Penetration testing

Discussion in 'Business & Enterprise Computing' started by L0che, Mar 16, 2016.

  1. L0che

    L0che Member

    Joined:
    Feb 3, 2004
    Messages:
    1,455
    Location:
    WA
    Its been several years since i last did any pen testing. What are the recommended tools these days?
     
  2. LordHole

    LordHole (Banned or Deleted)

    Joined:
    Jul 15, 2014
    Messages:
    709
    Location:
    MELBOURNE
    A stiff tool.
     
  3. Daemon

    Daemon Member

    Joined:
    Jun 27, 2001
    Messages:
    5,471
    Location:
    qld.au
    No offence, but if you need to ask then you probably shouldn't be doing it.

    The tools are the least important part of the process.
     
    Last edited: Mar 16, 2016
  4. PabloEscobar

    PabloEscobar Member

    Joined:
    Jan 28, 2008
    Messages:
    14,366
    Mostly Word... Open Office if that's your bent, or Latex if you're going to be doing it for lots of places :).

    ---

    Whats the business goal here? Or do you just want to point a VB6 GUI at your environment and click "Hack Me"?
     
  5. fR33z3

    fR33z3 Member

    Joined:
    Jul 16, 2001
    Messages:
    2,164
    Location:
    Perth
    I read a recent professional pentest report, and all I can say is wow. How they cracked the superuser level account was in my opinion genius, but probably just a day at the office for these guys. I was particularly blown away by how often an unusual sideways shuffle got them out of a dead-end.

    Echoing the same thoughts - exact tools are not really a good place to start. On the other hand, if you know what you want to do, you can probably find a tool or at the very least, some sample source code for you to compile your own tool. The real art of pentesting is knowing what kinds of weaknesses to look for, and how to link them together.
     
  6. elvis

    elvis Old school old fool

    Joined:
    Jun 27, 2001
    Messages:
    43,112
    Location:
    Brisbane
    Seconded. Call a professional. I can recommend a couple over PM if you like.
     
  7. Alationever

    Alationever Member

    Joined:
    Jun 10, 2014
    Messages:
    56
    Any you able to post any extracts or even just summarise? I'm curious.
     
  8. fR33z3

    fR33z3 Member

    Joined:
    Jul 16, 2001
    Messages:
    2,164
    Location:
    Perth
    I can't be too particular, but it comes down to the normal security practices.

    You have to lock all the doors. If there is an option to password protect something, its usually because it can be exploited. Thing of thinks like BIOSes, encrypting desktop hard disks, routing protocols. They're are a pain in the ass to do. Thats why they're an easy and safe target to get a foothold.

    Reveal nothing unless required and secure. Password reuse - thats what allowed the sideways move i mentioned earlier.

    And privileged users - they have to be by-the-book. Fixing a trivial workstation issue with a DA account - unnecessary and dangerous. There's just too many breadcrumbs left behind, especially with windows.
     
  9. elvis

    elvis Old school old fool

    Joined:
    Jun 27, 2001
    Messages:
    43,112
    Location:
    Brisbane
    I've been through a few pen tests, and they're always the same. Somewhere along the line, someone's made a shortcut to "just quickly make something work". These compromises get found, abused, and broken.

    I see it every day. Someone will want to do something, I'll tell them "do it right", they'll tell me they don't have the time and it's not that big a deal anyway blah blah. 6 months later it appears on a pen test, and everyone needs to spend twice the money fixing it than they would have doing it right in the first place.
     
  10. IACSecurity

    IACSecurity Member

    Joined:
    Jul 11, 2008
    Messages:
    760
    Location:
    ork.sg
    What did you use when you were a pen tester?

    Recommended tools are based completely upon what you are trying to compromise.
     
  11. ewok85

    ewok85 Member

    Joined:
    Jul 4, 2002
    Messages:
    8,105
    Location:
    Tokyo, Japan
    I've been getting into reading about pentesting and ethical hacking, and it's made me look at the environments I manage in a whole different way.
     
  12. lavi

    lavi Member

    Joined:
    Dec 20, 2002
    Messages:
    4,004
    Location:
    Brisbane
    tools are irrelevant really, the environment is very relevant
    will you have access to it remotely or physical? what's the client expectation? just get Admin or is it for PCI-DSS ?

    I normally use Cain and Abel for quick dirty ARP poisoning and poking around (90% of the time i gain admin with that) and Kali for the rest

    Yersinia for a lot of the cisco stuff, Armitage and Burp ... but it depends on what you find really, there are always tools you just gotta find vectors
     
  13. QuakeDude

    QuakeDude ooooh weeee ooooh

    Joined:
    Aug 4, 2004
    Messages:
    8,498
    Location:
    Melbourne
    Based of the detailed PasteBin dump I read on how the Hacking Team got hacked, I'm not even coming close to deluding myself that I could Pen test my own business adequately these days :lol:

    Ridiculously scary shit. Certainly makes me re-evaluate "pen testing" companies when they list out what sort of testing they could do while speaking to us.
     
  14. tin

    tin Member

    Joined:
    Jul 31, 2001
    Messages:
    6,420
    Location:
    Narrabri NSW
    2nd set of eyes is as important as knowing what you're doing. If you try to test your own stuff, you're going to focus on what you already know about it (consciously or subconsciously).
     
  15. cvidler

    cvidler Member

    Joined:
    Jun 29, 2001
    Messages:
    14,419
    Location:
    Canberra
    Yeah, most impressive, for a company supposedly all about security, they had some glaring policy/procedural issues.
     
  16. KriiV

    KriiV Member

    Joined:
    Feb 24, 2011
    Messages:
    1,395
    Location:
    The 3-thousand
    I've been competing in a number of CTF comps lately. For web application testing one of the most useful is Burp Suite. Check it out :thumbup:
     
  17. dakiller

    dakiller (Oscillating & Impeding)

    Joined:
    Jun 27, 2001
    Messages:
    8,242
    Location:
    3844
    You can't lawyer yourself, you can't doctor yourself, you can't proofread yourself, you can't pentest yourself.
     
  18. digian

    digian Member

    Joined:
    Jan 20, 2003
    Messages:
    413
  19. roger895

    roger895 Member

    Joined:
    Aug 27, 2007
    Messages:
    178
    Location:
    Hobart, TAS
    There is no one size fits all for pentesting.
    It depends what sector you're in mostly, and the person managing/working in the environment being tested shouldn't be the one to do the testing, because they'll know the network and where to poke around.

    A reputable company will have the skills to get in if there are any holes in the security without this knowledge and is what you need to know to patch up.

    The demo's we were shown were using Kali, and seemed simple to use.
     
  20. tin

    tin Member

    Joined:
    Jul 31, 2001
    Messages:
    6,420
    Location:
    Narrabri NSW
    That needs to be repeated 100 times.

    Doing some pre-testing yourself is OK. Hopefully that will remove obvious stupid mistakes before a real test. But never, ever call self-testing complete.
     

Share This Page

Advertisement: