Tweet
Tweet

Slide 1

Slide 1 text

AN INVITATION TO OFFENSIVE SECURITY

Slide 2

Slide 2 text

WHOAMI @buherator ex-BuheraBlog CrySys dropout :) Silent Signal (2010 - )

Slide 3

Slide 3 text

GOALS Demystification Pointers to start Advice to progress

Slide 4

Slide 4 text

THE TRAINING

Slide 5

Slide 5 text

THE LOST WISDOM Many believe that principles of offensive thinking can't be taught Breaking the rules Gaining power from chaos Disobeying restrictions The Force within one seems to be of great importance

Slide 6

Slide 6 text

TRAINING Well tested methodologies are rare Technology changes by the day Reliance on undocumented workings

Slide 7

Slide 7 text

TRUE MASTERS KNOW "breaking" is in fact "using" "chaos" is just a barrier of your understanding "restrictions" are tools in the right hands

Slide 8

Slide 8 text

TRAINING Fighting with complexity Rational planning Managed processes Professional implementation Formal education is gaining importance#thoughtleading

Slide 9

Slide 9 text

SCIENTIFIC APPROACH Reproducibility (e.g. vs. ) BROP BROP Evidence based approach Clear definitions, understanding of possibilities

Slide 10

Slide 10 text

KNOW YOUR STUFF! Computer architectures (5 Galactic Credits) Operating Systems (4 Galactic Credits) Basics of Programming I-II. + SW labs (~12 Galactic Credits) Computer Networks (4 Galactic Credits)

Slide 11

Slide 11 text

THE BEST STAR-PILOT IN THE GALAXY, AND A CUNNING WARRIOR Learn to fly a T-16! Program some moisture vaporators! Clean and repair broken droids! Then you can go for a security job

Slide 12

Slide 12 text

MEANWHILE...

Slide 13

Slide 13 text

DAMN VULNERABLE X Hologram machines designed by that traitor Galen Erso Best for beginners who can't force choke an Ewok Don't cheat!

Slide 14

Slide 14 text

BUG BOUNTIES Approved by the Empire Real systems to 0wn Tools & Techniques Scoping, reporting $$$

Slide 15

Slide 15 text

CTF Competitive environment Focused work Team work Tools & Techniques Force Learning exercise

Slide 16

Slide 16 text

SERVING THE EMPIRE

Slide 17

Slide 17 text

PENETRATION TESTING

Slide 18

Slide 18 text

PENTEST Simulating Rebel activity in Empire systems Presenting results to the Executive Branch Assistence with problem resolution

Slide 19

Slide 19 text

PENTEST Strong communication skills In presence of Sith Lords ...or Wookies Force Learning should be one of your top skills! And also...

Slide 20

Slide 20 text

READING MINDS Which part of this gate control was finished 2 minutes before Lord Vader arrived? What would Jar Jar Binks assume about this PHP type cast? This is when experience with filthy droids and womp rats comes handy!

Slide 21

Slide 21 text

PENTEST > BUG BOUNTY Enforced methodology Definite targets Deeper insight Intranets Exotic technologies Assisting with issue resolutions Accountability

Slide 22

Slide 22 text

PENTEST > BUG BOUNTY If rebels blow up the Star Destroyer you just audited with some proton torpedoes....

Slide 23

Slide 23 text

PROFESSIONAL BOUNTY HUNTING

Slide 24

Slide 24 text

SERVICE BOUNTIES Find new attack surface Infrastructure discover Feature discovery Find new attack techniques Can this be done reliably? First strategy seems more fitting

Slide 25

Slide 25 text

SOFTWARE BOUNTIES Enterprise server so ware are a good start Real impact Usually riddled with critical holes No/Basic mitigations Limited accessibility Exclusive aquisition channels are valuable!

Slide 26

Slide 26 text

SOFTWARE BOUNTIES Test environment Installation:

Slide 27

Slide 27 text

SOFTWARE BOUNTIES High value targets Adobe Reader, MS Office, Death Star, etc. Sometimes with instrumented builds, fuzzing harness, etc. Strong shields Exploit mitigations Competition Deprecation (e.g. click-to-play)

Slide 28

Slide 28 text

VULNERABILITY DEVELOPMENT RoT: Exploitation is ~10x harder than finding the bug The actual ratio can be much worse than this Start easy Known exploits Known vulnerabilities

Slide 29

Slide 29 text

VULNERABILITY DEVELOPMENT Imagine a CTF where The game lasts for months Writing an exploit can take weeks Not all targets have vulnerabilities Not all vulnerabilities are exploitable

Slide 30

Slide 30 text

So while playing CTF, pay attention to: Resource management (time, people) Attack surface identification Targeting (risk assessment) Team coordination

Slide 31

Slide 31 text

BECOMING

Slide 32

Slide 32 text

BECOMING Look beyond individual vulnerabilities Find ways that work universally Or at least in multiple star systems The Empire demands results Need for practical methods In time

Slide 33

Slide 33 text

FIND YOUR PATHS Levels of abstraction At low level many simple things work together Higher level units encapsulate complexity and interact in "weird" ways It's worth figuring out the level you are most effective at

Slide 34

Slide 34 text

TOOLING

Slide 35

Slide 35 text

TOOLING Exercise your skills by creating/improving tools Automation Proof of Concept Reproduction of prior results

Slide 36

Slide 36 text

TOOLING We suck at this... Missing utilities Create them! Low quality implementations Fix them! Lack of documentation Write them!

Slide 37

Slide 37 text

CONSTRAINTS

Slide 38

Slide 38 text

CONSTRAINTS Contraints no foolish Jedi can ovecome Energy Time Use these to make yourself powerful!

Slide 39

Slide 39 text

ENERGY The possibility of starvation can be a great motivator Fill up your reserves then go for it There is no try! The little green dude was right about this...

Slide 40

Slide 40 text

TIME At the Academy, time seems infinite And in some sense it is Make as much as you can out of this opportunity! Inclemency is key

Slide 41

Slide 41 text

TIME How long is a minute? Ask someone held under the swamp of Dagobah! Planning Sequence of short tasks (1- ) Goals within reach - Simple things that work (aka. KISS) Deadlines 2h

Slide 42

Slide 42 text

COMMUNITY EVENTS

Slide 43

Slide 43 text

COMMUNITY EVENTS Idiots of the Trade Federation are taking over Throught the eyes of these fools The powers of the Force are magic tricks The Master is just a clown Don't let the lights and Jedi mind tricks blind your vision!

Slide 44

Slide 44 text

COMMUNITY EVENTS Look for teachers instead of rock stars Listen to content from (seemingly) distant fields Interact

Slide 45

Slide 45 text

LEARNING FROM MASTERS Do you understand the way it works? Can you do it yourself? Show us! Can you improve it?

Slide 46

Slide 46 text

DEMONSTRATION OF POWER Prove yourself worthy Make your enemies fear & your allies respect you Empower the order of Sith meet deadlines...

Slide 47

Slide 47 text

THE DARK SIDE IS SEXY!

Slide 48

Slide 48 text

THE DARK SIDE IS SEXY! Discover yet uncharted parts of space Challenge the best minds of the Galaxy ...whole armies even! Conquer them for fame and fortune

Slide 49

Slide 49 text

THE DARK SIDE IS POWERFUL The Senate just doesn't know The Light Side is paralyzed by Mortals are Eventually: The Sith will rule the Galaxy! what's going on ancient dogmas terrible at making rational decisions

Slide 50

Slide 50 text

But in the end... THE FORCE SURROUNDS US ALL

Slide 51

Slide 51 text

BEFORE LETTING YOU GO... Questions?