Upload
abigail-flowers
View
213
Download
1
Tags:
Embed Size (px)
Citation preview
Attack Tool Repository and Attack Tool Repository and Player for ISEAGEPlayer for ISEAGE
May 06-11 Team:May 06-11 Team: Jeremy BrothertonJeremy Brotherton
Timothy HilbyTimothy Hilby
Brett MastbergenBrett Mastbergen
Jasen StoekerJasen Stoeker
Faculty Advisor:Faculty Advisor: Doug JacobsonDoug Jacobson
Client:Client: Information Assurance Information Assurance CenterCenter
April 25, 2006
May06-11 ISEAGE Attack Tool RepoMay06-11 ISEAGE Attack Tool Repository and Playersitory and Player
22
OutlineOutline IntroductionIntroduction
– Project background and requirementsProject background and requirements Project activitiesProject activities
– Research, design, implementation, and testingResearch, design, implementation, and testing Resources and scheduleResources and schedule
– Personnel and financial Personnel and financial Closing materialClosing material
– Project evaluationProject evaluation– Lessons learnedLessons learned– Risk managementRisk management– Closing summaryClosing summary
May06-11 ISEAGE Attack Tool RepoMay06-11 ISEAGE Attack Tool Repository and Playersitory and Player
33
DefinitionsDefinitions ASPASP - Active Server Pages, programming language for dynamic - Active Server Pages, programming language for dynamic
websites.websites. ExploitExploit - An attack on a computer system that takes advantage - An attack on a computer system that takes advantage
of a vulnerability.of a vulnerability. GUI GUI – Graphical user interface– Graphical user interface ISEAGEISEAGE - Internet Scale Event and Attack Generation - Internet Scale Event and Attack Generation
Environment, a network dedicated to creating a virtual Internet Environment, a network dedicated to creating a virtual Internet for the purpose of researching, designing, and testing cyber for the purpose of researching, designing, and testing cyber defense mechanisms. defense mechanisms.
MySQLMySQL - Open source database that uses the Structured Query - Open source database that uses the Structured Query Language.Language.
PHPPHP - PHP: Hypertext Preprocessor, another programming - PHP: Hypertext Preprocessor, another programming language for dynamic websites.language for dynamic websites.
SSHSSH – Secure Shell, a protocol that allows users to interact with – Secure Shell, a protocol that allows users to interact with a computer remotely over a secure session.a computer remotely over a secure session.
VulnerabilityVulnerability - A weakness in a system due to security - A weakness in a system due to security procedures, implementation or other means that could be procedures, implementation or other means that could be exploited. exploited.
May06-11 ISEAGE Attack Tool RepoMay06-11 ISEAGE Attack Tool Repository and Playersitory and Player
44
Problem StatementProblem Statement
Problem StatementProblem Statement– Currently, trying to attack a computer Currently, trying to attack a computer
vulnerability means scouring the Internet for the vulnerability means scouring the Internet for the right attackright attack
– Computer professionals and others, need a way Computer professionals and others, need a way to locate and launch exploits quickly and easilyto locate and launch exploits quickly and easily
Problem SolutionProblem Solution– Develop a web application that interfaces to a Develop a web application that interfaces to a
database of network attacksdatabase of network attacks– Users can search the database and launch Users can search the database and launch
attacks through a web browserattacks through a web browser
May06-11 ISEAGE Attack Tool RepoMay06-11 ISEAGE Attack Tool Repository and Playersitory and Player
55
Operating EnvironmentOperating Environment
