Advanced Penetration Testing
Temple University

Monthly Archives: February 2016

1 2

Weeks 6 & 7 – Summary

Published February 22, 2016 | By Ruslan Yakush

Readings:

Web based attacks are most dangerous environments with numerous ways to compromise Confidentiality, Integrity and Availability. Various methods exist to break into web services, servers and sites components, such as: Phishing XSS, Injections Flaws, Unsecured storage,  Broken Authentication and access controls, Unvalidated data inputs, etc. Especially, SQL Injection is very powerful in hands of hackers since SQL databases are all over the globe in every web site. The best security practices to avoid being a victim of such attacks is to make sure industry standards are followed when designing web based applications.

Question to the Class: Would WebGoat be considered the best up-to-date tool to practice attacks?

In the News:

If you are using a SimpliSafe wireless home alarm system to improve your home security smartly, just throw it up and buy a new one. It is useless.

Read more here:

http://thehackernews.com/2016/02/hack-home-security-alarm.html

Posted in | Leave a comment

Week 7 Reading Summary, Question, and recent Cyber Security News…

Published February 18, 2016 | By Paul V. Ihlenfeld
  1. Summarize one key point from each assigned reading…

SQL injection is a type of code injection technique that exploits a security vulnerability occurring in the DB layer of an application (user input incorrectly filtered… then possibly passed into the DB via manipulated SQL statements.) To help prevent SQL injections do the following: user input must be carefully escaped/filtered, and also audit one’s web site & SQL databases with a good web vulnerability scanner [WebCruiser, etc.])

  1. Question to classmates (facilitates discussion) from assigned reading…

Question: What would be some other SQL database vulnerabilities, and also how to fix quickly?

*Answer: Here is my answer… known SQL flaws within the DB server itself, and here one would install the latest software updates ASAP to make the overall system more secure! How about your answer…

Identify, read, and post to our blog a current event article regarding ethical hacking & penetration testing (follow theme topic of the week, or other interesting related article)…

In the Cyber Security News lately

2016 Marching Orders – Encrypt End-to-End While You can (as reported recently within the RedmondMag.com on 1/11/2016)…

“Data breaches remain a critical threat to organizations and there’s concern that one of the best defenses, end-to-end encryption technology, may not be around forever… Hillary Clinton said in a Brookings Institute speech. ‘And this is complicated. You’re going to hear all of the usual complaints, you know, freedom of speech, etc. But if we truly are in a war against terrorism and we are truly looking for ways to shut off their funding, shut off the flow of foreign fighters, then we’ve got to shut off their means of communicating. It’s more complicated with some of what they do on encrypted apps’… Expect to keep hearing demands from the stump for encryption technology that keeps corporate and personal data safe, but is completely accessible to law enforcement and intelligence agencies whenever they need it… Meanwhile, the technology keeps moving forward. One element to keep an eye on in 2016 is quantum computing, which could make a lot of current encryption technology irrelevant… over the next 15 years will necessitate the migration of all our existing public-key cryptosystems to new quantum-resistant algorithms and a quantum-resistant TLS (used for every HTTPS secure Web connection) is the first step.”

https://redmondmag.com/articles/2016/01/01/2016-marching-orders.aspx

Posted in | Tagged , | Leave a comment

Week 7 Takeaways

Published February 15, 2016 | By Jeta Gjana

Assigned readings:

Burp Suite is a tool that allows security testing of Web applications. This framework is very powerful for if it is used properly, it identifies vulnerabilities and exploits them. This tool is composed of proxy, spider, intruder, repeater, sequencer, decoder and comparer. Burp intruder allows you to customize attacks against any Web applications and it is composed of four elements: target, positions, payloads and options. SQL Injection testing is also another method that is used within the Burp intruder. Burp repeater manually modifies the HTTP requests and tests the responses given by the page. Burp sequencer checks for the extent of randomness in the session tokens generated by the Web application. Burp decoder sends a request to the decoder and lastly, burp comparer compares between two sets of data. Web application vulnerabilities is becoming more sophisticated however they are various methods to prevent such threats and protect the assets of the company. One of the most common methods include web application scanners and firewalls. Also, it is important to note that managers play a significant role when it comes to web application security.

Question for the class:

What are you experiences thus far using Burp Suite?

In the news: “Vulnerability found in two-factor authentication”

Two-factor authentication is a computer security measure used by major online service providers to protect the identify of users in the event of a password loss. Security experts have long endorsed two-factor authentication as an effective safeguard against password attacks. But what if two-factor authentication could be cracked not by computer engineering but by social engineering? A study was conducted with a scenario in which a hacker, armed only with the target’s mobile phone number, attempts to log into a user’s account and claims to forget the password, triggering a verification SMS text. I n a pilot test of twenty mobile phone users, 25 percent forwarded the verification code to an attacker upon request while proving the success of Verification Code Forwarding Attack.

Click here to read more about this article.

