Management
 
What Drove Wordnik Non-Relational?
What Drove Wordnik Non-Relational?What Drove Wordnik Non-Relational?
What Drove Wordnik Non-Relational?
 
Prototypes, Prototypes, Prototypes
Prototypes, Prototypes, PrototypesPrototypes, Prototypes, Prototypes
Prototypes, Prototypes, Prototypes
 
Netflix Cloud Platform Building Blocks
Netflix Cloud Platform Building BlocksNetflix Cloud Platform Building Blocks
Netflix Cloud Platform Building Blocks
 
Data Driven Security, from Gartner Security Summit 2012
Data Driven Security, from Gartner Security Summit 2012Data Driven Security, from Gartner Security Summit 2012
Data Driven Security, from Gartner Security Summit 2012
 
Dev ops lessons learned - Michael Collins
Dev ops lessons learned - Michael CollinsDev ops lessons learned - Michael Collins
Dev ops lessons learned - Michael Collins
 
Social dev camp_2011
Social dev camp_2011Social dev camp_2011
Social dev camp_2011
 
User
UserUser
User
 
Devops down-under
Devops down-underDevops down-under
Devops down-under
 
Five Cliches of Online Game Development
Five Cliches of Online Game DevelopmentFive Cliches of Online Game Development
Five Cliches of Online Game Development
 
Making an Impact: UX Team of One
Making an Impact: UX Team of OneMaking an Impact: UX Team of One
Making an Impact: UX Team of One
 

Plus de SensePost

objection - runtime mobile exploration
objection - runtime mobile explorationobjection - runtime mobile exploration
objection - runtime mobile explorationSensePost
 
Vulnerabilities in TN3270 based Application
Vulnerabilities in TN3270 based ApplicationVulnerabilities in TN3270 based Application
Vulnerabilities in TN3270 based ApplicationSensePost
 
Ruler and Liniaal @ Troopers 17
Ruler and Liniaal @ Troopers 17Ruler and Liniaal @ Troopers 17
Ruler and Liniaal @ Troopers 17SensePost
 
ZaCon 2015 - Zombie Mana Attacks
ZaCon 2015 - Zombie Mana AttacksZaCon 2015 - Zombie Mana Attacks
ZaCon 2015 - Zombie Mana AttacksSensePost
 
Improvement in Rogue Access Points - SensePost Defcon 22
Improvement in Rogue Access Points - SensePost Defcon 22Improvement in Rogue Access Points - SensePost Defcon 22
Improvement in Rogue Access Points - SensePost Defcon 22SensePost
 
Heartbleed Overview
Heartbleed OverviewHeartbleed Overview
Heartbleed OverviewSensePost
 
Botconf 2013 - DNS-based Botnet C2 Server Detection
Botconf 2013 - DNS-based Botnet C2 Server DetectionBotconf 2013 - DNS-based Botnet C2 Server Detection
Botconf 2013 - DNS-based Botnet C2 Server DetectionSensePost
 
Rat a-tat-tat
Rat a-tat-tatRat a-tat-tat
Rat a-tat-tatSensePost
 
Hacking Z-Wave Home Automation Systems
Hacking Z-Wave Home Automation SystemsHacking Z-Wave Home Automation Systems
Hacking Z-Wave Home Automation SystemsSensePost
 
Offence oriented Defence
Offence oriented DefenceOffence oriented Defence
Offence oriented DefenceSensePost
 
Threats to machine clouds
Threats to machine cloudsThreats to machine clouds
Threats to machine cloudsSensePost
 
Inside .NET Smart Card Operating System
Inside .NET Smart Card Operating SystemInside .NET Smart Card Operating System
Inside .NET Smart Card Operating SystemSensePost
 
SNMP : Simple Network Mediated (Cisco) Pwnage
SNMP : Simple Network Mediated (Cisco) PwnageSNMP : Simple Network Mediated (Cisco) Pwnage
SNMP : Simple Network Mediated (Cisco) PwnageSensePost
 
Its Ok To Get Hacked
Its Ok To Get HackedIts Ok To Get Hacked
Its Ok To Get HackedSensePost
 
Web Application Hacking
Web Application HackingWeb Application Hacking
Web Application HackingSensePost
 
Putting the tea back into cyber terrorism
Putting the tea back into cyber terrorismPutting the tea back into cyber terrorism
Putting the tea back into cyber terrorismSensePost
 
Major global information security trends - a summary
Major global information security trends - a summaryMajor global information security trends - a summary
Major global information security trends - a summarySensePost
 
Attacks and Defences
Attacks and DefencesAttacks and Defences
Attacks and DefencesSensePost
 
Corporate Threat Modeling v2
Corporate Threat Modeling v2Corporate Threat Modeling v2
Corporate Threat Modeling v2SensePost
 
State of the information security nation
State of the information security nationState of the information security nation
State of the information security nationSensePost
 

Plus de SensePost (20)

objection - runtime mobile exploration
objection - runtime mobile explorationobjection - runtime mobile exploration
objection - runtime mobile exploration
 
Vulnerabilities in TN3270 based Application
Vulnerabilities in TN3270 based ApplicationVulnerabilities in TN3270 based Application
Vulnerabilities in TN3270 based Application
 
Ruler and Liniaal @ Troopers 17
Ruler and Liniaal @ Troopers 17Ruler and Liniaal @ Troopers 17
Ruler and Liniaal @ Troopers 17
 
ZaCon 2015 - Zombie Mana Attacks
ZaCon 2015 - Zombie Mana AttacksZaCon 2015 - Zombie Mana Attacks
ZaCon 2015 - Zombie Mana Attacks
 
Improvement in Rogue Access Points - SensePost Defcon 22
Improvement in Rogue Access Points - SensePost Defcon 22Improvement in Rogue Access Points - SensePost Defcon 22
Improvement in Rogue Access Points - SensePost Defcon 22
 
Heartbleed Overview
Heartbleed OverviewHeartbleed Overview
Heartbleed Overview
 
Botconf 2013 - DNS-based Botnet C2 Server Detection
Botconf 2013 - DNS-based Botnet C2 Server DetectionBotconf 2013 - DNS-based Botnet C2 Server Detection
Botconf 2013 - DNS-based Botnet C2 Server Detection
 
Rat a-tat-tat
Rat a-tat-tatRat a-tat-tat
Rat a-tat-tat
 
Hacking Z-Wave Home Automation Systems
Hacking Z-Wave Home Automation SystemsHacking Z-Wave Home Automation Systems
Hacking Z-Wave Home Automation Systems
 
Offence oriented Defence
Offence oriented DefenceOffence oriented Defence
Offence oriented Defence
 
Threats to machine clouds
Threats to machine cloudsThreats to machine clouds
Threats to machine clouds
 
Inside .NET Smart Card Operating System
Inside .NET Smart Card Operating SystemInside .NET Smart Card Operating System
Inside .NET Smart Card Operating System
 
SNMP : Simple Network Mediated (Cisco) Pwnage
SNMP : Simple Network Mediated (Cisco) PwnageSNMP : Simple Network Mediated (Cisco) Pwnage
SNMP : Simple Network Mediated (Cisco) Pwnage
 
Its Ok To Get Hacked
Its Ok To Get HackedIts Ok To Get Hacked
Its Ok To Get Hacked
 
Web Application Hacking
Web Application HackingWeb Application Hacking
Web Application Hacking
 
Putting the tea back into cyber terrorism
Putting the tea back into cyber terrorismPutting the tea back into cyber terrorism
Putting the tea back into cyber terrorism
 
Major global information security trends - a summary
Major global information security trends - a summaryMajor global information security trends - a summary
Major global information security trends - a summary
 
Attacks and Defences
Attacks and DefencesAttacks and Defences
Attacks and Defences
 
Corporate Threat Modeling v2
Corporate Threat Modeling v2Corporate Threat Modeling v2
Corporate Threat Modeling v2
 
State of the information security nation
State of the information security nationState of the information security nation
State of the information security nation
 

Dernier

Google AI Hackathon: LLM based Evaluator for RAG
Google AI Hackathon: LLM based Evaluator for RAGGoogle AI Hackathon: LLM based Evaluator for RAG
Google AI Hackathon: LLM based Evaluator for RAGSujit Pal
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsEnterprise Knowledge
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slidevu2urc
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel Araújo
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘RTylerCroy
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024Results
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationMichael W. Hawkins
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Allon Mureinik
 
Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Paola De la Torre
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsMaria Levchenko
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonetsnaman860154
 
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...HostedbyConfluent
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 3652toLead Limited
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...shyamraj55
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 

Dernier (20)

Google AI Hackathon: LLM based Evaluator for RAG
Google AI Hackathon: LLM based Evaluator for RAGGoogle AI Hackathon: LLM based Evaluator for RAG
Google AI Hackathon: LLM based Evaluator for RAG
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)
 
Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 

Penetration Testing and Social Engineering Overview

  • 1. What  will  we   do  today?     •  Penetra1on  Tes1ng   discussion   •  Non-­‐tech  view   –  Types  of  services   –  Dark  side?   •  Social  Engineering   •  Interac1ve   –  Real-­‐life  examples    
  • 2. Penetra1on   Tes1ng       •  What?   –  Rude  word……   –  What  do  you  think?  
  • 3. Breakdown     •  Build  Review   •  WLAN   •  Infrastructure   •  Database   •  Applica1on   •  AD   •  Code  Review   •  Reverse  Engineering   •  MVS  (PCI,  Int,  Ext  etc)  
  • 4. Ops  J     •  Client  discussions   •  Report   •  Proposal   •  Invoice   •  Acceptance  /  PO   •  Rest  of  paperwork   (SOW  et  al)   •  Resources  /  Schedule   •  Delivery  
  • 5. Oops    L     •  What  can  go  wrong?   –  DoS   –  Wrong  scope   –  Mis-­‐match  resources   –  Dissa1sfied  clients   –  Non-­‐payment  
  • 6. Social   Engineering   (SE)     •  Art  of  decep1on?   –  Manipula1on   –  Disclosure   •  What  do  you  see  as  SE?   –  Examples  
  • 7. SE:  Anatomy     •  Agree  scope   –  What  is  in?   –  What  is  out?  MAKE  THIS  VERY  CLEAR   •  Reconnaissance   –  Onsite   –  Web   –  News  
  • 8. SE:  Anatomy   Cont’d     •  Plan  based  on  reconnaissance   –  Approximate  idea  of  execu1on   –  Poten1al  back-­‐up  plans  of  delivery  failure   –  Changing  course  based  on  scenario  
  • 9. SE:   Characteris1cs     &  Tools     CHARACTERISTICS   TOOLS   •  Guts   •  Internet   •  Keep  calm   •  Google  Earth   •  Think  on  your  feet   •  Charm   •  Change  tac1cs  whilst   •  Manners   keeping  your  wits   •  Gadgets  (phone,   about  you   camera)        
  • 10. SE:   Outcome  /   Results   •  Report   •  Evidence  (MOST  IMPORTANT)      
  • 11. SE:  Example   •  Crea1ng  a  fake  email  account  with  a  real   person’s  name.     •  Ellen  belongs  to  a  company  loosely   affiliated  with  the  target.  
  • 12. SE:  Example   Cont’d   •  Sending  an  email  from  “Ellen”  to  many   hundreds  of  employees  of  the  target   company.     •  The  email  contents  is  based  on  a  real  event   that  the  target  company  held  (gleaned  from   their  news  website).     •  The  email  encourages  people  to  visit  a   website,  which  appears  to  be  legi1mate.    
  • 13. SE:  Example   Cont’d     •  The  website  is  a  duplicate  of  the  target   company  website,  with  a  few  minor   modifica1ons  to  go  along  with  the  farcical   story  from  the  email.     •  The  page  a]empts  to  run  a  Java  applet   (next  slide).  
  • 14. SE:  Example   Cont’d     •  Should  the  user  click  yes  to  running  the   applet  from  the  site,  some  hos1le  Java  will   execute  which  will  compromise  the   machine,  and  give  the  a]acker  full  control   (as  in  next  slide)  
  • 15. SE:  Example   Cont’d     •  Pwnd  ;)     •  Logs  of  people  visi1ng  the  site  
  • 16. SE:  Example   Cont’d   •  Oddly  enough,  a  real  employee  (Fred)   replied  to  the  a]acker  with  real  comments   about  the  site.     •  This  was  useful  as  it  gave  us  his  name  /   email  signature  etc.  which  could  be  used  to   create  another  fake  email  account  abusing   his  informa1on.  
  • 17. SE:  Example   Cont’d     Crea1ng  a  fake  account  for  target  company   employee  Fred  
  • 18. SE:  Example   Cont’d   •  The  en1re  email  is  forged  from  Fred,  but  it   appears  as  though  he  is  forwarding  on  an   email  –  which  is  made  to  look  like  it  came   from  a  real  employee.     •  Here  we  abuse  the  chain  of  trust.     •  The  email  encourages  users  to  go  to  a   Microsob  website  to  download  an  urgent   update  
  • 19. SE:  Example   Cont’d       •  The  a]acker  has  downloaded  a  real  MS   update,  but  sneakily  inserted  some  hos1le   code  (The  “hot”  file).     •  This  is  hosted  on  a  fake  MS  website  (next   slide)  
  • 20. SE:  Example   Cont’d     Looks  legit?  Almost  too  good  to  be  true.  
  • 21. SE:  Example   Cont’d     •  Here  we  see  a  user  downloading  and   running  the  file-­‐  the  result  of  which  his  AV   being  killed,  a  screenshot  of  his  desktop   being  taken,  and  full  control  of  his  machine   given  to  the  a]acker.   •  Game  over.  
  • 22.         Ques1ons  
  • 23. Contact   Details   Name:  Yve]e  du  Toit   Email:    yve]e@sensepost.com