Suche senden
Hochladen
Infosecurity 2014 - Superbees Wanted
•
Als PPSX, PDF herunterladen
•
1 gefällt mir
•
729 views
Malik Mesellem
Folgen
Event: Infosecurity 2014 Topic: Superbees Wanted Location: Brussels Expo
Weniger lesen
Mehr lesen
Präsentationen & Vorträge
Technologie
Melden
Teilen
Melden
Teilen
1 von 84
Jetzt herunterladen
Empfohlen
Cyber Security Workshop @SPIT- 3rd October 2015
Cyber Security Workshop @SPIT- 3rd October 2015
Nilesh Sapariya
Hanssens Telecom Roadshow 2015 - Hacking 101
Hanssens Telecom Roadshow 2015 - Hacking 101
Malik Mesellem
SANS 2015 - Superbees Wanted
SANS 2015 - Superbees Wanted
Malik Mesellem
Sophos Day Belux 2014
Sophos Day Belux 2014
Malik Mesellem
Job Offer - Junior Security Consultant
Job Offer - Junior Security Consultant
Malik Mesellem
MME Company Presentation
MME Company Presentation
Malik Mesellem
SANS 2014 - Superbees Wanted
SANS 2014 - Superbees Wanted
Malik Mesellem
TDIS 2014 - Dealing with the risks: web applications
TDIS 2014 - Dealing with the risks: web applications
Malik Mesellem
Empfohlen
Cyber Security Workshop @SPIT- 3rd October 2015
Cyber Security Workshop @SPIT- 3rd October 2015
Nilesh Sapariya
Hanssens Telecom Roadshow 2015 - Hacking 101
Hanssens Telecom Roadshow 2015 - Hacking 101
Malik Mesellem
SANS 2015 - Superbees Wanted
SANS 2015 - Superbees Wanted
Malik Mesellem
Sophos Day Belux 2014
Sophos Day Belux 2014
Malik Mesellem
Job Offer - Junior Security Consultant
Job Offer - Junior Security Consultant
Malik Mesellem
MME Company Presentation
MME Company Presentation
Malik Mesellem
SANS 2014 - Superbees Wanted
SANS 2014 - Superbees Wanted
Malik Mesellem
TDIS 2014 - Dealing with the risks: web applications
TDIS 2014 - Dealing with the risks: web applications
Malik Mesellem
DGT @ CTAC 2024 Valencia: Most crucial invest to digitalisation_Sven Zoelle_v...
DGT @ CTAC 2024 Valencia: Most crucial invest to digitalisation_Sven Zoelle_v...
Henrik Hanke
PAG-UNLAD NG EKONOMIYA na dapat isaalang alang sa pag-aaral.
PAG-UNLAD NG EKONOMIYA na dapat isaalang alang sa pag-aaral.
KathleenAnnCordero2
SaaStr Workshop Wednesday w/ Kyle Norton, Owner.com
SaaStr Workshop Wednesday w/ Kyle Norton, Owner.com
saastr
Dutch Power - 26 maart 2024 - Henk Kras - Circular Plastics
Dutch Power - 26 maart 2024 - Henk Kras - Circular Plastics
Dutch Power
Genshin Impact PPT Template by EaTemp.pptx
Genshin Impact PPT Template by EaTemp.pptx
Johnree4
Mathan flower ppt.pptx slide orchids ✨🌸
Mathan flower ppt.pptx slide orchids ✨🌸
mathanramanathan2005
Work Remotely with Confluence ACE 2.pptx
Work Remotely with Confluence ACE 2.pptx
mavinoikein
PHYSICS PROJECT BY MSC - NANOTECHNOLOGY
PHYSICS PROJECT BY MSC - NANOTECHNOLOGY
pruthirajnayak525
SBFT Tool Competition 2024 -- Python Test Case Generation Track
SBFT Tool Competition 2024 -- Python Test Case Generation Track
Sebastiano Panichella
INDIAN GCP GUIDELINE. for Regulatory affair 1st sem CRR
INDIAN GCP GUIDELINE. for Regulatory affair 1st sem CRR
sarwankumar4524
Event 4 Introduction to Open Source.pptx
Event 4 Introduction to Open Source.pptx
aryanv1753
miladyskindiseases-200705210221 2.!!pptx
miladyskindiseases-200705210221 2.!!pptx
CarrieButtitta
The 3rd Intl. Workshop on NL-based Software Engineering
The 3rd Intl. Workshop on NL-based Software Engineering
Sebastiano Panichella
Simulation-based Testing of Unmanned Aerial Vehicles with Aerialist
Simulation-based Testing of Unmanned Aerial Vehicles with Aerialist
Sebastiano Panichella
Quality by design.. ppt for RA (1ST SEM
Quality by design.. ppt for RA (1ST SEM
Charmi13
The Ten Facts About People With Autism Presentation
The Ten Facts About People With Autism Presentation
Nathan Young
RACHEL-ANN M. TENIBRO PRODUCT RESEARCH PRESENTATION
RACHEL-ANN M. TENIBRO PRODUCT RESEARCH PRESENTATION
RachelAnnTenibroAmaz
Engaging Eid Ul Fitr Presentation for Kindergartners.pptx
Engaging Eid Ul Fitr Presentation for Kindergartners.pptx
AsifArshad8
Chizaram's Women Tech Makers Deck. .pptx
Chizaram's Women Tech Makers Deck. .pptx
ogubuikealex
Call Girls In Aerocity 🤳 Call Us +919599264170
Call Girls In Aerocity 🤳 Call Us +919599264170
Escort Service
2024 State of Marketing Report – by Hubspot
2024 State of Marketing Report – by Hubspot
Marius Sescu
Everything You Need To Know About ChatGPT
Everything You Need To Know About ChatGPT
Expeed Software
Weitere ähnliche Inhalte
Kürzlich hochgeladen
DGT @ CTAC 2024 Valencia: Most crucial invest to digitalisation_Sven Zoelle_v...