ISEAGE network at ISU research parkISEAGE network at ISU research park– Software can operate on any platformSoftware can operate on any platform– 60-90 degrees Fahrenheit60-90 degrees Fahrenheit– Low moistureLow moisture
May06-11 ISEAGE Attack Tool RepoMay06-11 ISEAGE Attack Tool Repository and Playersitory and Player
66
Intended Users and UsesIntended Users and Uses
UsersUsers– Researchers, students, vendors, and Researchers, students, vendors, and
computer professionals computer professionals UsesUses
– Evaluate weaknesses in computer Evaluate weaknesses in computer systems and network architectures systems and network architectures
– Training users about computer and Training users about computer and network securitynetwork security
May06-11 ISEAGE Attack Tool RepoMay06-11 ISEAGE Attack Tool Repository and Playersitory and Player
77
AssumptionsAssumptions
The application is being coded using PHP and MySQL
Maximum number of simultaneous users is twenty
Maximum query response time is two seconds
Any attack can only run for 60 seconds
May06-11 ISEAGE Attack Tool RepoMay06-11 ISEAGE Attack Tool Repository and Playersitory and Player
88
LimitationsLimitations
The database will not include all possible attacks or all known attacks
Size of database is limited to available disk space
This system will not fix vulnerabilities or pinpoint the cause of failure
May06-11 ISEAGE Attack Tool RepoMay06-11 ISEAGE Attack Tool Repository and Playersitory and Player
99
End Product and End Product and DeliverablesDeliverables
Complete PHP website and MySQL Complete PHP website and MySQL database populated with exploits database populated with exploits (commented source code)(commented source code)
User’s guideUser’s guide Administrative guide – includes setup Administrative guide – includes setup
and maintenance instructionsand maintenance instructions Final reportFinal report
May06-11 ISEAGE Attack Tool RepoMay06-11 ISEAGE Attack Tool Repository and Playersitory and Player
1010
Present AccomplishmentsPresent Accomplishments
Verified client needs and requirementsVerified client needs and requirements Researched approaches for problem solution Researched approaches for problem solution Completed detailed designCompleted detailed design Created prototype website and databaseCreated prototype website and database Added prototype functionality to meet Added prototype functionality to meet
client’s needsclient’s needs Developed accompanying documentationDeveloped accompanying documentation Working application was approved by client Working application was approved by client
and has been deliveredand has been delivered
May06-11 ISEAGE Attack Tool RepoMay06-11 ISEAGE Attack Tool Repository and Playersitory and Player
1111
Approaches Considered and Approaches Considered and UsedUsed
MySQL database of current exploits for MySQL database of current exploits for several platformsseveral platforms
PHP based webpage that allows users PHP based webpage that allows users to search the database for exploitsto search the database for exploits
PHP code that allows users to launch PHP code that allows users to launch exploits with the click of a buttonexploits with the click of a button
Apache web server for hosting the Apache web server for hosting the interfaceinterface
May06-11 ISEAGE Attack Tool RepoMay06-11 ISEAGE Attack Tool Repository and Playersitory and Player
1212
Approaches Considered and Approaches Considered and Used cont.Used cont.
Stand alone computer applicationStand alone computer application Remote connection to databaseRemote connection to database Database remotely connects to Database remotely connects to
various computersvarious computers
May06-11 ISEAGE Attack Tool RepoMay06-11 ISEAGE Attack Tool Repository and Playersitory and Player
1313
