HOW TO LEARN A MAKE A PENTEST
SCHEDULE WHAT IS A PENTEST YOUR PHASES * RECONNAISSANCE | SCANNING | GAINING ACCESS | MAINTAINING ACCESS | CLEANING TRACKS HOW TO BYPASS AV | HOW TO HACK WINDOWS 7 | REMOTE HOW TO HACK – FACEBOOK HOW TO AVOID SOME ATACKS ? DEMO
FELIPE ZUCKERMAN ENTHUSIAST IN IT FOCUSED ON SAFETY
WHAT IS A PENTEST ?
YOUR PHASES
RECONNAISSANCE This phase consist in obtain the maximum of information about the target such as: OS System Topology Network Email Address, Presence of Firewall, AV Enumeration about the services and your version use auxiliary/scanner/smb/smb_version nmap --script smb-os-discovery.nse <target> ttl value windows= 128 Linux = 64
LET’S SEE ?
GAINING ACCESS
NETSH ADVFIREWALL SET PUBLICPROFILE STATE OFF
SCANNING The scanning process can be divided into three steps: Determining if a system is active. Port scanning the system. Scanning the system for vulnerabilities Ex: USAGE #nmap [Scan Type(s)] [Options] {target specification}
MAINTAINING ACCESS
NETCAT
BELOW IS SHOWN SOME WAYS TO DETECT INTRUDERS IN YOUR SYSTEM %AllUsersProfile%\Application Data\ HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\SpecialAccounts\UserList
DISABLE SOME SERVICES TELNET REMOTE DESKTOP REMOTE REGISTRY
Nessus é um dos melhores scanners de vulnerabilidades e pode ser encontrado tanto na versão comercial quanto na versão doméstica, que é grátis. Além do Nessus temos também o OpenVAS e Nexpose que também são ótimos scanners de vulnerabilidades que abordaremos em breve.
PenETRATION TEST ?
Configuração do Computador > Configurações do Windows > Configurações de Segurança > Políticas Locais > Política de Auditoria.
PRIVILEGE ESCALATION Local privilege escalation happens when one user acquires the system rights of another user. Network intruders have many techniques for increasing privileges once they have gained a foothold on a system
LINK: http://www.exploit-db.com/exploits/15609/ PRIVILEGE LOCAL PRIVILEGE REMOTE LINK: http://www.exploit-db.com/exploits/15609/
HACKING WINDOWS 7 WITH POWERSHELL
BYPASSING ANTIVIRUS Veil-Evasion is a tool to generate payload executables that bypass common antivirus solutions.
2 1 O ANTIVIRUS DETECTOU MEU ARQUIVO 3 3 4
6 5 NO COMENTS 8
CLEARING TRACKS
CLEARING TRACKS
PENETRATION TEST DEMO
REFERENCES 1. Metasploit http://www.metasploit.com 2. Pen Tester http://en.wikipedia.org/wiki/Penetration_test 3. NETWORK COMPUTERS http://pt.wikipedia.org/wiki/Rede_de_computadores 4. INSTRODUTION TO TCP/IP http://www.vivaolinux.com.br/artigo/Introducao-ao-Protocolo-Internet-IP 5. VIRTUALIZATION http://www.vivaolinux.com.br/artigo/Virtualizacao-Montando-uma-rede-virtual-para-testes-e-estudos-de-servicos-e-servidores 6. Keylogging http://pt.wikipedia.org/wiki/Keylogger 7. Backdoor http://pt.wikipedia.org/wiki/Backdoor
CONTACT @FelipeZuckerman Felipezuckerman Felipesecmaniac@gmail.com