DGT @ CTAC 2024 Valencia: Most crucial invest to digitalisation_Sven Zoelle_v...
Henrik Hanke
PAG-UNLAD NG EKONOMIYA na dapat isaalang alang sa pag-aaral.
PAG-UNLAD NG EKONOMIYA na dapat isaalang alang sa pag-aaral.
KathleenAnnCordero2
SaaStr Workshop Wednesday w/ Kyle Norton, Owner.com
SaaStr Workshop Wednesday w/ Kyle Norton, Owner.com
saastr
Dutch Power - 26 maart 2024 - Henk Kras - Circular Plastics
Dutch Power - 26 maart 2024 - Henk Kras - Circular Plastics
Dutch Power
Genshin Impact PPT Template by EaTemp.pptx
Genshin Impact PPT Template by EaTemp.pptx
Johnree4
Mathan flower ppt.pptx slide orchids ✨🌸
Mathan flower ppt.pptx slide orchids ✨🌸
mathanramanathan2005
Work Remotely with Confluence ACE 2.pptx
Work Remotely with Confluence ACE 2.pptx
mavinoikein
PHYSICS PROJECT BY MSC - NANOTECHNOLOGY
PHYSICS PROJECT BY MSC - NANOTECHNOLOGY
pruthirajnayak525
SBFT Tool Competition 2024 -- Python Test Case Generation Track
SBFT Tool Competition 2024 -- Python Test Case Generation Track
Sebastiano Panichella
INDIAN GCP GUIDELINE. for Regulatory affair 1st sem CRR
INDIAN GCP GUIDELINE. for Regulatory affair 1st sem CRR
sarwankumar4524
Event 4 Introduction to Open Source.pptx
Event 4 Introduction to Open Source.pptx
aryanv1753
miladyskindiseases-200705210221 2.!!pptx
miladyskindiseases-200705210221 2.!!pptx
CarrieButtitta
The 3rd Intl. Workshop on NL-based Software Engineering
The 3rd Intl. Workshop on NL-based Software Engineering
Sebastiano Panichella
Simulation-based Testing of Unmanned Aerial Vehicles with Aerialist
Simulation-based Testing of Unmanned Aerial Vehicles with Aerialist
Sebastiano Panichella
Quality by design.. ppt for RA (1ST SEM
Quality by design.. ppt for RA (1ST SEM
Charmi13
The Ten Facts About People With Autism Presentation
The Ten Facts About People With Autism Presentation
Nathan Young
RACHEL-ANN M. TENIBRO PRODUCT RESEARCH PRESENTATION
RACHEL-ANN M. TENIBRO PRODUCT RESEARCH PRESENTATION
RachelAnnTenibroAmaz
Engaging Eid Ul Fitr Presentation for Kindergartners.pptx
Engaging Eid Ul Fitr Presentation for Kindergartners.pptx
AsifArshad8
Chizaram's Women Tech Makers Deck. .pptx
Chizaram's Women Tech Makers Deck. .pptx
ogubuikealex
Call Girls In Aerocity 🤳 Call Us +919599264170
Call Girls In Aerocity 🤳 Call Us +919599264170
Escort Service
Kürzlich hochgeladen
(20)
DGT @ CTAC 2024 Valencia: Most crucial invest to digitalisation_Sven Zoelle_v...
DGT @ CTAC 2024 Valencia: Most crucial invest to digitalisation_Sven Zoelle_v...
PAG-UNLAD NG EKONOMIYA na dapat isaalang alang sa pag-aaral.
