Se ha denunciado esta presentación.
Utilizamos tu perfil de LinkedIn y tus datos de actividad para personalizar los anuncios y mostrarte publicidad más relevante. Puedes cambiar tus preferencias de publicidad en cualquier momento.

How to hack. Cyprus meetup

195 visualizaciones

Publicado el

What exactly security auditors are doing. All is here :)

Publicado en: Tecnología
  • Inicia sesión para ver los comentarios

  • Sé el primero en recomendar esto

How to hack. Cyprus meetup

  1. 1. How to hack Security meetup, Limassol, 05/15/18 Ivan Novikov (@d0znpp)
  2. 2. 200+ $1M 10+ 1 //(medium|twitter).com/@d0znpp security audits since 2009 total bug bounties and rewards researches and discovers e-book SSRF bible
  3. 3. “Gartner Says Worldwide Information Security Spending Will Grow 7.9 Percent to Reach $81.6 Billion in 2016” 2015 $75 B 2016 $81.6 B This bullet definitely costs more than $156.6 B It’s not a silver… Or the weight is about 269’400 tons
  4. 4. One simple question
  5. 5. How it works?
  6. 6. Why? Two important things since the 30s No documentation (because of the Apple and UX) ● Try to find documentation for Chrome :) ● How to understand that it’s the bug but not a backdoor Closed source software (because of the Intel et al.) ● What’s does “Intel inside” really mean?
  7. 7. Layer cake How many layers do you know? I spent last 10 year for the security and don't sure that know about all of them
  8. 8. Computer science
  9. 9. Information security
  10. 10. What exactly we are doing Perimeter discovery Vulnerability discovery Exploitation Post-exploitation Risk analysis
  11. 11. Perimeter discovery NOC Vulnerability discovery QA engineer Exploitation Developer Post-exploitation DevOps Risk analysis Manager What exactly we are doing
  12. 12. Main aspects Perimeter. Just know your perimeter 3rd party components and software. Just know your requirements Test coverage and test plan Monitoring Incident response
  13. 13. Case #1. Gaming platform (10+ games under the roof) A hacker found SQL injection because on gaming forum The forum was connected to main players database Hackers started to ‘;INSERT INTO stuff SET (<userid>, <rare-stuff-id>, … Then they sold a lot of stuff for 30% price Crash the entire game economy No users report (all of them were happy)
  14. 14. Case #2. E-commerce platform, #1 local market player The point was to ship order with no payment somewhere From the website to corporate network Research how it’s going on inside with shipments Hack the printer and just print an order on it Staff there will use paper to deliver order ;)
  15. 15. Case #3. Internet bank Client-side vector like really Digital signatures everywhere Stored XSS (Cross Site Scripting) in a news feed JavaScript inject to send transactions when token installed on the client side Use the same JS to hide these transactions from the web page ;)
  16. 16. Case #4. Payment system, a secured one We tried to hack smth but were failed Perimeter discovery process identified IoT devices inside corporate AS (thanks BGP) Found security cameras which protects private space (home of one of the co-founder) Hacked DVR device (Digital Video Recorded) inside home network Found VPN from there to corporate network Hacked power device in a datacenter to avoid isolation
  17. 17. Case #5. Hack them all!
  18. 18. Thanks! Follow me: @d0znpp Twitter, Medium, Facebook, Telegram, Snapchat