Definition ActivitiesDefinition Activities
Discussed project needs with client Discussed project needs with client and obtained approval for proposed and obtained approval for proposed solutionsolution
Final Project DefinitionFinal Project Definition– To develop a scalable, web-based To develop a scalable, web-based
application that provides users with the application that provides users with the ability to search for network attacks and ability to search for network attacks and launch them with a single clicklaunch them with a single click
May06-11 ISEAGE Attack Tool RepoMay06-11 ISEAGE Attack Tool Repository and Playersitory and Player
1414
Research ActivitiesResearch Activities
Webpage programming languagesWebpage programming languages– PHP and ASPPHP and ASP
Database optionsDatabase options– MySQL and SQL Server 2005MySQL and SQL Server 2005
May06-11 ISEAGE Attack Tool RepoMay06-11 ISEAGE Attack Tool Repository and Playersitory and Player
1515
Database TechnologiesDatabase Technologies
MySQLMySQL SQL Server 2005SQL Server 2005 Open SourceOpen Source Mature and Well Mature and Well TestedTested Platform Platform IndependentIndependent Not as Well Not as Well IntegratedIntegrated Not as Much Pre-Not as Much Pre-Written CodeWritten Code
Best Integration of Best Integration of Any PlatformAny Platform Most Extensive Most Extensive ToolsTools Large Amount of Large Amount of Pre-Written CodePre-Written Code Licensing IssuesLicensing Issues Not mature, limited Not mature, limited track recordtrack record
May06-11 ISEAGE Attack Tool RepoMay06-11 ISEAGE Attack Tool Repository and Playersitory and Player
1616
Webpage Programming Webpage Programming LanguagesLanguages
PHPPHP ASP .NET 2005ASP .NET 2005 Current Version Current Version Well TestedWell Tested Many Online Many Online ExamplesExamples Cross PlatformCross Platform Not as Well Not as Well IntegratedIntegrated Can’t Drag and Can’t Drag and Drop InterfacesDrop Interfaces
Extremely Well Extremely Well Integrated with SQL Integrated with SQL Server 2005Server 2005 Large Amount of Large Amount of Built in ObjectsBuilt in Objects Best IDEBest IDE Licensing IssuesLicensing Issues Not matureNot mature
May06-11 ISEAGE Attack Tool RepoMay06-11 ISEAGE Attack Tool Repository and Playersitory and Player
1717
Technology SelectionsTechnology Selections
MySQLMySQL PHPPHP ApacheApache
May06-11 ISEAGE Attack Tool RepoMay06-11 ISEAGE Attack Tool Repository and Playersitory and Player
1818
Design ActivitiesDesign Activities
Design constraintsDesign constraints– Platform independentPlatform independent– Web-basedWeb-based– Powerful and extensible databasePowerful and extensible database– Administrator controlsAdministrator controls
May06-11 ISEAGE Attack Tool RepoMay06-11 ISEAGE Attack Tool Repository and Playersitory and Player
1919
Basic Solution ArchitectureBasic Solution Architecture
User Machine
Database
Web ServerPHP Script
Windows Attacks
Macintosh Attacks
Linux AttacksTarget Machine
May06-11 ISEAGE Attack Tool RepoMay06-11 ISEAGE Attack Tool Repository and Playersitory and Player
2020
Implementation ActivitiesImplementation Activities
Design website frameworkDesign website framework Develop a test database with fake Develop a test database with fake
exploitsexploits Created PHP code to run search Created PHP code to run search
queriesqueries Developed PHP code to launch attacksDeveloped PHP code to launch attacks Original designs remained unchangedOriginal designs remained unchanged
May06-11 ISEAGE Attack Tool RepoMay06-11 ISEAGE Attack Tool Repository and Playersitory and Player
2121
Testing ActivitiesTesting Activities
User search criteria translated into User search criteria translated into proper SQL queryproper SQL query