PAG-UNLAD NG EKONOMIYA na dapat isaalang alang sa pag-aaral.
SaaStr Workshop Wednesday w/ Kyle Norton, Owner.com
SaaStr Workshop Wednesday w/ Kyle Norton, Owner.com
Dutch Power - 26 maart 2024 - Henk Kras - Circular Plastics
Dutch Power - 26 maart 2024 - Henk Kras - Circular Plastics
Genshin Impact PPT Template by EaTemp.pptx
Genshin Impact PPT Template by EaTemp.pptx
Mathan flower ppt.pptx slide orchids ✨🌸
Mathan flower ppt.pptx slide orchids ✨🌸
Work Remotely with Confluence ACE 2.pptx
Work Remotely with Confluence ACE 2.pptx
PHYSICS PROJECT BY MSC - NANOTECHNOLOGY
PHYSICS PROJECT BY MSC - NANOTECHNOLOGY
SBFT Tool Competition 2024 -- Python Test Case Generation Track
SBFT Tool Competition 2024 -- Python Test Case Generation Track
INDIAN GCP GUIDELINE. for Regulatory affair 1st sem CRR
INDIAN GCP GUIDELINE. for Regulatory affair 1st sem CRR
Event 4 Introduction to Open Source.pptx
Event 4 Introduction to Open Source.pptx
miladyskindiseases-200705210221 2.!!pptx
miladyskindiseases-200705210221 2.!!pptx
The 3rd Intl. Workshop on NL-based Software Engineering
The 3rd Intl. Workshop on NL-based Software Engineering
Simulation-based Testing of Unmanned Aerial Vehicles with Aerialist
Simulation-based Testing of Unmanned Aerial Vehicles with Aerialist
Quality by design.. ppt for RA (1ST SEM
Quality by design.. ppt for RA (1ST SEM
The Ten Facts About People With Autism Presentation
The Ten Facts About People With Autism Presentation
RACHEL-ANN M. TENIBRO PRODUCT RESEARCH PRESENTATION
RACHEL-ANN M. TENIBRO PRODUCT RESEARCH PRESENTATION
Engaging Eid Ul Fitr Presentation for Kindergartners.pptx
Engaging Eid Ul Fitr Presentation for Kindergartners.pptx
Chizaram's Women Tech Makers Deck. .pptx
Chizaram's Women Tech Makers Deck. .pptx
Call Girls In Aerocity 🤳 Call Us +919599264170
Call Girls In Aerocity 🤳 Call Us +919599264170
Empfohlen
2024 State of Marketing Report – by Hubspot
2024 State of Marketing Report – by Hubspot
Marius Sescu
Everything You Need To Know About ChatGPT
Everything You Need To Know About ChatGPT
Expeed Software
Product Design Trends in 2024 | Teenage Engineerings
Product Design Trends in 2024 | Teenage Engineerings
Pixeldarts
How Race, Age and Gender Shape Attitudes Towards Mental Health
How Race, Age and Gender Shape Attitudes Towards Mental Health
ThinkNow
AI Trends in Creative Operations 2024 by Artwork Flow.pdf
AI Trends in Creative Operations 2024 by Artwork Flow.pdf
marketingartwork
Skeleton Culture Code
Skeleton Culture Code
Skeleton Technologies
PEPSICO Presentation to CAGNY Conference Feb 2024
PEPSICO Presentation to CAGNY Conference Feb 2024
Neil Kimberley
Content Methodology: A Best Practices Report (Webinar)
Content Methodology: A Best Practices Report (Webinar)
contently
How to Prepare For a Successful Job Search for 2024
How to Prepare For a Successful Job Search for 2024
Albert Qian
Social Media Marketing Trends 2024 // The Global Indie Insights
Social Media Marketing Trends 2024 // The Global Indie Insights
Kurio // The Social Media Age(ncy)
Trends In Paid Search: Navigating The Digital Landscape In 2024
Trends In Paid Search: Navigating The Digital Landscape In 2024
Search Engine Journal
5 Public speaking tips from TED - Visualized summary
5 Public speaking tips from TED - Visualized summary
SpeakerHub
ChatGPT and the Future of Work - Clark Boyd
ChatGPT and the Future of Work - Clark Boyd
Clark Boyd
Getting into the tech field. what next
Getting into the tech field. what next
Tessa Mero
Google's Just Not That Into You: Understanding Core Updates & Search Intent
Google's Just Not That Into You: Understanding Core Updates & Search Intent
Lily Ray
How to have difficult conversations
How to have difficult conversations
Rajiv Jayarajah, MAppComm, ACC
Introduction to Data Science
Introduction to Data Science
Christy Abraham Joy
Time Management & Productivity - Best Practices
Time Management & Productivity - Best Practices
Vit Horky
The six step guide to practical project management
The six step guide to practical project management
MindGenius
Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...
Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...
RachelPearson36
Empfohlen
(20)
2024 State of Marketing Report – by Hubspot
2024 State of Marketing Report – by Hubspot
Everything You Need To Know About ChatGPT
Everything You Need To Know About ChatGPT
Product Design Trends in 2024 | Teenage Engineerings
Product Design Trends in 2024 | Teenage Engineerings
How Race, Age and Gender Shape Attitudes Towards Mental Health
How Race, Age and Gender Shape Attitudes Towards Mental Health
AI Trends in Creative Operations 2024 by Artwork Flow.pdf
AI Trends in Creative Operations 2024 by Artwork Flow.pdf
Skeleton Culture Code
Skeleton Culture Code
PEPSICO Presentation to CAGNY Conference Feb 2024
PEPSICO Presentation to CAGNY Conference Feb 2024
Content Methodology: A Best Practices Report (Webinar)
Content Methodology: A Best Practices Report (Webinar)
How to Prepare For a Successful Job Search for 2024
How to Prepare For a Successful Job Search for 2024
Social Media Marketing Trends 2024 // The Global Indie Insights
Social Media Marketing Trends 2024 // The Global Indie Insights
Trends In Paid Search: Navigating The Digital Landscape In 2024
Trends In Paid Search: Navigating The Digital Landscape In 2024
5 Public speaking tips from TED - Visualized summary
5 Public speaking tips from TED - Visualized summary
ChatGPT and the Future of Work - Clark Boyd
ChatGPT and the Future of Work - Clark Boyd
Getting into the tech field. what next
Getting into the tech field. what next
Google's Just Not That Into You: Understanding Core Updates & Search Intent
Google's Just Not That Into You: Understanding Core Updates & Search Intent
How to have difficult conversations
How to have difficult conversations
Introduction to Data Science
Introduction to Data Science
Time Management & Productivity - Best Practices
Time Management & Productivity - Best Practices
The six step guide to practical project management
The six step guide to practical project management
Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...
Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...
Infosecurity 2014 - Superbees Wanted
1.
What is bWAPP?
| © 2014 Malik Mesellem, all rights reserved. What is bWAPP? Malik Mesellem Defense Needed, Superbees Wanted
2.
What is bWAPP?
| © 2014 Malik Mesellem, all rights reserved. About Me Malik Mesellem Email | malik@itsecgames.com LinkedIn | be.linkedin.com/in/malikmesellem Twitter | twitter.com/MME_IT Blog | itsecgames.blogspot.com
3.
What is bWAPP?
| © 2014 Malik Mesellem, all rights reserved. What is bWAPP? Contents Defense Needed bWAPP and bee-box Web App Pentesting Exploiting Vulnerabilities Superbees Wanted
4.
What is bWAPP?
| © 2014 Malik Mesellem, all rights reserved. What is bWAPP? Contents Defense Needed bWAPP and bee-box Web App Pentesting Exploiting Vulnerabilities Superbees Wanted
5.
What is bWAPP?
| © 2014 Malik Mesellem, all rights reserved. Defense Needed Web application security is today's most overlooked aspect of securing the enterprise Hackers are concentrating their efforts on websites and web applications Web apps are an attractive target for cyber criminality, cyber warfare and hacktivism
6.
What is bWAPP?
| © 2014 Malik Mesellem, all rights reserved. Defense Needed Why are web applications an attractive target? Easily available via the Internet (24/7) Mission-critical business applications with sensitive data Often direct access to backend data Traditional firewalls and SSL provide no protection Many applications are custom-made == vulnerable
7.
What is bWAPP?
| © 2014 Malik Mesellem, all rights reserved. Defense Needed Why are web applications an attractive target? Easily available via the Internet (24/7) Mission-critical business applications with sensitive data Often direct access to backend data Traditional firewalls and SSL provide no protection Many applications are custom-made == vulnerable
8.
What is bWAPP?
| © 2014 Malik Mesellem, all rights reserved. DEFENSE is needed !
9.
What is bWAPP?
| © 2014 Malik Mesellem, all rights reserved. What is bWAPP? Contents Defense Needed bWAPP and bee-box Web App Pentesting Exploiting Vulnerabilities Superbees Wanted
10.
What is bWAPP?
| © 2014 Malik Mesellem, all rights reserved. bWAPP == defense bWAPP, or a buggy Web APPlication Deliberately insecure web application, includes all major known web vulnerabilities Helps security enthusiasts, developers and students to discover and to prevent issues Prepares one for successful penetration testing and ethical hacking projects
11.
