PenTest_OPEN_04_2013.pdf
(
7331 KB
)
Pobierz
Cyber Security Auditing Software
Improve your
Firewall Auditing
As a penetration tester you have to be an expert in multiple
technologies. Typically you are auditing systems installed and
maintained by experienced people, often protective of their own
methods and technologies. On any particular assessment testers may
have to perform an analysis of Windows systems, UNIX systems, web
applications, databases, wireless networking and a variety of network
protocols and
rewall devices. Any security issues identi
ed within
those technologies will then have to be explained in a way that both
management and system maintainers can understand.
he network scanning phase of a
penetration assessment will quickly
identify a number of security
weaknesses and services running on the
scanned systems. This enables a tester to
quickly focus on potentially vulnerable
systems and services using a variety of tools
that are designed to probe and examine
them in more detail e.g. web service query
tools. However this is only part of the picture
and a more thorough analysis of most
systems will involve having administrative
access in order to examine in detail how
they have been configured. In the case of
firewalls, switches, routers and other
infrastructure devices this could mean
manually reviewing the configuration files
saved from a wide variety of devices.
Although various tools exist that can
examine some elements of a configuration,
the assessment would typically end up
being a largely manual process. Nipper
Studio is a tool that enables penetration
testers, and non-security professionals, to
quickly perform a detailed analysis of
network infrastructure devices. Nipper
Studio does this by examining the actual
configuration of the device, enabling a much
more comprehensive and precise audit than
a scanner could ever achieve.
www.titania.com
With Nipper Studio penetration testers can be experts in
every device that the software supports, giving them the
ability to identify device, version and configuration
specific issues without having to manually reference
multiple sources of information. With support for around
100 firewalls, routers, switches and other infrastructure
devices, you can speed up the audit process without
compromising the detail.
You can customize the audit policy for your customer’s
specific requirements (e.g. password policy), audit the
device to that policy and then create the report detailing
the issues identified. The reports can include device
specific mitigation actions and be customized with your
own companies styling. Each report can then be saved
in a variety of formats for management of the issues.
Why not see for yourself, evaluate for
free at titania.com
Ian has been working with leading global
organizations and government agencies to
help improve computer security for more
than a decade.
He has been accredited by CESG for his security and
team leading expertise for over 5 years. In 2009 Ian
Whiting founded Titania with the aim of producing
security auditing software products that can be used by
non-security specialists and provide the detailed
analysis that traditionally only an experienced
penetration tester could achieve. Today Titania’s
products are used in over 40 countries by government
and military agencies, financial institutions,
telecommunications companies, national infrastructure
organizations and auditing companies, to help them
secure critical systems.
www.titania.com
Dear PenTest Readers!
We are happy to handle you the newest PenTest Open. As usual, it is a
time to sum up the last period and to look ahead as well. The April’s is-
sues were full of tutorials, analysis, and manuals. We have chosen two
of those articles to be included here: ‘A Road Map to Compromise a Sys-
tem’ by Nitin Goplani and ‘Introduction to Nmap Scripting Engine (NSE)’
by Rebecca Wynn, both our friend experts and regular contributors.
This April we have also released the first issue of PenTest Magazine’s
new line – PenTest StarterKit. It turned out to be a fantastic idea! It was
received enthusiastically and has achieved our bestseller status in few
days after publication, what is a positive proof of how many people are
willing to enter the pentesting world today. It is a great reward as well,
both for us and our authors – we are happy to have the opportunity to
be a part of new pentesters’ education process. And that is why we are
set on continuing this line of our Magazine and why we are delighted to
present you two articles from its first issue. Therefore, you will find what
Chris Duffy has to say about the ‘Blind Command Line Injection’ and you
will meet Rod Soto, the 2012 Black Hat Las Vegas hacking competition
winner and developer of Kommand&&Kontrol competitive hacking tour-
naments series, who gave us an inspiring interview. Finally, since we
have happened to publish some non-strictly technical dissertations this
month, we decided to include here one of them. And so, you can have a
look at ‘Australian Penetration Testing Market Analysis’ by Nick Ellsmore,
who shows you were pentesters are needed and how much they can
earn there.
And this is it – April’s work finished. But we do not slow down, next
challenges await!
As for our plan of May’s publications, we are going to devote an is-
sue to Smartphone Pentesting and WiFi Pentesting where ‘The Impor-
tance of End User Security Training’ article by Terrance Stachowski come
from. Two eBooks will appear as well. The first one, by William Slater,
will focus on Cyber Security. In this issue you will find two pieces by its
author: ‘Threat Assessment in Cyberwarfare and Cyberdeterrence’ and
‘U.S. Policy Appraisal Related to Cyberwarfare and Cyberdeterrence’.
The second eBook, by Mark Carey, will contain a vast compendium on
ARM Exploit.
And last but not least, as it was proven the previous month, there will
be the second issue of PenTest StarterKit opening a bit wider the doors
to penetration testing.
We hope that you enjoyed the previous issues and that you will enjoy
this one and the upcoming ones. Join us to begin and become and stay
with us to be pentester!
Editor in Chief:
Ewa Duranc
ewa.duranc@pentestmag.com
Managing Editor:
Zbigniew Fiołna
zbigniew.fiolna@pentestmag.com
Marta Sobczak
marta.sobczak@pentestmag.com
Kamil Sobieraj
kamil.sobieraj@pentestmag.com
Editorial Advisory Board:
Jeff Weaver, Rebecca Wynn
Betatesters & Proofreaders
Al Alkoraishi, Vaman Amarjeet, Ayo Tayo Balogun, Elliott Bujan,
Scott Christie, Gregory Chrysanthou, Amit Chugh, Jospeh
Dalessandro, Pinto Elia, Julián Estévez, Jim Halfpenny, José Luis
Herrera, Richard Kelly, Gilles Lami, Rod MacPherson, Francisco
Carreño Martinez, Stefanus Natahusada, Davide Quarta, Robin
Schroeder, Jeff Smith, Arnoud Tijssen, Tom Updegrove, John
Webb
Senior Consultant/Publisher:
Paweł Marciniak
CEO:
Ewa Dudzic
ewa.dudzic@software.com.pl
Art Director:
Ireneusz Pogroszewski
ireneusz.pogroszewski@software.com.pl
DTP:
Ireneusz Pogroszewski
Production Director:
Andrzej Kuca
andrzej.kuca@software.com.pl
Publisher:
Hakin9 Media
02-682 Warszawa, ul. Bokserska 1
Phone: 1 917 338 3631
www.pentestmag.com
Whilst every effort has been made to ensure the high quality of
the magazine, the editors make no warranty, express or implied,
concerning the results of content usage.
All trade marks presented in the magazine were used only for
informative purposes.
All rights to trade marks presented in the magazine are
reserved by the companies which own them.
Zbigniew Fiolna,
Marta Sobczak,
& PenTest Team
DISCLAIMER!
The techniques described in our articles may only
be used in private, local networks. The editors
hold no responsibility for misuse of the presented
techniques or consequent data loss.
http://pentestmag.com
OPEN 04/2013
Page
4
CONTENTS
PENTESTING TUTORIALS
06
A Road Map to Compromise a System
tion of systems and services. As a recognition of these
dangers, the national leaders and military of most mod-
ern countries have now recognized that the potential and
likely eventuality of cyberwar is very real.
By Nitin Goplani
This article describes a few simple yet very powerful meth-
ods which can help an attacker get control of a system.
A lot of web admins and programmers end up over look-
ing some simple configuration checks which expose these
vulnerabilities. In this article we will understand how to
make use of these to get root on our target systems.
32
U.S. Policy Appraisal Related to Cyber-
warfare and Cyberdeterrence
By William Slater
It appears that President Obama and his Administration
have an acute awareness of the importance of the cyber-
space to the American economy and the American military.
However, since we are already in some form of cyberwar-
fare that appears to be rapidly escalating, it remains to be
seen what effects these cyberattacks and the expected
forthcoming Executive Orders that address cybersecurity
will have on the American people and our way of life.
12
Introduction to Nmap Scripting Engine
(NSE)
By Rebecca Wynn
Nmap (“Network Mapper”) is a free and open source (li-
cense) utility for network discovery and security auditing.
Many systems and network administrators also find it use-
ful for tasks such as network inventory, managing service
upgrade schedules, and monitoring host or service uptime.
LET’S TALK
36
Australian Penetration Testing Marker
16
Blind Command Line Injection
Analysis: Where is All the Revenue?
By Nick Ellsmore
An analysis of the Australian penetration testing market,
looking at the market spend, and the ‘gap’ between the
amount of testing calculated in dollar terms, and the num-
ber of testers in the market to deliver it.
By Chris Duffy
Blind Command Line injection (BCLIi) is when a web ap-
plication allows operating system commands to be ex-
ecuted through it with no confirmation of execution. BCLi
is typically found on poorly coded applications that allow
access to files or data through a web interface. Read this
article to get more information about the BCLIi.
INTERVIEW
42
Interview with Rod Soto
SECURITY WHITHIN ORGANIZATION
20
The Importance of End User Security
By PenTest Team
Rod Soto is a security researcher and board member of
HackMiami. He is a regular speaker at hacking conferenc-
es all over the country on the topics of penetration testing
tools and methods, as well as the topic of digital civil liber-
ties. He will tell us about his experience in the pentest field.
Training
By Terrance Stachowski
There is no question that today’s business world is geared
towards, and reliant upon, information technology. As the
buissnes world moves forward, heavily dependent upon
IT solutions for daily operations, the landscape, and way
of doing buissnes is considered the weakest link in a se-
curity program, and with the number of end users out-
weighing the number of security proffessionals, it is im-
perative they understand their role in security, and what
they can do to help protect the organization.
CYBER SECURITY
26
Threat Assessment in Cyberwarfare
and Cyberdeterrence
By William Slater
One of the main disadvantages of the hyper-connect-
ed world of the 21st century is the very real danger that
countries, organizations, and people who use networks
computer resources connected to the Internet face be-
cause they are at risk of cyberattacks that could result in
anything ranging from denial service, to espionage, theft
of confidential data, destruction of data, and/or destruc-
http://pentestmag.com
OPEN 04/2013
Page
5
Plik z chomika:
TirNaNog
Inne pliki z tego folderu:
PenTest_OPEN_03_2013.pdf
(9421 KB)
PenTest_OPEN_04_2013.pdf
(7331 KB)
Inne foldery tego chomika:
Zgłoś jeśli
naruszono regulamin