Query results returned back properlyQuery results returned back properly Launching of attacks is actually Launching of attacks is actually
generating network trafficgenerating network traffic Evaluation by both the team and Evaluation by both the team and
ISEAGE graduate studentsISEAGE graduate students
May06-11 ISEAGE Attack Tool RepoMay06-11 ISEAGE Attack Tool Repository and Playersitory and Player
2222
Testing PrioritiesTesting Priorities
High priority tests cover criticalHigh priority tests cover criticalproduct featuresproduct features
Medium priority tests cover Medium priority tests cover supplemental product featuressupplemental product features
Low priority tests cover non-essential Low priority tests cover non-essential product featuresproduct features
May06-11 ISEAGE Attack Tool RepoMay06-11 ISEAGE Attack Tool Repository and Playersitory and Player
2323
Testing ResultsTesting Results
PriorityPriority TestsTests PassedPassed FixedFixed % % CompleteComplete
HighHigh 99 88 11 100%100%
MediuMediumm
44 44 00 100%100%
LowLow 33 00 11 33%33%
TotalTotal 1616 1212 22 88%88%
May06-11 ISEAGE Attack Tool RepoMay06-11 ISEAGE Attack Tool Repository and Playersitory and Player
2424
Significant ActivitiesSignificant Activities
Component End ResultWebsite software Completed
User documentation Completed
Administrative guide Completed
Database structure and contents
Completed
Commented source code Completed
0
20
40
60
80
100
% C
om
ple
te
Completion of Project Components
Website Code
User Docs
Admin Guide
DatabaseStructure andcontents
CommentedSource Code
May06-11 ISEAGE Attack Tool RepoMay06-11 ISEAGE Attack Tool Repository and Playersitory and Player
2525
Personnel Effort Personnel Effort RequirementsRequirements
Personnel Effort (Hours)
105
7289
70Jeremy BrothertonTim HilbyBrett MastbergenJasen Stoeker
May06-11 ISEAGE Attack Tool RepoMay06-11 ISEAGE Attack Tool Repository and Playersitory and Player
2626
Other Resource Other Resource RequirementsRequirements
Other Resources Required ($)
6
6
625
Project Plan BindingDesign Report BindingFinal Report BindingProject Poster
Item CostsProject Plan Binding 6.00$ Design Report Binding 6.00$ Final Report Binding 6.00$ Project Poster Lamination and Board 25.00$ Total 43.00$
Other Resource Requirements
May06-11 ISEAGE Attack Tool RepoMay06-11 ISEAGE Attack Tool Repository and Playersitory and Player
2727
Financial RequirementsFinancial Requirements
Item W/O labor With labor Donated costsProject poster printing 40.00$ Bound project documentation 18.00$ 18.00$ Poster lamination and board 25.00$ 25.00$ PHP book 40.00$ 2 Donated computers (ISEAGE) 800.00$ Labor at $11.00 per hour:
Jeremy Brotherton 1,155.00$ Tim Hilby 792.00$
Brett Mastbergen 979.00$ Jasen Stoeker 770.00$
Total costs 43.00$ 3,739.00$ 880.00$
Final project costs
43
3739
880
0
500
1000
1500
2000
2500
3000
3500
$
Total Costs
Financial Requirements ($)
W/ O LaborWith LaborDonated Costs
May06-11 ISEAGE Attack Tool RepoMay06-11 ISEAGE Attack Tool Repository and Playersitory and Player
2828
Project ScheduleProject Schedule
May06-11 ISEAGE Attack Tool RepoMay06-11 ISEAGE Attack Tool Repository and Playersitory and Player
2929
Closing MaterialClosing Material
Project evaluationProject evaluation CommercializationCommercialization Additional workAdditional work Lessons learnedLessons learned Risk and risk managementRisk and risk management Closing summaryClosing summary
May06-11 ISEAGE Attack Tool RepoMay06-11 ISEAGE Attack Tool Repository and Playersitory and Player
3030
Project EvaluationProject Evaluation
Milestone evaluation criteriaCriteria Score
Greatly exceeded 110%
Exceeded 105%
Fully met 100%
Partially met 80%
Not met 30%
Not attempted 0%
May06-11 ISEAGE Attack Tool RepoMay06-11 ISEAGE Attack Tool Repository and Playersitory and Player
3131
Project Evaluation Cont.Project Evaluation Cont.