What is bWAPP?
| © 2014 Malik Mesellem, all rights reserved. bWAPP
12.
What is bWAPP?
| © 2014 Malik Mesellem, all rights reserved. bWAPP Web application security is not just installing a firewall, or scanning a site for ‘potential’ issues Black-box penetration testing, simulating real attack scenarios, is still needed! Confirms potential vulnerabilities, and excludes false positives Guarantees that your defense measures are working effectively bWAPP helps to improve your security-testing skills…
13.
What is bWAPP?
| © 2014 Malik Mesellem, all rights reserved.
14.
What is bWAPP?
| © 2014 Malik Mesellem, all rights reserved. bWAPP Testimonials Awesome! It's good to see fantastic tools staying up to date ... - Ed Skoudis Founder of Counter Hack I just installed bWAPP 1.6 into the next release of SamuraiWTF ... Its a great app ... - Justin Searle Managing Partner at UtiliSec Great progress on bWAPP BTW! :) - Vivek Ramachandran Owner of SecurityTube
15.
What is bWAPP?
| © 2014 Malik Mesellem, all rights reserved. bWAPP Architecture Open source PHP application Backend MySQL database Hosted on Linux/Windows with Apache/IIS Supported on WAMP or XAMPP
16.
What is bWAPP?
| © 2014 Malik Mesellem, all rights reserved. bWAPP Features (1) Very easy to use and to understand Well structured and documented PHP code Different security levels (low/medium/high) ‘New user’ creation (password/secret) ‘Reset application/database’ feature Manual intervention page Email functionalities
17.
What is bWAPP?
| © 2014 Malik Mesellem, all rights reserved. bWAPP Features (2) Local PHP settings file No-authentication mode (A.I.M.) ‘Evil Bee’ mode, bypassing security checks ‘Evil’ directory, including attack scripts WSDL file (Web Services/SOAP) Fuzzing possibilities
18.
What is bWAPP?
| © 2014 Malik Mesellem, all rights reserved. bWAPP What makes bWAPP so unique? Well, it has over 70 web bugs! Covering all major known web vulnerabilities Including all risks from the OWASP Top 10 project
19.
What is bWAPP?
| © 2014 Malik Mesellem, all rights reserved. bWAPP Which bug do you want to hack today?
20.
What is bWAPP?
| © 2014 Malik Mesellem, all rights reserved. bWAPP Which bug do you want to hack today? (1) SQL, HTML, SSI, OS Command, XML, XPath, LDAP, PHP Code, Host Header and SMTP injections Authentication, authorization and session management issues Malicious, unrestricted file uploads and backdoor files Arbitrary file access and directory traversals PHP-CGI remote code execution Local and remote file inclusions (LFI/RFI) Server Side Request Forgery (SSRF)
21.
What is bWAPP?
| © 2014 Malik Mesellem, all rights reserved. bWAPP Which bug do you want to hack today? (2) Configuration issues: Man-in-the-Middle, Cross-Domain policy file, FTP, WebDAV, information disclosures,... HTTP parameter pollution and HTTP response splitting XML External Entity attacks (XXE) HTML5 ClickJacking, Cross-Origin Resource Sharing (CORS) and web storage issues Unvalidated redirects and forwards Denial-of-Service (DoS) attacks
22.
What is bWAPP?
| © 2014 Malik Mesellem, all rights reserved. bWAPP Which bug do you want to hack today? (3) Cross-Site Scripting (XSS), Cross-Site Tracing (XST) and Cross-Site Request Forgery (CSRF) AJAX and Web Services issues (JSON/XML/SOAP) Parameter tampering and cookie poisoning HTTP verb tampering Local privilege escalation And much more
23.
What is bWAPP?
| © 2014 Malik Mesellem, all rights reserved. bWAPP
24.
What is bWAPP?
| © 2014 Malik Mesellem, all rights reserved. bWAPP External links Home page - www.itsecgames.com Download location - sourceforge.net/projects/bwapp Blog - itsecgames.blogspot.com
25.
What is bWAPP?
| © 2014 Malik Mesellem, all rights reserved. bee-box Every bee needs a home… the bee-box VM pre-installed with bWAPP LAMP environment: Linux, Apache, MySQL and PHP Compatible with VMware and VirtualBox Requires zero installation
26.
What is bWAPP?
| © 2014 Malik Mesellem, all rights reserved. bee-box bee-box is also made deliberately insecure… Opportunity to explore all bWAPP vulnerabilities Gives you several ways to hack and deface bWAPP Even possible to hack the bee-box to get full root access! Hacking, defacing and exploiting without going to jail You can download bee-box from here
27.
What is bWAPP?
| © 2014 Malik Mesellem, all rights reserved. bee-box
28.
