Introduction to InfoSec –

Recitation 15Nir Krakowski (nirkrako at post.tau.ac.il)Itamar Gilad (itamargi at post.tau.ac.il)

Today• Metasploit• Class pick of one or more

advanced topics• Other questions on any course

topic

Metasploit”””The Metasploit Project is a computer security project

which provides information about security vulnerabilities and aids in penetration testing and IDS signature development.

Its best-known sub-project is the open-source Metasploit Framework, a tool for developing and executing exploit code against a remote target machine. Other important sub-projects include the Opcode Database, shellcode archive, and security research.

”””-- wikipedia.org page about MetaSploit

Metasploit• A community, a body of knowledge• A framework you can use to develop your

own exploit / shellcode / complex attack scenario

• A fairly complete penetration testing environment...

DEMO Bonanza

Metasploit - recap• A community, a body of knowledge• A framework you can use to develop your own

exploit / shellcode / complex attack scenario• A fairly complete penetration testing

environmento Network scanningo Network attacko Setting up Phishing websites and sending Spear-Phishing e-mailso Setting up browser exploitation web siteso Once a machine is compromised –

• A powerful RAT – access local files, download machine information, control the machine, take screenshots

• Enables further exploitation – o Pivoting to other network elementso Leaving a persistent backdoor

A show of hands…• Malware identification and analysis –

o Where (Host based, firewalls, offline analysis)o Classification & Identification methods (signatures, tripwires, syscall

analysis, code similarities)

• HoneyPots –o Motivationo Basic approacheso difficulties (polymorphism, packing, VM/debugger identification,

conditional payload execution)

• Exploitation of race condition bugs• Use-after-free vulnerabilities and heap spraying• Classic heap overflows

Questions?