8. DIFERENTES TIPOS DE PENETRATION TESTING
No! Yo tengo Jodanse!
Wardialing un 0-day para Yo entro
es lo mejor! IIS 6.0! caminando
Phone Attacker Network Attacker Social Engineer
9. INTERNET
ATACANTE
Firewall
DMZ
LAN
SMTP WWW
DOMINIO BASE DE
DATOS
10. INTERNET
ATACANTE
Web App FW
IPS
Firewall Reverse Proxy
DMZ IDS
LAN
SMTP WWW
DOMINIO BASE DE
DATOS
24. PDF, DOC, XLS, CAD, E-mail
Texas
y el resto...
Taiwan
AR
,R
C AB
[3] Mandiant M-Trends “the advanced persistent threat”
25.
26. 0-day para IE 6-7-8
- 12 de Enero: Anuncio de Google
- 14 de Enero: Exploit en Wepawet
- 14 de Enero: Advisory de Microsoft
- 15 de Enero: PoC de MetaSploit
- 21 de Enero: Microsoft update (fuera de ciclo)
[6] Wepawet exploit
[7] German government warns against using MS Explorer
28. OSVDB 61697
This module exploits a memory corruption flaw in Internet
Explorer. This flaw was found in the wild and was a key
component of the "Operation Aurora" attacks that lead to
the compromise of a number of high profile companies. The
exploit code is a direct port of the public sample published
to the Wepawet malware analysis site. The technique used
by this module is currently identical to the public sample, as
such, only Internet Explorer 6 can be reliably exploited.
Afecta a:
- Internet Explorer 6
- Internet Explorer 7
- Internet Explorer 8
29. Agenda
• ¿ Por Qué Client Side ?
• La Operación Aurora
• Distribución y Ataques
• Conclusión
55. 2008
1968
2009
2195
2010
895
[8] PDF Based Target Attacks are Increasing
56. DEMO #3 “PDF Exploit”
Mas información en:
KUNGFOOSION: Explotando el 0-day de Adobe
Reader
57. OSVDB 61697
This module exploits a buffer overflow in Adobe Reader
and Adobe Acrobat Professional < 8.1.3. By creating a
specially crafted pdf that a contains malformed util.printf()
entry, an attacker may be able to execute arbitrary code.
Afecta a:
- Adobe Reader 8.1.2
58. +EXE
DEMO #4 “PDF + EXE”
Mas información en:
KUNGFOOSION: Embebiendo un Ejecutable dentro
de un PDF con MetaSploit
65. DEMO #6 “USB U3”
Mas información en:
KUNGFOOSION: Ataque USB U3 con MetaSploit
66. SET
social engineering toolkit
“The Java Applet Attack”
Mas información en:
KUNGFOOSION: Ingeniería Social con Applets
firmados de Java en MetaSploit