What is bWAPP?
| © 2014 Malik Mesellem, all rights reserved. bee-box Features (1) Apache, MySQL and PHP installed Several PHP extensions installed Vulnerable PHP-CGI phpMyAdmin installed Postfix installed and configured Insecure FTP and WebDAV configurations AppArmor disabled
29.
What is bWAPP?
| © 2014 Malik Mesellem, all rights reserved. bee-box Features (2) Weak self-signed SSL certificate ‘Fine-tuned’ file access permissions .htaccess files support enabled Some basic security tools installed Shortcuts to start, install and update bWAPP An amazing wallpaper An outdated Linux kernel…
30.
What is bWAPP?
| © 2014 Malik Mesellem, all rights reserved. bWAPP and bee-box Both are part of the ITSEC GAMES project A funny approach to IT security education IT security, ethical hacking, training and fun... All ingredients mixed together Educational and recreational InfoSec training
31.
What is bWAPP?
| © 2014 Malik Mesellem, all rights reserved. bWAPP and bee-box Ready, set, and hack! There’s just one thing to remember The logon credentials are…
32.
What is bWAPP?
| © 2014 Malik Mesellem, all rights reserved. bee/bug
33.
What is bWAPP?
| © 2014 Malik Mesellem, all rights reserved. bWAPP and bee-box Ready, set, and hack! There’s just one thing to remember The logon credentials are bee/bug So please don’t bug me anymore
34.
What is bWAPP?
| © 2014 Malik Mesellem, all rights reserved. bWAPP and bee-box Installation and configuration Install VMware Player or Oracle VirtualBox Extract, install, and start the bee-box VM Configure or check the IP settings Browse to the bWAPP web app http://[IP]/bWAPP/ Login with bee/bug
35.
What is bWAPP?
| © 2014 Malik Mesellem, all rights reserved. bWAPP and bee-box General application settings settings.php, located under the bWAPP admin folder Connection settings SMTP settings A.I.M. mode Evil bee mode Static credentials
36.
What is bWAPP?
| © 2014 Malik Mesellem, all rights reserved. bWAPP and bee-box Settings
37.
What is bWAPP?
| © 2014 Malik Mesellem, all rights reserved. bWAPP and bee-box A.I.M. Authentication Is Missing, a no-authentication mode May be used for testing web scanners and crawlers Procedure Change the IP address in the settings file Point your web scanner or crawler to http://[IP]/bWAPP/aim.php All hell breaks loose…
38.
What is bWAPP?
| © 2014 Malik Mesellem, all rights reserved. bWAPP and bee-box Worst-case-scenario-options Reset the application http://[IP]/bWAPP/reset.php Reset the application + database http://[IP]/bWAPP/reset.php?secret=bWAPP Reinstall the database Drop the database from phpMyAdmin http://[IP]/bWAPP/install.php
39.
What is bWAPP?
| © 2014 Malik Mesellem, all rights reserved. Finally, time for a DEMO
40.
What is bWAPP?
| © 2014 Malik Mesellem, all rights reserved. Demo
41.
What is bWAPP?
| © 2014 Malik Mesellem, all rights reserved. What is bWAPP? Contents Defense Needed bWAPP and bee-box Web App Pentesting Exploiting Vulnerabilities Superbees Wanted
42.
What is bWAPP?
| © 2014 Malik Mesellem, all rights reserved. Penetration Testing Penetration testing, or pentesting Method of evaluating computer, network or application security by simulating an attack Active analysis of potential vulnerabilities by using ethical hacking techniques Penetration tests are sometimes a component of a full security audit
43.
What is bWAPP?
| © 2014 Malik Mesellem, all rights reserved. Web App Penetration Testing Web application pentesting is focusing on evaluating the security of a web application Application is tested for known web vulnerabilities Manual, automatic and semi-automatic tests Source code analysis and web server configuration review as an option
44.
What is bWAPP?
| © 2014 Malik Mesellem, all rights reserved. Web App Penetration Testing It’s all about identifying, exploiting, and reporting vulnerabilities Some considerations… Commercial tools vs. open source tools Not a best practice to use only one tool Most commercial scanners don’t exploit False positives are not allowed! People don’t like auto-generated reports
45.
What is bWAPP?
| © 2014 Malik Mesellem, all rights reserved. Testing Methodologies A simple testing methodology
46.
What is bWAPP?
| © 2014 Malik Mesellem, all rights reserved. Testing Methodologies A more advanced testing methodology
47.
What is bWAPP?
| © 2014 Malik Mesellem, all rights reserved. OWASP OWASP, or Open Web Application Security Project Worldwide non-profit organization focused on improving the security of software Freely-available articles, methodologies, documentation, tools, and technologies Vendor neutral, no recommendations for commercial products or services!
48.
