|preview exploit 08 2017.pdf|
Dear PenTest Readers,
We would like to proudly present you the newest issue of PenTest. We hope that you will find many interesting articles inside the magazine and that you will have time to read all of them.
This issue will focus on exploiting techniques and case studies. Firstly you will be introduced to the BeEF security tool and showed how to take over systems and get access to them. Later Suleman Malik will disclose his top findings where he exploited vulnerabilities in major websites: Huawei, LinkedIn, Cisco. We’ve also prepared for you articles about OWASP Top 10 vulnerability testing with WebGoat, SQL injection with sqlmap tool, fuzzing exploitation techniques, and exploiting command injections attacks in real time.
As always our magazine contains couple articles with mixed content. You can read an article that will explain you theoretical basics of machine learning or advanced endpoint threat detection with Microsoft Defender ATP. We’ve prepared a paper that introduces a process which can be adopted to manage risks related to the vulnerabilities identified by vulnerability scanning, focusing on the risk rate only. What’s more you can read about concept of cyberspiritual security and Kill Chain methodology with a real life example. Last but not least you will learn how to migrate data and generate documents with Talend components.
Enjoy your reading,
Table of contents
Exploiting the web browser
Amid growing concerns about web-borne attacks against clients, including mobile clients, BeEF allows the professional penetration tester to assess the actual security posture of a target environment by using client-side attack vectors. Unlike other security frameworks, BeEF looks past the hardened network perimeter and client system, and examines exploitability within the context of the one open door: the web browser. BeEF will hook one or more web browsers and use them as beachheads for launching directed command modules and further attacks against the system from within the browser context.
Software Exploitation: Web Application Hacking
There is no doubt that web application security is a current and newsworthy subject. For all concerned, the stakes are high: for businesses that derive increasing revenue from Internet commerce, for users who trust web applications with sensitive information, and for criminals who can make big money by stealing payment details or compromising bank accounts. Reputation plays a critical role. Few people want to do business with an insecure website, so few organizations want to disclose details about their own security vulnerabilities or breaches. Hence, it is not a trivial task to obtain reliable information about the state of web application security today.
Today I will disclose some of my top findings where I exploited vulnerabilities in some major websites: Huawei account takeover (API endpoint vulnerability), Remote code execution/Server side template injection on Intel, Deleting LinkedIn user from group without their knowledge, Cisco account takeover vulnerability.
OWASP Top 10 Vulnerability Testing with Web Goat
This article is for experts and fresher both who want to learn web application penetration testing. Article contains in depth details and concepts to perform web application penetration testing, setting own WAPT lab, business impact of each OWASP Top 10 vulnerability, solution as well as all parameter to exploit OWASP Top 10 manually.
SQL Injection attack with sqlmap tool
For this issue of PentestMag, I would like to demonstrate the SQL injection attack with the help of the sqlmap tool. Things required to perform the attack: SQLI Vulnerable target, sqlmap (Note: sqlmap is a Python based tool so, to run sqlmap.py Python is required) and the most important thing is your brain.
Software Exploitation through Fuzzing
Let’s start one more article. As usual, I’m excited to share knowledge with you, dear reader. This time, as you may have already noticed, we’re dealing with bugs. They can present us some opportunities to exploit software we chose as our target. Software exploitation through bugs is possible in a reasonable amount of ways, but there’s one quite interesting: fuzzing.
Command Injection with DVWA
This article explains how command injection attacks are being exploited in real time. For practical purposes, this article covers how to exploit command injection in Damn Vulnerable Web Application (DVWA) hosted in a Linux machine as well as a Windows machine. It will also cover how to get access to the system shell via command injection.
Machine Learning in Information Security
We all agree that information security is a Big Data problem. Humans generate huge amounts of data in the form of blog posts, social media, business data, e-mails, instant messaging, videos, darknet traffic, machine generated data and other sources. This explosion of data is fueled by the unprecedented growth of internet usage and smart phones. This ever-cheaper handheld technology enables us to create, capture, store, share, and manage information with unprecedented convenience and efficiency. Woven into this heap of noise are both our most guarded secrets and shadows of threats that seek to uncover them.
Endpoint Advanced Threat Protection
The weakest link in your security chain is the endpoint because the end user uses it and it needs to be carefully monitored to spot any malicious activity, detect it and respond back. This should go hand in hand with a complete user awareness program to ensure all endpoint users are aware of the current threat landscape and make everyone understand that security is the responsibility of everyone.
Risk Rating of Vulnerabilities
Vulnerability scanners can reveal different vulnerabilities of a particular system, along with their respective risk severity. However, the veracity of the output is highly dependent on the tool used, as sometimes the estimated risks pertaining to different vulnerabilities do not reflect the reality, irrespective of whether a vulnerability is a false positive or not. The paper introduces a process that can be adopted to manage risks related to the vulnerabilities identified by vulnerability scanning, focusing on the risk rate only. The work presented is based on a manual approach to vulnerability management in order to assign the most reliable risk rates to each one.
Cyberspiritual Security: Securing the future
Cyberspiritual Security defines the protocols by which end-users must operate in securing transmissions between advanced swarm and/or artificial intelligences. This article is an examination of some advanced technologies and their current status in consumer availability and a projected security analysis of what one might be projected to defend against out there on the digital frontier, where there be dragons.
Kill Chain Analysis- harnessing the attack vectors
Kill chain analysis is a term created by Lockheed Martin, and is used to describe the different stages of cyberattacks. This also can be said to define the structure of the intrusion, and the corresponding model guides analysis to inform actionable security intelligence. The goal is to use the “kill chain” to help you develop capabilities that allow you to identify attacks earlier in the kill chain, rather than waiting for late-stage attacks to become apparent.
Migrate data and generate documents with Talend components
In an ultra-competitive world where innovation makes a difference, it is important to be attentive to company's performance, always in phase with the expectations of its customers, while maintaining a head start on its current and potential competitors. Also, company's sole purpose is to assist the decision-making process in the organization. So it's a strategic project. As discussed in this article, it is closely linked to the strategy and its deployment. In this article I will show you how to migrate data using tFilterRow and tMap components and how to generate a document by using the tJasperOutput component.