Scribd Logo
Upload

Welcome to Scribd!

  • Session 1 VU21997

    Uploaded by

    cryptailmine
    4 views24 pages

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    4 views24 pages

    Session 1 VU21997

    Uploaded by

    cryptailmine

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 24

    VU21997-Expose Website

    Security Vulnerabilities
    Introduction

    At the end of this unit, you would be able to:


     Use web application proxy testing and other tools to identify and exploit
    vulnerabilities.
     Identify common types of web servers and application vulnerabilities.
     Create a report that documents the vulnerabilities and suggest an
    approach to resolve it.
    General Topics

    1. OSI / Networking / Web architectures


    2. Web content, spidering
    3. Web app testing tools
    4. Software vulnerability testing
    5. Reporting vulnerabilities
    House Keeping Rules

     Put your mobile phones on silent and if you really need to attend the call,
    please take your calls outside.
     80 % attendance is required to be competent in this unit
     Please complete the engagement activity or class activity each week.
     Go through the Unit Plan available on Student Web.
    Activities

     You need a USB drive for this course (VMs, resources)


    16GB minimum
     You would be doing individual activities. You will require
    1. Laptop
    2. Microsoft Office
    3. Vmware Workstation
    Assessments

     There would be 3 assessment tasks. Please always fill the cover sheet.
     First assessment task would be an online quiz (Knowledge test) on student
    web. See the dates in the Unit Plan.
     Second assessment task: You would be required to complete a word
    document putting the screens shots of the detection and exploitation of
    vulnerabilities and other pen testing activities to detect, exploit and report
    the vulnerabilities. See the dates in the Unit Plan.
     Third assessment task would be final exam. See the dates in the Unit Plan.
     Your assessment would be graded in 2 weeks after the submission.
    Session 1-Introduction

    At the end of this session, you would be able to learn:


     Introduction to expose website vulnerabilities
     OSI model review
     http review
     VmSetup(Kali)
     nmap
    Real-World Security Failures

    Credit https://www.slideshare.net/joevest/information-security-management-v2010
    Networking Review

    What is:
     MAC address? IP address?
     DNS?
     TCP port?
     Protocol?
     Socket?
     Firewall?
     How can multiple clients communicate with a service on a single IP,
    concurrently?
     Good refresher resource :
     http://techgenix.com/understanding-tcpip-chapter1-introduction-network-protocols/
    Networking Review

    Where do the following concepts belong in the OSI model:

     MAC address? IP address?


     UDP port?
     Data encryption?
     Fibre optic cables ?
     Media layers-Physical-Data Link-Network Layers
     Host layers-Transport-Session-Presentation-Application Layers

    Credit: OSI 7 Model, SyamilAshri at English Wikibooks/ CC-BY-SA-3.0


    https://commons.wikimedia.org/wiki/File:Osi-model-7-layers.png
    Http Transaction Working
    Example-Http Transaction Working

    https://www.slideshare.net/SMEXbeirut/how-a-web-request-is-served
    Weakness in http Transaction

     Get IP address from DNS servers


    Weakness: “Let’s redirect them to my compromised server…”
     Establish a connection
    Weakness: “Let’s peak at the credentials while they pass by”
     Make an HTTP request
    Weakness: “Maybe I can send a delete *.* command”
     Receive a response
    Weakness: “You want a webpage? How about malware instead.”
    Encapsulation of http
    Wireshark View–http Conversation
    Virtualization Overview

     On average, how busy is a CPU on a typical server? (0-100%)

     Not used = idle = wasted resources.


     Virtualization = multiple virtual machines share host resources.
     What happens if 4 VMs need 100% of a CPU - but you have 2 CPUs?
     Hypervisor responsible for resource allocation and task scheduling.

    Credit: Kwesterh via Wikimedia (Public


    domain)https://commons.wikimedia.org/wiki/File:Hardware_Virtualization.JPG
    Today – Part 1

     New to VMs? Review How to Create/Use Virtual Machines guide in Student


    web
     Download Web for Pen tester 1 and 2 via student web. Copy Kali via USB.
     Web for Pen tester VMs specifications: 1 CPU core, 1GB RAM
     Kali specifications: 2 CPU cores, 2GB RAM
     All VMs: NAT (VM net 8)
    Part1-Continued

     How do I know what I download doesn’t have malware?


     Check your hashes! (optional, but smart – try this)
     Windows: certutil -hashfile c:\downloaded_file.zip SHA256
     Linux: sha256 downloaded_file.zip
     This only checks you’re getting the program that matches the hash value.
     Someone may have embedded malware on purpose, or altered the
    webpage with hash value.
     http://searchsecurity.techtarget.com/news/450426573/CCleaner-malware-spread-via-supply-chain-
    attack
    Helpful Linux Commands

     ifconfig or ip a - Shows my current IP


     nano /pico- Linux text editors
     apt-get install nano to update or install nano editor.
     apt-get install pico to update or install pico editor.
     cd Downloads to change the current directory
     cd ~ to go back.
     ls to list the file or directories
     ping 8.8.8.8-ICMP test to google
     Ctrl+C to halt or shutdown now or reboot-shut down Linux VM
    Today– Part 2

     Cert IV students: do Engagement activity and Training plans


     Confirm connectivity – get IP addresses of VMs and ping each VM
     Once done: research the nmap program(installed in Kali)
    Part 2-Continued-nmap

     What’s the simplest nmap command? (e.g. “just scan 1.2.3.4”)


     How could you scan ports 80, 443, and 25?
     How can nmap guess (‘fingerprint’) the operating system?
     Nmap will try to detect server versions (e.g. Apache 2.2 web server).
    Which nmap parameter allows you to do this?
     What’s the command to scan all TCP ports 0-65535?
    Part 2-Continued-nmap

    Try this:
     Sudo apt-get install nmap to get the updated tool of nmap.
     sudo command-run “command” as the super user/root
     Apt-get is used to get the newest version.
    1. nmap 1.1.1.1
    2. nmap facebook.com
    3. nmap –sS facebook.com
    4. nmap –sV facebook.com
    5. nmap –o 80,80 facebook.com
    6. nmap –p 80 facebook.com. Fix the command to check HTTP and HTTPS ports
    Part 2-Continued

     Several companies allow limited scanning of their website(e.g. Facebook,


    Google). What are some others?
     Hint: look up “bug bounty”
     First person to complete the above: Create a Slack channel and invite the
    class.
    Homework

     1. Create VMs, establish communication, source a USB drive


     2. Find a security podcast and listen to at least 5 minutes of it.
     3. Find a security Meetup that meets in Melbourne within the next 3
    months

    You might also like