introduction to ethical hacking - san jose state university · introduction to ethical hacking...
TRANSCRIPT
Introduction to Ethical Hacking
Summer University 2015 SJSU, San Jose
Alexandre Karlov
#whoami• Cursus
• MSc in Telecommunication sciences (EPFL’06)
• PhD in Cryptology (EPFL’11)
• Cryptography expert at Kudelski group
• Manager of cybersecurity projets at Kudelski group
• Currently professor at University of Applied Science Western Switzerland (HEIG-VD) and independent security consultant
• Interests and Research
• Practical systems (in)security
• Pentests
• Vulnerabilities of industrial control systems (SCADA)
• CTFs (more on that later)
#man course
• Provide you a taste of hacking
• Understand how an attacker thinks and try to develop a similar mindset
• Get familiar with security challenges
• Best way to learn
• Have Fun!
#head course
• Quick intro
• Some tools
• Bonus
• Up to you to play
0x01 Intro
Why Ethical Hacking
Why Ethical Hacking
Why Ethical Hacking
Why Ethical Hacking
Source: Presentation of Urs P. Küderli, Chief Security Advisor @ Microsoft «Security Development Lifecycle - a process to develop more secure software»
Why Ethical Hacking
Why Ethical Hacking
• In order to develop and architect information systems in a secure way, you must be aware of vulnerabilities
• Before protecting you should know ways how the system can be exploited
• Hacker mindset
• Finding vulnerabilities on the systems
• Do it in a legal way
Why Ethical Hacking
How?•So how do you learn the skills and train your mindset ?
•Continuous learning
•Principle valid outside information security field as well
•New exploits, tools and frameworks are appearing almost every day
•Technical skills are best built through hands-on experience
•Vulnerable VMs
•Online challenges
•CTFs
•…more CTFs
•Reading and practicing - tons of information available on the web
•Twitter, blogs, (CTF) write-ups, vulnerabilities disclosures and PoCs
•Books
•Technical security trainings
Rules of Engagement• Work by groups of 2
• Register at www.root-me.org
• Start by doing some (very) easy challenges in order to understand the principle
• Read (a lot of) related docs
• Try to do challenges from categories in which you are less experienced
• For the final grading submit your write-ups (along with your scripts and other relevant files) for 5 challenges
• Still by group of 2
• Of at least intermediate difficulty
• From at least 3 different categories
• Submit by email to [email protected]
0x02 Tools
Tools
• So what are the best tools to be an ultimate hacker ?
• Which OS to use ? Windows, Linux or OSX ?
Recommendations• Have all three of them, or at least Windows and Linux • Don’t think of them as different operating systems
• Thinks of them as set of tools
• Setup a virtualized environment on you machine (VMWare) • Deploy images of Windows and Linux boxes so that you can easily switch between
• Today’s average Portable PC (quad-core) • Can easily run several OS in parallel • Images allow easily to backup, roll-back and deploy a fresh/clean version of the OS
Kali• The Kali linux distribution which superseded historical BackTrack (BT) linux is seen as a de-facto standard platform to help you with your pentest tasks • Debian-based distribution • More than 300 tools for pentest and data forensics • Active online support community
!!!!
If you are an Arch Linux fan, you might want to give BlackArch a try
Kali
• Download from www.kali.org • Either an ISO from http://www.kali.org/downloads/ • VMWare image from http://www.offensive-security.com/kali-linux-vmware-arm-image-download/
• Download, unzip (7z x kali-linux-1.0.9-vm-amd64.7z) and open the image in VMPlayer
• default username and password: root/toor
• remember to change the root password
• apt-get update && apt-get upgrade • If running a WMPlayer, ensure that you are using NAT network option for your virtual network adapter on SJSU campus
Kali - non root user
• When installed, Kali linux uses root user for all tasks
• It is a good security practice to add an additional user with non-root privileges •useradd -m noroot passwd noroot usermod -a -G sudo noroot chsh -s /bin/bash noroot
• Replace the noroot by whatever you prefer
Kali - Install Multiarch support
• By default Kali comes with 64 bit architecture •sudo dpkg -–add-architecture i386 sudo apt-get update sudo apt-get upgrade
• Enables 32-bit support • Useful for applications supporting only 32-bit
Kali - default repositories
• The default package repositories that should be present in /etc/apt/sources.list are listed as follows; if not present, edit the sources.list file to include them
## Kali deb http://http.kali.org/kali kali main contrib non-free## Kali-dev deb http://http.kali.org/kali kali-dev main contrib non-free## Kali Security updates deb http://security.kali.org/kali-security kali/updates main contrib non-free
0x03 Bonus
CTF? WTF?• Capture The Flag
• Computer Security Competition between teams
• Jeopardy: tasks/challenges in several categories - Web, Crypto, Forensics, CrackMe/Binary, Programming….
• Attack-defense: Every team is provided with some environment with vulnerable services. Patch yours and grab flags from others.
• Flag is hidden somewhere
• Online challenges are usually organized in the same manner - good start for training
• Great way to learn and have fun!
Famous CTFs
• DEFCON - Jeopardy + Attack-defense • Best way to get to Vegas • CTF Olympics
• Hack.lu CTF
• Ghost in the Shellcode
• PlaidCTF
!
• Check out ctftime.org
Bonus: PoliCTF• You are lucky - the coming weekend there is an online CTF competition.
• URL: polictf.it
• Starts at 2:00 AM Friday PDT (local time) and lasts for 48 hours (Sunday 2:00 AM PDT).
• If you get bored here and think you are really smart, register and try some challenges there
• Submit your write-up of one challenge you solve before Sunday 3:00 AM PDT local time sharp to [email protected]
• 3 groups for the same challenge max! (6 people)
• First come - first serve basis
• You will have the honour to present your solution before the class on Monday or Wednesday
• Replaces 3 challenges of your assignment.
0x03 Your turn!