Posted in | Leave a comment

Week 6 Reading Summary, Question, and recent Cyber Security News…

Published February 11, 2016 | By Paul V. Ihlenfeld
  1. Summarize one key point from each assigned reading…

This week we begin our focus on web application security from the Burp Suite included with Kali2-Linux (tools to perform security testing [Burp Proxy, Spider, Intruder, Decoder, etc.]) and on web application injection vulnerabilities (client-side submission of unexpected unputs in order to exploit system vulnerabilities [vulnerabilies known, but still not fixed by many web site developers/owners over the last 10 yrs.]) Best practices for web app security would be to have managers & developers design & maintain web apps with security always a part of the overall process (definitely minimize user input validation issues, etc.)

  1. Question to classmates (facilitates discussion) from assigned reading…

Question: Using Burp Proxy (intercept web traffic) & Burp Intruder (automate custom web app attacks), which would be your choice of Burp Intruder “payload”?

*Answer: My choice would be to use the “Pitch-fork” attack (for a SQL injection web app attack [custom username & passwd payloads.])

Identify, read, and post to our blog a current event article regarding ethical hacking & penetration testing (follow theme topic of the week, or other interesting related article)…

In the Cyber Security News lately

Microsoft’s New Security Approach (as reported within the RedmondMag.com on 1/5/2016)…

https://redmondmag.com/articles/2016/01/01/a-new-security-approach.aspx

Back in 2002 Microsoft began their “Trustworthy Computing” security initiatives (improve security on products such as Windows OS, Office suite, etc.), and now fast forward to 2015 (massive global security threats against almost all Internet connected organizations) with Microsoft’s evolved security focus much more on “operations” (new security initiatives such as their Cyber Defense Operations Center [24×7 rapid response from many diverse security experts], Azure Security Center [cloud services for IT admins to monitor Microsoft client’s security cloud environment], etc.)… definitely an excellent direction for Microsoft, but let’s see how it all goes in near future for Microsoft and it’s cloud partners (security breach frequency & response times, transparency, etc.)

Posted in | Tagged , , , , | Leave a comment

Week 5 in the news

Published February 8, 2016 | By Jeta Gjana

“Keybase Releases Encrypted File-Sharin iPhone App”

Keybase last week announced the alpha release of the Keybase app for the iPhone with a cryptographically secure file mount. Users can write data in an automatically created folder in this format: /keybase/public/username. Files written in the folder are signed automatically and appear as plain text files. The folder prevents server-side and man-in-the-middle attacks. Files stream in on demand; there is no syncing as there is in Dropbox, Google Drive and Box.

For more information regarding this article, please click here.

Posted in | Leave a comment

Week 5 – In the News

Published February 8, 2016 | By Ruslan Yakush

*/ No Reading for this week.

 

In the News:

National Security Agency merging offensive, defensive hacking operations

The U.S. National Security Agency on Monday outlined a reorganization that will consolidate its spying and domestic cyber-security operations, despite recommendations by a presidential panel that the agency focus solely on espionage.

Read more at: http://www.reuters.com/article/us-usa-cyber-nsa-idUSKCN0VH21H

 

 

Posted in | Leave a comment

Top Reason To Pay Attention To The Dark Web

Published February 8, 2016 | By Roberto Nogueda

http://www.securityweek.com/top-reasons-pay-attention-dark-web

Top Reason To Pay Attention To The Dark Web

Tim Layton offers a great perspective regarding content in the Deep Web or as he refers to it “Dark Web”

His inside information breaks down what a new user can expect once Tor is open and simple searches are done throughout the special Firefox browser.

There are good reasons for taking advantage of Dark Web intelligence but we should also explore the challenges of collecting it says Layton but also he offers the other side of the story due to kegal and unknown reasons why not to surf in the dark web.

Posted in | Leave a comment

Week 5: Reading, Question, and In The News

Published February 8, 2016 | By David Lanter

It looks like I may be confused about what’s expected this week…

Reading: Metasploit Unleashed – MSF Extended Usage and Metasploit GUIs. This weeks’ reading introduced us to a broad range of tools and techniques for working with and extending the Metaploit Framework to conduct and improve penetration testing during pre-exploitation, exploitation, and post-exploitation activities.  I am particularly intrigued by the exploit presented where msfvenom is used to create an EXE file, which when inadvertently run by a user, compromises their Apple computer’s OS X and takes over the camera for unexpected picture taking of the user.

Question for the Class: Which language is Mimikatz using to communicate with the user in the screen and on the command line?

In The News:  “Export Treaty to Get Rewrite in Win for Security Industry”, by Phil Muncaster, Feb. 4, 2016. Good news for white hats this week after US Department of Commerce stepped back from a rule agreed to in the Wassenaar Arrangement among 41 countries to prevent export of dual-use technologies to criminal organizations and repressive regimes.  The Government will now seek public comment on a revised draft rule pertaining to a controversial clause in a weapons export pact which threatens to severely limit the use of legitimate security testing tools for finding software flaws.

http://www.infosecurity-magazine.com/news/export-treaty-get-rewrite-win/

Posted in | Leave a comment
1 2
Recent Posts
Recent Comments
Archives
Categories
Meta