Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
DevSecOps Bootcamp - Week 6 - Lesson 2
Search
DevSecOps
July 01, 2016
Technology
0
140
DevSecOps Bootcamp - Week 6 - Lesson 2
Bootcamp week 6 lesson 2
DevSecOps
July 01, 2016
Tweet
Share
More Decks by DevSecOps
See All by DevSecOps
DevSecOps Bootcamp - Week 6 - Lesson 1
devsecops
0
210
DevSecOps Bootcamp - Week 6 - Lesson 3
devsecops
0
160
DevSecOps Bootcamp - Week 5 - Lesson 1
devsecops
0
180
DevSecOps Bootcamp - Week 5 - Lesson 2
devsecops
0
130
DevSecOps Bootcamp - Week 4 - Lesson 1
devsecops
0
160
DevSecOps Bootcamp - Week 4 - Lesson 2
devsecops
0
89
DevSecOps Bootcamp - Week 4 - Lesson 3
devsecops
0
91
DevSecOps Bootcamp - Week 3 - Lesson 2
devsecops
0
91
DevSecOps Bootcamp - Week 3 - Lesson 3
devsecops
0
130
Other Decks in Technology
See All in Technology
UI State設計とテスト方針
rmakiyama
4
940
Oracle Base Database Service:サービス概要のご紹介
oracle4engineer
PRO
1
16k
20241125 - AI 繪圖實戰魔法工作坊 @ 實踐大學
dpys
1
440
[JAWS-UG新潟#20] re:Invent2024 -CloudOperationsアップデートについて-
shintaro_fukatsu
0
150
OPENLOGI Company Profile
hr01
0
57k
Storage Browser for Amazon S3を触ってみた + α
miura55
0
110
.NET 最新アップデート ~ AI とクラウド時代のアプリモダナイゼーション
chack411
0
150
Evolving Architecture
rainerhahnekamp
3
220
Qiita埋め込み用スライド
naoki_0531
0
5.5k
The future we create with our own MVV
matsukurou
0
1.5k
Unlearn Product Development - Unleashed Edition
lemiorhan
PRO
2
170
20241228 - 成為最強魔法使!AI 實時生成比賽的策略 @ 2024 SD AI 年會
dpys
0
340
Featured
See All Featured
Understanding Cognitive Biases in Performance Measurement
bluesmoon
27
1.5k
CoffeeScript is Beautiful & I Never Want to Write Plain JavaScript Again
sstephenson
160
15k
We Have a Design System, Now What?
morganepeng
51
7.3k
Optimising Largest Contentful Paint
csswizardry
33
3k
Evolution of real-time – Irina Nazarova, EuRuKo, 2024
irinanazarova
6
490
Easily Structure & Communicate Ideas using Wireframe
afnizarnur
191
16k
A designer walks into a library…
pauljervisheath
205
24k
RailsConf 2023
tenderlove
29
960
Java REST API Framework Comparison - PWX 2021
mraible
28
8.3k
Save Time (by Creating Custom Rails Generators)
garrettdimon
PRO
29
940
Distributed Sagas: A Protocol for Coordinating Microservices
caitiem20
330
21k
Into the Great Unknown - MozCon
thekraken
34
1.6k
Transcript
1 BUILDING RUGGED SOFTWARE YEAR ONE / WEEK SIX /
LESSON TWO Copyright © DevSecOps Foundation 2015-2016
2 Copyright © DevSecOps Foundation 2015-2016 • Network Attack •
Nmap • Enumeration • Metasploit • Jenkins • JBoss • Lateral Movement • Lab 2 Agenda
3 Copyright © DevSecOps Foundation 2015-2016 • Enumerating systems •
Enumerating listening services • Known vulnerabilities • Unknown vulnerabilities (0 –Day) • Misconfigurations • Bad default installations (HUE, Jenkins, etc…) Network Attack
4 Copyright © DevSecOps Foundation 2015-2016 • Network Mapper •
Written by Fyodor • Extensible through Nmap scripting engine (NSE) using Lua • Many many command line args • RTFM @ https://svn.nmap.org/nmap/docs /nmap.usage.txt • Can test using scanme.nmap.org Nmap
5 Copyright © DevSecOps Foundation 2015-2016 • https://nvd.nist.gov • http://exploit-db.com
• https://cve.mitre.org • Tools • Nessus • Qualys • Nexpose • Nmap Vulnerability Enumeration (http://exploit-db.com, 2016)
6 Copyright © DevSecOps Foundation 2015-2016 • Offensive Security Framework
• Exploit Development • Exploit Delivery • Modular • Exploit Modules • Auxiliary Modules • Scanner Modules • Multiple Payloads • Meterpreter • Shell • Post Exploitation Modules • Gather Data • Steal and Crack Password Hashes Metasploit
7 Copyright © DevSecOps Foundation 2015-2016 • Continuous Integration •
Continuous Deployment • Master/Slave Architecture • Distributed code execution platform • Insecure by DEFAULT Jenkins
8 Copyright © DevSecOps Foundation 2015-2016 • Java Application Server
• Older versions are insecure by default • JMX Console can be used to deploy arbitrary applications • Many remote code execution vulnerabilities JBoss
9 Copyright © DevSecOps Foundation 2015-2016 • Establish Foothold •
Gather loot • .bash_history • .ssh • .aws • /etc/shadow • Begin Network Enumeration • Scan (loud) • ARP (quiet) • Persistence Lateral Movement/Pivoting
10 Questions? Copyright © DevSecOps Foundation 2015-2016
11 Copyright © DevSecOps Foundation 2015-2016 • https://github.com/devsecops/bootcamp/blob/master/Week- 6/labs/LAB-2.md Lab
2 – Exploiting Jenkins
devsecops
rmakiyama
oracle4engineer
dpys
shintaro_fukatsu
hr01
miura55
chack411
rainerhahnekamp
naoki_0531
matsukurou
lemiorhan
bluesmoon
sstephenson
morganepeng
csswizardry
irinanazarova
afnizarnur
pauljervisheath
tenderlove
mraible
garrettdimon
caitiem20
thekraken
