Recognize-Security » Presentations

Client-Side Vulnerabilities and Penetration Testing

Trancer — Tue, 17 Mar 2009 19:06:05 +0000

In today’s world the Internet is not what it used to be. Back in the days hacking was pretty easy – an attacker who wants to penetrate a company network just had to do a little reconnaissance – host discovery, port scanning, OS and services detection to find a vulnerable service, fire up an exploit and that’s all there is to it.
Scenarios of such are almost impossible these days. The vast majority of companies have heavily protected internal networks from outside threats. Thanks to firewalls, IDS/IPS’s, content/web filtering appliances, anti-virus/spyware software, SIM/SOC products and etc’, penetrating a company internal network is a really hard job. Therefore, the easiest way for an attacker to penetrate a company internal network is to attack her weakest link – Users.
Anyone in the IT/information security field who’s aware of attacks and exploitation trends for the past few years knows the statistics – attackers are now attacking users, or in other words, exploiting client-side vulnerabilities. A quick look at the exploits posted daily on milw0rm proves this fact. Or, reading the statistics of the Mass SQL Injection attacks and how it got so damn popular in the last couple of years. Exploiting client-side vulnerabilities actually works quite efficiently, and that’s what attackers exploit.
In the attackers arsenal you’ll find tons of exploits targeting users desktops. It starts with web browser exploits and ActiveX exploits (various IE toolbars and other), through 3rd party applications exploits (Adobe Reader, Adobe Flash, Apple QuickTime, RealPlayer and more) and various fileformat exploits, targeting Microsoft Office and other office suites, media players, image viewers and what not. Attackers are able to exploit users desktops in so many ways and so easily that most of the time attacks will be successful.

The following presentation is about this subject, and demonstrating it well using the Metasploit Framework. It’s called Attacking Layer 8: Client-Side Penetration Testing, presented at SOURCE Boston 2009 by the guys of Full Scope Security and they doing a great job explaining how client-side vulnerabilities risk companies more then any other threat these days.

Or you can watch it on their web site – Attacking Layer 8: Client-Side Penetration Testing.

Nmap 4.76 released

Trancer — Mon, 15 Sep 2008 00:20:54 +0000

Fyodor released a new version of the world best network mapper \ port scanner – Nmap 4.76.

Some of the new version cool features was presented by Fyodor at the latest DefCon.

Or watch it on his site – insecure.org.

DefCon 15 – Tactical Exploitation presentation

Trancer — Tue, 02 Sep 2008 15:46:24 +0000

Tactical Exploitation presentation (or “the other way to pen-test”) by H D Moore and Valsmith.

Penetration testing often focuses on individual vulnerabilities and services. This talk introduces a tactical approach that does not rely on exploiting known vulnerabilities. Using combination of new tools and obscure techniques, I will walk through the process of compromising an organization without the use of normal exploit code. Many of the tools will be made available as new modules for the Metasploit Framework.

Grab the presentation and the paper.

DefCon 15 – No-Tech Hacking presentation

Trancer — Tue, 02 Sep 2008 15:40:18 +0000

No-Tech Hacking presentation from DefCon 15 by Johnny Long.

The Pwnie Awards 2008 Video

Trancer — Fri, 22 Aug 2008 18:49:51 +0000

The Pwnie Awards 2008 ceremony video has released.

In my opinion, Mark Dowd should have won the best client-side bug for his Leveraging the ActionScript Virtual Machine paper, owning Adobe Flash players.

Have fun :-)