Upgrade to Pro — share decks privately, control downloads, hide ads and more …

0wn1ng The Web at www.wdcnz.com

Kim Carter
September 08, 2015
Technology
2
1.8k

0wn1ng The Web at www.wdcnz.com

Kim Carter

September 08, 2015
Tweet

More Decks by Kim Carter

See All by Kim Carter
Application Intrusion Detection
binarymist
0
450
owaspnz-chch-meetup-2021-workshop-planning-and-covid
binarymist
0
490
Security Regression Testing on OWASP Zap Node API
binarymist
1
9.6k
Building purpleteam (a Security Regression Testing SaaS) - From PoC to Alpha
binarymist
0
1.2k
OWASP Quiz Night
binarymist
2
1.2k
The Art of Exploitation
binarymist
2
1.1k
Developing a High Performance Security Focussed Agile Team (2 hr workshop)
binarymist
1
750
OWASP NZ Day 2016
binarymist
0
160
Infectious Media with Rubber Ducky
binarymist
1
540

Other Decks in Technology

See All in Technology
30分でわかる『アジャイルデータモデリング』
hanon52_
9
2.6k
7日間でハッキングをはじめる本をはじめてみませんか?_ITエンジニア本大賞2025
nomizone
2
1.8k
次世代KYC活動報告 / 20250219-BizDay17-KYC-nextgen
oidfj
0
250
エンジニアが加速させるプロダクトディスカバリー 〜最速で価値ある機能を見つける方法〜 / product discovery accelerated by engineers
rince
1
230
2.5Dモデルのすべて
yu4u
2
840
現場の種を事業の芽にする - エンジニア主導のイノベーションを事業戦略に装着する方法 -
kzkmaeda
2
2k
OpenID Connect for Identity Assurance の概要と翻訳版のご紹介 / 20250219-BizDay17-OIDC4IDA-Intro
oidfj
0
270
組織貢献をするフリーランスエンジニアという生き方
n_takehata
1
1.3k
プロダクトエンジニア構想を立ち上げ、プロダクト志向な組織への成長を続けている話 / grow into a product-oriented organization
hiro_torii
0
110
Tech Blogを書きやすい環境づくり
lycorptech_jp
PRO
1
240
Larkご案内資料
customercloud
PRO
0
650
白金鉱業Meetup Vol.17_あるデータサイエンティストのデータマネジメントとの向き合い方
brainpadpr
5
700

Featured

See All Featured
Speed Design
sergeychernyshev
27
790
StorybookのUI Testing Handbookを読んだ
zakiyama
28
5.5k
YesSQL, Process and Tooling at Scale
rocio
172
14k
Statistics for Hackers
jakevdp
797
220k
[RailsConf 2023 Opening Keynote] The Magic of Rails
eileencodes
28
9.3k
Performance Is Good for Brains [We Love Speed 2024]
tammyeverts
7
630
Making the Leap to Tech Lead
cromwellryan
133
9.1k
Bash Introduction
62gerente
611
210k
Producing Creativity
orderedlist
PRO
344
39k
The MySQL Ecosystem @ GitHub 2015
samlambert
250
12k
jQuery: Nuts, Bolts and Bling
dougneiner
63
7.6k
Large-scale JavaScript Application Architecture
addyosmani
511
110k

Transcript

  1. 0wn1ng The Web

  2. Why do We Care?

  3. Reconnaissance

  4. None
  5. None

  6. Vulnerability Scanning

  7. Vulnerability Scanning NMAP

  8. Vulnerability Scanning scanner/ssh/ssh_enumusers SSH Username Enumeration scanner/ssh/ssh_identify_pubkeys SSH Public Key

    Acceptance Scanner scanner/ssh/ssh_login SSH Login Check Scanner scanner/ssh/ssh_login_pubkey SSH Public Key Login Scanner scanner/ssh/ssh_version SSH Version Scanner

  9. Vulnerability Scanning

  10. Vulnerability Scanning

  11. Vulnerability Scanning

  12. Vulnerability Searching https://github.com/offensive-security/exploit-database

  13. Vulnerability Searching https://www.exploit-db.com/

  14. None

  15. Vulnerability Searching

  16. Vulnerability Searching

  17. Vulnerability Searching https://nodesecurity.io/advisories https://web.nvd.nist.gov/view/vuln/search

  18. Exploitation

  19. Exploitation

  20. Exploitation

  21. Exploitation

  22. Veil - Framework Exploitation

  23. Exploitation

  24. Why These Tools?

  25. Demo 1

  26. Countermeasures

  27. Countermeasures Fix XSS vulns

  28. -

  29. Demo 2

  30. Countermeasures

  31. Countermeasures Understanding of Social Engineering

  32. None
  33. None

  34. Demo 3

  35. Countermeasures

  36. Countermeasures Spoofing

  37. None

  38. Exploitation Hooked Browsers... What now?

  39. None
  40. None

  41. Demo 4

  42. Demo 5

  43. Countermeasures

  44. Countermeasures • Long Complex Passwords • Disabling LM Hashing •

    Using SysKey • Eval Physical Access

  45. Documenting / Reporting

  46. None

  47. Following images are used under the Creative Commons: [1], [2]