What is bWAPP?
| © 2014 Malik Mesellem, all rights reserved. OWASP Current OWASP Projects Top 10 Project and Testing Guide Development and Code Review Guide Application Security Verification Standard Broken Web Applications (BWA) Zed Attack Proxy (ZAP)
49.
What is bWAPP?
| © 2014 Malik Mesellem, all rights reserved. OWASP OWASP Top 10 Project, lists the 10 most severe web application security risks Constantly updated, latest version released in 2013 Referenced by many standards, books, tools, and organizations, including MITRE and PCI DSS Good starting point for a web application pentest What to test? How to test? How to prevent?
50.
What is bWAPP?
| © 2014 Malik Mesellem, all rights reserved. OWASP OWASP Top 10 Application Security Risks
51.
What is bWAPP?
| © 2014 Malik Mesellem, all rights reserved. OWASP OWASP Top 10 placement
52.
What is bWAPP?
| © 2014 Malik Mesellem, all rights reserved. Introduction to Kali Linux Kali Linux is a Debian-derived Linux distribution Designed for digital forensics and penetration testing Formerly known as BackTrack Maintained and funded by Offensive Security Support for x86 and ARM
53.
What is bWAPP?
| © 2014 Malik Mesellem, all rights reserved. Introduction to Kali Linux Includes many web app pentesting tools Burp Suite DirBuster Metasploit Nikto sqlmap w3af WebSploit ZAP
54.
What is bWAPP?
| © 2014 Malik Mesellem, all rights reserved. Intercepting Proxies Intercepting proxies are testing tools acting as a legitimate Man-in-the-Middle (MitM) Located between the browser and the web application Ability to intercept and to modify requests/responses Provide a historical record of all requests Include integrated tools to discover vulnerabilities, and to crawl and brute force files and directories
55.
What is bWAPP?
| © 2014 Malik Mesellem, all rights reserved. Intercepting Proxies ZAP, Zed Attack Proxy OWASP project, by Simon Bennetts Java application, released in September 2010 Fork of the Paros intercepting proxy Pentesting tool for finding vulnerabilities Provides automated scanning, as well as a set of tools to find security vulnerabilities manually
56.
What is bWAPP?
| © 2014 Malik Mesellem, all rights reserved. Intercepting Proxies ZAP, Zed Attack Proxy Functionalities Intercepting proxy, listening on TCP/8080 Traditional and AJAX spider Automated and passive scanner Fuzzing and brute force capabilities Smartcard and client certificate support Authentication and session support
57.
What is bWAPP?
| © 2014 Malik Mesellem, all rights reserved. Intercepting Proxies ZAP, Zed Attack Proxy
58.
What is bWAPP?
| © 2014 Malik Mesellem, all rights reserved. Demo ZAP, Zed Attack Proxy Parameter/cookie tampering Online password attack Detecting vulnerabilities
59.
What is bWAPP?
| © 2014 Malik Mesellem, all rights reserved. Commercial Web Scanners Netsparker Automated ‘false positive free’ web security scanner Identifies security issues and vulnerabilities such as SQL injection and Cross-Site Scripting (XSS) Automatically exploits detected vulnerabilities to ensure no false positives are reported Site: https://www.netsparker.com/
60.
What is bWAPP?
| © 2014 Malik Mesellem, all rights reserved. Commercial Web Scanners
61.
What is bWAPP?
| © 2014 Malik Mesellem, all rights reserved. Commercial Web Scanners Netsparker
62.
What is bWAPP?
| © 2014 Malik Mesellem, all rights reserved. Ready to Exploit some bugs?
63.
What is bWAPP?
| © 2014 Malik Mesellem, all rights reserved. What is bWAPP? Contents Defense Needed bWAPP and bee-box Web App Pentesting Exploiting Vulnerabilities Superbees Wanted
64.
What is bWAPP?
| © 2014 Malik Mesellem, all rights reserved. SQL Injection SQL injection is very common in web applications Occurs when user input is sent to a SQL interpreter as part of a query The attacker tricks the interpreter into executing unintended SQL queries
65.
What is bWAPP?
| © 2014 Malik Mesellem, all rights reserved. SQL Injection Injection in the OWASP Top 10
66.
What is bWAPP?
| © 2014 Malik Mesellem, all rights reserved. SQL Injection Normal operation DATABASE SQL interpreter WEB APP HTML | SQL BROWSER HTML (GET/POST) login password SELECT * FROM table WHERE login = ‘login’ AND password = ‘password’ result HTML SQL
67.
What is bWAPP?
| © 2014 Malik Mesellem, all rights reserved. DATABASE SQL interpreter WEB APP HTML | SQL BROWSER HTML (GET/POST) login ’ or 1=1-- SELECT * FROM table WHERE login = ‘login’ AND password = ‘’ or 1=1-- ’ result HTML SQL SQL Injection Abnormal operation
68.
