Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
DevSecOps Bootcamp - Week 6 - Lesson 2
Search
DevSecOps
July 01, 2016
Technology
0
140
DevSecOps Bootcamp - Week 6 - Lesson 2
Bootcamp week 6 lesson 2
DevSecOps
July 01, 2016
Tweet
Share
More Decks by DevSecOps
See All by DevSecOps
DevSecOps Bootcamp - Week 6 - Lesson 1
devsecops
0
200
DevSecOps Bootcamp - Week 6 - Lesson 3
devsecops
0
150
DevSecOps Bootcamp - Week 5 - Lesson 1
devsecops
0
170
DevSecOps Bootcamp - Week 5 - Lesson 2
devsecops
0
120
DevSecOps Bootcamp - Week 4 - Lesson 1
devsecops
0
150
DevSecOps Bootcamp - Week 4 - Lesson 2
devsecops
0
82
DevSecOps Bootcamp - Week 4 - Lesson 3
devsecops
0
87
DevSecOps Bootcamp - Week 3 - Lesson 2
devsecops
0
88
DevSecOps Bootcamp - Week 3 - Lesson 3
devsecops
0
120
Other Decks in Technology
See All in Technology
LLM開発・活用の舞台裏@2024.04.25
yushin_n
3
1.3k
Gradle Build Scanを使ってビルドのことを知ろう potatotips #87
tomorrowkey
2
160
Next.js に疲れた私は Vue3 に癒やされた
akagire
0
140
コードファーストの考え方。 Amplify Gen2から学ぶAWS次世代のWeb開発体験
yoshiitaka
2
370
認知症フレンドリーテックとスタックチャン
naokiuc
0
270
データベース02: データベースの概念
trycycle
0
180
[新卒向け研修資料] テスト文字列に「うんこ」と入れるな(2024年版)
infiniteloop_inc
5
18k
コードや知識を組み込む / Incorporate Code and knowledge
ks91
PRO
0
150
Microsoft Intune 勉強会 第 2 回目
tamaiyutaro
2
460
非同期推論システムによるコスト削減と信頼性向上
koki_nishihara
1
360
EM完全に理解した と思ったけど、 やっぱり何も分からなかった話 / EM Night Fukuoka #1
hirutas
0
280
How to do well in consulting–Balkan Ruby 2024
irinanazarova
0
150
Featured
See All Featured
Faster Mobile Websites
deanohume
300
30k
A Tale of Four Properties
chriscoyier
152
22k
Web Components: a chance to create the future
zenorocha
306
41k
Designing for Performance
lara
601
67k
Code Reviewing Like a Champion
maltzj
515
39k
How to Create Impact in a Changing Tech Landscape [PerfNow 2023]
tammyeverts
20
1.6k
How to train your dragon (web standard)
notwaldorf
75
5.2k
ParisWeb 2013: Learning to Love: Crash Course in Emotional UX Design
dotmariusz
104
6.6k
How to Ace a Technical Interview
jacobian
273
22k
Build The Right Thing And Hit Your Dates
maggiecrowley
25
2k
Web development in the modern age
philhawksworth
203
10k
Building Flexible Design Systems
yeseniaperezcruz
320
37k
Transcript
1 BUILDING RUGGED SOFTWARE YEAR ONE / WEEK SIX /
LESSON TWO Copyright © DevSecOps Foundation 2015-2016
2 Copyright © DevSecOps Foundation 2015-2016 • Network Attack •
Nmap • Enumeration • Metasploit • Jenkins • JBoss • Lateral Movement • Lab 2 Agenda
3 Copyright © DevSecOps Foundation 2015-2016 • Enumerating systems •
Enumerating listening services • Known vulnerabilities • Unknown vulnerabilities (0 –Day) • Misconfigurations • Bad default installations (HUE, Jenkins, etc…) Network Attack
4 Copyright © DevSecOps Foundation 2015-2016 • Network Mapper •
Written by Fyodor • Extensible through Nmap scripting engine (NSE) using Lua • Many many command line args • RTFM @ https://svn.nmap.org/nmap/docs /nmap.usage.txt • Can test using scanme.nmap.org Nmap
5 Copyright © DevSecOps Foundation 2015-2016 • https://nvd.nist.gov • http://exploit-db.com
• https://cve.mitre.org • Tools • Nessus • Qualys • Nexpose • Nmap Vulnerability Enumeration (http://exploit-db.com, 2016)
6 Copyright © DevSecOps Foundation 2015-2016 • Offensive Security Framework
• Exploit Development • Exploit Delivery • Modular • Exploit Modules • Auxiliary Modules • Scanner Modules • Multiple Payloads • Meterpreter • Shell • Post Exploitation Modules • Gather Data • Steal and Crack Password Hashes Metasploit
7 Copyright © DevSecOps Foundation 2015-2016 • Continuous Integration •
Continuous Deployment • Master/Slave Architecture • Distributed code execution platform • Insecure by DEFAULT Jenkins
8 Copyright © DevSecOps Foundation 2015-2016 • Java Application Server
• Older versions are insecure by default • JMX Console can be used to deploy arbitrary applications • Many remote code execution vulnerabilities JBoss
9 Copyright © DevSecOps Foundation 2015-2016 • Establish Foothold •
Gather loot • .bash_history • .ssh • .aws • /etc/shadow • Begin Network Enumeration • Scan (loud) • ARP (quiet) • Persistence Lateral Movement/Pivoting
10 Questions? Copyright © DevSecOps Foundation 2015-2016
11 Copyright © DevSecOps Foundation 2015-2016 • https://github.com/devsecops/bootcamp/blob/master/Week- 6/labs/LAB-2.md Lab
2 – Exploiting Jenkins