SECRET PENTESTING TECHNIQUES | PENTEST REGULAR 06/2013 TEASER

Dear PenTest Readers!

We are proud to present you the Teaser of our latest PenTest Regular issue in which you will find some new/uncommon pentesting knowledge. With the help of a group of experts, we have prepared a set of articles containing little known methods and techniques.

In the teaser you will be able to read 2 of 13 articles which will help you to broaden your pentesting horizons.

Feeling interested? There is much more to be discovered in the full issue (see the full issue’s table of contents below).

Enjoy your reading with PenTest Magazine!

BUGS AND WORMS
Conficker
By Milind Bhargava
A normal security admin may have a lab to test against basic security threats, but for those working in large corporations, can they be sure they can remain standing against something like conficker? I plan to build a custom conficker type worm and release it on my lab network.

Uncommon Security Bugs
By Mrityunjay Gautam
I have worked on a series of application penetration testing projects on a very wide variety of products and have had the chance to look at various sub-components. In the course of my time spent doing penetration testing, I have seen a huge number of minor as well as major security issues in these products. In this article, I would like to talk about some of the very interesting security issues that I found doing these pentests, along with the correct way to fix those.

Exploiting Java Debug Wire Protocol
By Kristian Erik Hermansen
In this article, I would like to discuss a topic of which there is very little information about on the Internet to date for pentesters, which is the Java Debug Wire Protocol (JDWP) and how to exploit it.

TOOLS
Metasploit – All You Need to Hack into an Internal Network
By Blackbox
Let’s assume, you have installed Kali Linux and have access to a virtual lab or have express permission from your company’s IT manager to test your internal network. What’s next?

Does Using LOIC Make You Impercebtible?
By Milind Bhargava
Imagine you come across a great DDoS tool. You remember that one guy you didn’t like and decided now would be a good time to take revenge. So you go and download LOIC – yes, the same one used by Anonymous, and you think you can do what you want and get away clean. WRONG – you are not getting away, you can be tracked. By tracked I don’t mean getting your IP. This article will show you how to protect against Low Orbit Ion Cannon.

Evading Prism – Your Toolkit for Being Anonymous
By Mohsen Mostafa Jokar
Despite all the useful features, Internet has some threats too. A big challenge on the Internet is security and anonymity. You can talk to millions of people and don’t have any identity. How can you recognize your counterpart? How can you trust it? And so on. I’m sure you heard about “Prism.” It is an NSA project since 2007.The Prism program collects stored Internet communications and it is a codename for data collection. How can we be secure? It is hard to say and perhaps impossible to resolve but you can use some tips and tricks to protect. We want to show you some useful tools and techniques that may improve your anonymity on the Internet and stop hackers as well.

SOCIAL ENGINEERING
How to Infiltrate a Company: Social Engineering for Pentesters
By Duane Blanchard
We often hear and read that humans are the greatest weakness in corporate, government, and even personal security. I do believe this is true, and I love the challenges that social engineering presents to both attackers and defenders. As supple as humans often seem, we are all remarkable creatures. Intricate and complicated, yet simple and predictable; beautiful and frightening; trusting and wary; powerful and vulnerable – all in the same moment. Given the complexities of the human condition, I implore the reader to take the highest road in exercising your social engineering (SE) skills. SE works only by manipulation of people’s emotion (even the attackers’), particularly through emotions in the context of society. Be the most ethical of hackers, the whitest of the white hats.

Social Engineering Audit – Testing Security Awareness
By Eszter Oroszi
One of the most important security issues at all business organizations is to improve the security awareness level of the employees. Unfortunately, a lot of companies do not consider it to be so critical. Usually they think that technical security solutions, firewall, and anti-malware systems are enough to protect the information assets of their company. But there are some attack methods that exploit various deficiencies of the employees’ security awareness and can cause damage and loss not only to the targeted employee, but the whole organization as well. In my article, I would like to introduce the readers into the world of social engineering, and its auditing methods.

ATTACKS
Hасking SAP Enterprise Portal
By Dmitry Chastukhin
Business applications have been and will always be the cherished goal of cybercriminals’ attacks. Such actions can have many purposes: industrial espionage, the desire to cause financial or reputational losses, sale of critical information. In this article, I would like to tell in detail how a potential attacker can attack one of the most popular modules of the SAP ERP system: SAP Enterprise Portal, and how such attacks can be avoided.

Common Attack Patterns in Penetration Testing
By Sumit Agarwal
A penetration testing project for assessing overall security of an organization covers testing of various aspects and layers of its security infrastructure. The idea of a pentest is not just to check the existence of controls but to evaluate the sufficiency and appropriateness of these controls.

MINDSET
Busting the Hollywood Hacker Myth
By Chris Berberich
First and foremost, one has to understand that pentesting (hacking) techniques are not like anything you may have seen in the movies. A hacker just doesn’t sit down on a laptop and hack into a network without knowing anything about the system. There is no GUI interface that shows tunnels of information while you are doing a pentest. Yes, there are GUI interface tools, but nothing like you see in the movies. There are a few options to get into a system; for instance, social engineering techniques, information gathering techniques, vulnerability assessment techniques, and exploiting the system.

Hacker State of Mind – Advanced Strategies for Penetration Testing
By Russ Rogers
Penetration testing, and hacking in general, is really a state of mind. You can’t just sit down and teach someone to be a hacker. If you could, it wouldn’t be so awesome. Penetration testers are just hackers, with a different name; at least the really good ones are. So, when I was asked to write this article, helping to define techniques for advanced level penetration testing, I had to take a serious step back, and consider my options. I’ve decided that all I can really do is attempt to convey to you, in a few short pages, the concept of what it means to think like a hacker, and how you can use those skills while you conduct testing against your own organization (or customers). With that in mind, the goal for this article is to teach you some of the traits that make hackers great, so you can adopt them for yourselves.

PLUS
CryptoLocker Ransomware
By Milind Bhargava