What is bWAPP?
| © 2014 Malik Mesellem, all rights reserved. SQL Injection Simple injections '-- ' or 'a'='a ' or 'a'='a'-- ' or '1'='1 ' or 1=1--
69.
What is bWAPP?
| © 2014 Malik Mesellem, all rights reserved. SQL Injection Union injections ' UNION SELECT field1, field2 FROM table-- ' UNION SELECT table_name FROM INFORMATION_SCHEMA.TABLES WHERE table_schema=database()-- Stacked queries '; DROP TABLE table;--
70.
What is bWAPP?
| © 2014 Malik Mesellem, all rights reserved. SQL Injection
71.
What is bWAPP?
| © 2014 Malik Mesellem, all rights reserved. Demo SQL Injection Bypassing login forms Manually extracting data Automated SQL injection
72.
What is bWAPP?
| © 2014 Malik Mesellem, all rights reserved. HTML Injection HTML injection occurs when a user inserts HTML code via a specific input field or parameter Insufficient validation of user-supplied data Dangerous when it is stored permanently! HTML injections can lead to Website defacements Phishing attacks Client-side exploitation
73.
What is bWAPP?
| © 2014 Malik Mesellem, all rights reserved. Demo HTML Injection Website defacement Phishing attack Client-side exploitation
74.
What is bWAPP?
| © 2014 Malik Mesellem, all rights reserved. Denial-of-Service Denial-of-Service attack, or DoS attack An attacker attempts to prevent legitimate users from accessing the application, server or network Consumes network bandwidth, server sockets, threads, or CPU resources Distributed Denial-of-Service attack, or DDoS Popular techniques used by hacktivists
75.
What is bWAPP?
| © 2014 Malik Mesellem, all rights reserved. Denial-of-Service Newer layer 7 DoS attacks are more powerful! “Low-bandwidth application layer DoS” Advantages of layer 7 DoS Legitimate TCP/UDP connections, difficult to differentiate from normal traffic Requires lesser number of connections, possibility to stop a web server from a single attack Reach resource limits of services, regardless of the hardware capabilities of the server
76.
What is bWAPP?
| © 2014 Malik Mesellem, all rights reserved. Denial-of-Service Layer 7 DoS methods HTTP Slow Headers HTTP Slow POST HTTP Slow Reading Apache Range Header SSL/TLS Renegotiation XML Bombs
77.
What is bWAPP?
| © 2014 Malik Mesellem, all rights reserved. Demo Denial-of-Service HTTP Slow POST XML Bombs
78.
What is bWAPP?
| © 2014 Malik Mesellem, all rights reserved. Unrestricted File Uploads Malicious, or Unrestricted File Uploads File upload flaws occur when an attacker can upload files without any restrictions, or bypassing weak restrictions The first step in many attacks is to get some code to the system to be attacked! Using an unrestricted file upload helps the attacker… The attack only needs to find a way to get the code executed
79.
What is bWAPP?
| © 2014 Malik Mesellem, all rights reserved. Unrestricted File Uploads Web shells are malicious web pages that provide an attacker functionality on a web server Making use of server-side scripting languages like PHP, ASP, ASPX, JSP, CFM, Perl,... Web shell functionalities File transfer Command execution Network reconnaissance Database connectivity
80.
What is bWAPP?
| © 2014 Malik Mesellem, all rights reserved. Unrestricted File Uploads External attack vectors for using web shells Unrestricted File Uploads Remote File Inclusion SQL Injection OS Command Injection Insecure FTP, WebDAV,…
81.
What is bWAPP?
| © 2014 Malik Mesellem, all rights reserved. Demo Unrestricted File Uploads Shell access Escalating privileges... Getting r00t access!
82.
What is bWAPP?
| © 2014 Malik Mesellem, all rights reserved. What is bWAPP? Contents Defense Needed bWAPP and bee-box Web App Pentesting Exploiting Vulnerabilities Superbees Wanted
83.
What is bWAPP?
| © 2014 Malik Mesellem, all rights reserved. And we have so much more bugs to exploit… It’s definitely time to improve your web security Defense is needed, and testing is required! Downloading bWAPP is a first start Remember: every bee needs a superbee Are you that superbee? Superbees Wanted @MME_IT #bWAPP
84.
What is bWAPP?
| © 2014 Malik Mesellem, all rights reserved. Contact Me Malik Mesellem Email | malik@itsecgames.com LinkedIn | be.linkedin.com/in/malikmesellem Twitter | twitter.com/MME_IT Blog | itsecgames.blogspot.com
Jetzt herunterladen