Project ResultsMilestone Evaluation Resultant Percentage
Project plan development Fully Met 20%*100 = 20%
Design research Fully Met 5%*100 = 5%
Technology selection Fully Met 5%*100 = 5%
Initial product design Fully Met 20%*100 = 20%
Framework implemented Fully Met 10%*100 = 10%
End-product testing Partially Met 15%*80 = 12%
End-product documentation Fully Met 15%* 100 = 15%
End-product demonstration Fully Met 10% * 100 = 10%
Total 97%
May06-11 ISEAGE Attack Tool RepoMay06-11 ISEAGE Attack Tool Repository and Playersitory and Player
3232
CommercializationCommercialization
Not planned, developed strictly for Not planned, developed strictly for use with ISEAGEuse with ISEAGE
May06-11 ISEAGE Attack Tool RepoMay06-11 ISEAGE Attack Tool Repository and Playersitory and Player
3333
Future WorkFuture Work
Continuing to add to the database of Continuing to add to the database of exploitsexploits
Adding additional functionality such Adding additional functionality such as allowing users to interact with the as allowing users to interact with the remote machine via the web remote machine via the web interfaceinterface
Allow users to select target machines Allow users to select target machines from a network diagramfrom a network diagram
May06-11 ISEAGE Attack Tool RepoMay06-11 ISEAGE Attack Tool Repository and Playersitory and Player
3434
Lessons LearnedLessons Learned
What went wellWhat went well– Implementation, cImplementation, client demonstration, team worklient demonstration, team work
What did not go wellWhat did not go well– Equipment setup, project planEquipment setup, project plan
Technical knowledge gainedTechnical knowledge gained– PHP, MySQL, XAMPPPHP, MySQL, XAMPP
Non-technical knowledge gainedNon-technical knowledge gained– Communications skills, long term planningCommunications skills, long term planning
What would be done differentlyWhat would be done differently– Implementation, hardware setupImplementation, hardware setup
May06-11 ISEAGE Attack Tool RepoMay06-11 ISEAGE Attack Tool Repository and Playersitory and Player
3535
Risks and Risk ManagementRisks and Risk Management Anticipated risksAnticipated risks
– Loss of a team member due to sickness Loss of a team member due to sickness or other unexpected circumstancesor other unexpected circumstances
– Missed deadlinesMissed deadlines– Faulty productFaulty product– Poor communications among team Poor communications among team
members may halt the projectmembers may halt the project– Data lossData loss
May06-11 ISEAGE Attack Tool RepoMay06-11 ISEAGE Attack Tool Repository and Playersitory and Player
3636
Risks and Risk Management Risks and Risk Management cont.cont.
Risk managementRisk management– Continually informed team of individual progress Continually informed team of individual progress
and shared all essential project knowledgeand shared all essential project knowledge– Team leader kept close track of all upcoming Team leader kept close track of all upcoming
deadlines and always tried to be one week aheaddeadlines and always tried to be one week ahead– Continually met with Dr. Jacobson to ensure project Continually met with Dr. Jacobson to ensure project
was progressing in the intended directionwas progressing in the intended direction– Regularly scheduled meetings and team email Regularly scheduled meetings and team email
communication ensured all team members were communication ensured all team members were always informedalways informed
– All implementation code was placed in a backed up All implementation code was placed in a backed up CVS repository and all project documents were CVS repository and all project documents were regularly distributed to all team membersregularly distributed to all team members
May06-11 ISEAGE Attack Tool RepoMay06-11 ISEAGE Attack Tool Repository and Playersitory and Player
3737
Risks and Risk Management Risks and Risk Management cont.cont.
Anticipated risks encounteredAnticipated risks encountered– Loss of a team member due to sicknessLoss of a team member due to sickness– Work load was divided among remaining team Work load was divided among remaining team
membersmembers Unanticipated risks encounteredUnanticipated risks encountered
– Dead on arrival hardwareDead on arrival hardware– Implementation and testing were carried out Implementation and testing were carried out
on a single machineon a single machine Changes in risk management due to Changes in risk management due to
unanticipated risksunanticipated risks– Changed deadlinesChanged deadlines– Assumed each task would have unexpected Assumed each task would have unexpected
problemsproblems
May06-11 ISEAGE Attack Tool RepoMay06-11 ISEAGE Attack Tool Repository and Playersitory and Player
3838
Closing SummaryClosing Summary
ProblemProblem– Need to locate and launch exploits from Need to locate and launch exploits from
one locationone location– Users need a simple interface to this type Users need a simple interface to this type
of toolof tool Solution Solution
– Developed a MySQL database of attacksDeveloped a MySQL database of attacks– Created PHP based website to interface Created PHP based website to interface
with a database and it has the ability to with a database and it has the ability to launch specific exploits from any web launch specific exploits from any web browserbrowser
May06-11 ISEAGE Attack Tool RepoMay06-11 ISEAGE Attack Tool Repository and Playersitory and Player
3939
Any questions or comments?Any questions or comments?