HOW TO LEARN A MAKE A PENTEST

Apresentação em tema: "HOW TO LEARN A MAKE A PENTEST"— Transcrição da apresentação:

1 HOW TO LEARN A MAKE A PENTEST

2 SCHEDULE WHAT IS A PENTEST
YOUR PHASES * RECONNAISSANCE | SCANNING | GAINING ACCESS | MAINTAINING ACCESS | CLEANING TRACKS HOW TO BYPASS AV | HOW TO HACK WINDOWS 7 | REMOTE HOW TO HACK – FACEBOOK HOW TO AVOID SOME ATACKS ? DEMO

3 FELIPE ZUCKERMAN ENTHUSIAST IN IT FOCUSED ON SAFETY

4 WHAT IS A PENTEST ?

5 YOUR PHASES

6 RECONNAISSANCE This phase consist in obtain the maximum of information about the target such as: OS System Topology Network Address, Presence of Firewall, AV Enumeration about the services and your version use auxiliary/scanner/smb/smb_version  nmap --script smb-os-discovery.nse <target> ttl value windows= 128 Linux = 64

7 LET’S SEE ?

8

9 GAINING ACCESS

10

11 NETSH ADVFIREWALL SET PUBLICPROFILE STATE OFF

12

13 SCANNING The scanning process can be divided into three steps:
Determining if a system is active. Port scanning the system. Scanning the system for vulnerabilities Ex: USAGE  #nmap [Scan Type(s)] [Options] {target specification}

14 MAINTAINING ACCESS

15

16 NETCAT

17

18 BELOW IS SHOWN SOME WAYS TO DETECT INTRUDERS IN YOUR SYSTEM
%AllUsersProfile%\Application Data\ HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

19 HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\SpecialAccounts\UserList

20 DISABLE SOME SERVICES TELNET REMOTE DESKTOP REMOTE REGISTRY

21 Nessus é um dos melhores scanners de vulnerabilidades e pode ser encontrado tanto na versão comercial quanto na versão doméstica, que é grátis. Além do Nessus temos também o OpenVAS e Nexpose que também são ótimos scanners de vulnerabilidades que abordaremos em breve.

22 PenETRATION TEST ?

23 Configuração do Computador > Configurações do Windows > Configurações de Segurança > Políticas Locais > Política de Auditoria.

24 PRIVILEGE ESCALATION Local privilege escalation happens when one user acquires the system rights of another user. Network intruders have many techniques for increasing privileges once they have gained a foothold on a system

25 LINK: http://www.exploit-db.com/exploits/15609/
PRIVILEGE LOCAL PRIVILEGE REMOTE LINK:

26

27 HACKING WINDOWS 7 WITH POWERSHELL

28

29 BYPASSING ANTIVIRUS Veil-Evasion is a tool to generate payload executables that bypass common antivirus solutions.

30 2 1 O ANTIVIRUS DETECTOU MEU ARQUIVO 3 3 4

31 6 5 NO COMENTS 8

32 CLEARING TRACKS

33 CLEARING TRACKS

34 PENETRATION TEST DEMO

35

36

37 REFERENCES 1. Metasploit http://www.metasploit.com 2. Pen Tester
3. NETWORK COMPUTERS 4. INSTRODUTION TO TCP/IP 5. VIRTUALIZATION 6. Keylogging 7. Backdoor

38 CONTACT @FelipeZuckerman Felipezuckerman