Introduction to Info Sec Recitation 15 Nir Krakowski

Introduction to Info. Sec – Recitation 15 Nir Krakowski (nirkrako at post. tau. ac. il) Itamar Gilad (itamargi at post. tau. ac. il)

Today • Metasploit • Class pick of one or more advanced topics • Other questions on any course topic

Metasploit ””” The Metasploit Project is a computer security project which provides information about security vulnerabilities and aids in penetration testing and IDS signature development. Its best-known sub-project is the open-source Metasploit Framework, a tool for developing and executing exploit code against a remote target machine. Other important sub -projects include the Opcode Database, shellcode archive, and security research. ””” -- wikipedia. org page about Meta. Sploit

Metasploit • A community, a body of knowledge • A framework you can use to develop your own exploit / shellcode / complex attack scenario • A fairly complete penetration testing environment. . . DEMO Bonanza

Metasploit - recap • A community, a body of knowledge • A framework you can use to develop your own exploit / shellcode / complex attack scenario • A fairly complete penetration testing environment o o o Network scanning Network attack Setting up Phishing websites and sending Spear-Phishing e-mails Setting up browser exploitation web sites Once a machine is compromised – • A powerful RAT – access local files, download machine information, control the machine, take screenshots • Enables further exploitation – o Pivoting to other network elements o Leaving a persistent backdoor

A show of hands… • Malware identification and analysis – o Where (Host based, firewalls, offline analysis) o Classification & Identification methods (signatures, tripwires, syscall analysis, code similarities) • Honey. Pots – o Motivation o Basic approaches o difficulties (polymorphism, packing, VM/debugger identification, conditional payload execution) • Exploitation of race condition bugs • Use-after-free vulnerabilities and heap spraying • Classic heap overflows

Questions?