are you vulnerable - j thompson
TRANSCRIPT
-
7/27/2019 Are You Vulnerable - J Thompson
1/25
Are You Vulnerable?The Tiger Team Approach
-
7/27/2019 Are You Vulnerable - J Thompson
2/25
Purpose and Scope
To present a best practice approach tosecuring your company
To present real life examples of
vulnerability assessment successes
2
-
7/27/2019 Are You Vulnerable - J Thompson
3/25
Legal Disclaimer
Dont try this at home Get written permission before trying any of
these techniques
The main difference between a tiger team anda burglar is permission
3
-
7/27/2019 Are You Vulnerable - J Thompson
4/25
Juggling Tasks
Physical
Privacy
Cyber
RegularWork
Not Secure Too Secure
-
7/27/2019 Are You Vulnerable - J Thompson
5/25
Adversary Theft Path
5Design and Evaluation of Physical Security Systems Published by Butterworth-
Heinemann
-
7/27/2019 Are You Vulnerable - J Thompson
6/25
Deter Detect - Delay
Lock, Light & Limit Access
View from bad guys perspective
6
-
7/27/2019 Are You Vulnerable - J Thompson
7/25
What needs to be protected?
Laptop = $1000 SSN numbers - $2 each
Breach notification - $18 - $209 per identity
Bot herders can make $50k per month Copper - $3.20 /lb
7
-
7/27/2019 Are You Vulnerable - J Thompson
8/25
Who are the bad guys?
Insiders Former or disgruntled employees
Click happy employees
Outsiders Thieves
Extremists / Terrorists
Hackers
Meth Heads
8
-
7/27/2019 Are You Vulnerable - J Thompson
9/25
Discovery Google hacking
Password site:yoursite.com Filetype:doc site:yoursite.com classified
Google Street View
9
-
7/27/2019 Are You Vulnerable - J Thompson
10/25
Physical Security
10
Locks keep honest people honest
Lock videos on the Internet
http://www.youtube.com/whitehat1969
Video
http://localhost/var/www/apps/conversion/tmp/scratch_3/Locks%20on%20the%20Internet.avihttp://www.youtube.com/whitehat1969http://www.youtube.com/whitehat1969http://localhost/var/www/apps/conversion/tmp/scratch_3/Locks%20on%20the%20Internet.avihttp://localhost/var/www/apps/conversion/tmp/scratch_3/Locks%20on%20the%20Internet.avihttp://www.youtube.com/whitehat1969http://www.youtube.com/whitehat1969http://localhost/var/www/apps/conversion/tmp/scratch_3/Locks%20on%20the%20Internet.avi -
7/27/2019 Are You Vulnerable - J Thompson
11/25
Tools of the Trade
-
7/27/2019 Are You Vulnerable - J Thompson
12/25
Dumpster Diving
12
-
7/27/2019 Are You Vulnerable - J Thompson
13/25
Techniques
Social engineering Social networking
Lock by-passing
Thumb drive sprinkle Dumpster diving
Tailgating
Out of office message
Black box
13
-
7/27/2019 Are You Vulnerable - J Thompson
14/25
Once Im In
Unlocked PCs & cabinets Unused network jacks
Keyloggers
14
-
7/27/2019 Are You Vulnerable - J Thompson
15/2515
Step 0: Attacker Places Content onTrusted Site
Client-Side Exploitation Example
-
7/27/2019 Are You Vulnerable - J Thompson
16/2516
Step 1: Client-Side Exploitation
Client-Side Exploitation Example
-
7/27/2019 Are You Vulnerable - J Thompson
17/2517
Step 2: Establish Reverse Shell BackdoorUsing HTTPS
Client-Side Exploitation Example
-
7/27/2019 Are You Vulnerable - J Thompson
18/25
18
Step 3 & 4: Dump Hashes and Use Pass-the-Hash Attack to Pivot
Client-Side Exploitation Example
-
7/27/2019 Are You Vulnerable - J Thompson
19/25
19
Step 5: Pass the Hash to CompromiseDomain Controller
Client-Side Exploitation Example
www.sans.org/top-cyber-security-risks/#summary
-
7/27/2019 Are You Vulnerable - J Thompson
20/25
An Ounce of Prevention
-
7/27/2019 Are You Vulnerable - J Thompson
21/25
21
Passwords
Password Cracking Identify weak or default passwords
Verify the use of complex passwords
Characters(complex) Estimatedtime to crack
7 6 minutes
8 2.34 hours14 9 hours
15 209 days
-
7/27/2019 Are You Vulnerable - J Thompson
22/25
22
Pick The Best Password
password
Summer13
P@swordCompl3xjuggle13 google
-
7/27/2019 Are You Vulnerable - J Thompson
23/25
Q&A
23
JT
http://whitehat1969.googlepages.com/videos -
7/27/2019 Are You Vulnerable - J Thompson
24/25
24
Insider Threat
60 percent of ex-employees leave with insiderinformation
Enforce termination procedures
Limit access to those who need it
View your network from an insiders perspective Video: Lock your PC
How many of your employees will click on an
email I send them?
http://www.thetechherald.com/article.php/200909/3019/Almost-sixty-percent-of-ex-employees-leave-jobs-with-insider-information
http://localhost/var/www/apps/conversion/tmp/scratch_3/Lock-Your-PC.avihttp://localhost/var/www/apps/conversion/tmp/scratch_3/Lock-Your-PC.avi -
7/27/2019 Are You Vulnerable - J Thompson
25/25
Tiger Team
25
www.youtube.com/whitehat1969
Video
http://www.youtube.com/whitehat1969http://www.youtube.com/whitehat1969http://localhost/var/www/apps/conversion/tmp/scratch_3/Tiger_Team.avihttp://localhost/var/www/apps/conversion/tmp/scratch_3/Tiger_Team.avihttp://www.youtube.com/whitehat1969http://www.youtube.com/whitehat1969