introduction to infosec – recitation 15 nir krakowski (nirkrako at post.tau.ac.il) itamar gilad...
TRANSCRIPT
Introduction to InfoSec –
Recitation 15Nir Krakowski (nirkrako at post.tau.ac.il)Itamar Gilad (itamargi at post.tau.ac.il)
Today• Metasploit• Class pick of one or more
advanced topics• Other questions on any course
topic
Metasploit”””The Metasploit Project is a computer security project
which provides information about security vulnerabilities and aids in penetration testing and IDS signature development.
Its best-known sub-project is the open-source Metasploit Framework, a tool for developing and executing exploit code against a remote target machine. Other important sub-projects include the Opcode Database, shellcode archive, and security research.
”””-- wikipedia.org page about MetaSploit
Metasploit• A community, a body of knowledge• A framework you can use to develop your
own exploit / shellcode / complex attack scenario
• A fairly complete penetration testing environment...
DEMO Bonanza
Metasploit - recap• A community, a body of knowledge• A framework you can use to develop your own
exploit / shellcode / complex attack scenario• A fairly complete penetration testing
environmento Network scanningo Network attacko Setting up Phishing websites and sending Spear-Phishing e-mailso Setting up browser exploitation web siteso Once a machine is compromised –
• A powerful RAT – access local files, download machine information, control the machine, take screenshots
• Enables further exploitation – o Pivoting to other network elementso Leaving a persistent backdoor
A show of hands…• Malware identification and analysis –
o Where (Host based, firewalls, offline analysis)o Classification & Identification methods (signatures, tripwires, syscall
analysis, code similarities)
• HoneyPots –o Motivationo Basic approacheso difficulties (polymorphism, packing, VM/debugger identification,
conditional payload execution)
• Exploitation of race condition bugs• Use-after-free vulnerabilities and heap spraying• Classic heap overflows
Questions?