26
Linux server penetration testing project By: emad soltani nezhad Bardia Izadpanahi Islamic Azad University Pardis Branch May 2015

Linux server penetration testing project

Tags:

Embed Size (px)

Citation preview

Page 1: Linux server penetration testing project

Linux server penetration testing project

By: emad soltani nezhad

Bardia IzadpanahiIslamic Azad University

Pardis BranchMay 2015

Page 2: Linux server penetration testing project

2

How to?

Linux server penetration testing project

Page 3: Linux server penetration testing project

3

Linux server penetration testing project

Roadmap Introduction Scenario and steps penetration Used tools Gather information Penetration into the target system Increasing the level of access Embedded backdoors

Page 4: Linux server penetration testing project

4

Linux server penetration testing project

Introduction

Page 5: Linux server penetration testing project

5

Linux server penetration testing project

Scenario and steps penetration

Port Scan

Open FTP & SSH

Page 6: Linux server penetration testing project

6

Linux server penetration testing project

Used tools Ubuntu 14.4 Nmap Hydra Netcat Ssh Find strings

Page 7: Linux server penetration testing project

7

Linux server penetration testing project

Gather information

192.168.222.132

Page 8: Linux server penetration testing project

8

Linux server penetration testing project

Penetration into the target system

Dictionarybrute force

Page 9: Linux server penetration testing project

9

Linux server penetration testing project

Penetration into the target system

users.txt

Page 10: Linux server penetration testing project

10

Linux server penetration testing project

Penetration into the target system

pass.txt

Page 11: Linux server penetration testing project

11

Linux server penetration testing project

Penetration into the target system

RUN hydra

Page 12: Linux server penetration testing project

12

Linux server penetration testing project

Penetration into the target system

Log in or through ssh

Page 13: Linux server penetration testing project

13

Linux server penetration testing project

Hacking The System

Penetration into the target system

Page 14: Linux server penetration testing project

14

Dynamic Source Routing simulation

Increasing the level of access

Step1 (Checks setuid File)

Page 15: Linux server penetration testing project

15

Linux server penetration testing project

Increasing the level of access

Step2 (Contents sid.txt File)

Page 16: Linux server penetration testing project

16

Linux server penetration testing project

Increasing the level of access

Step3 (Run myexec)

Page 17: Linux server penetration testing project

17

Linux server penetration testing project

Increasing the level of access

Step4 (Analysis myexec)

Page 18: Linux server penetration testing project

18

Linux server penetration testing project

Increasing the level of access Step5 (Program execution with the password

mypasscode)

Page 19: Linux server penetration testing project

19

Linux server penetration testing project

Page 20: Linux server penetration testing project

20

Linux server penetration testing project

Embedded backdoorsEmbedded Backdoors

Page 21: Linux server penetration testing project

21

Embedded backdoors Step1 (Open the port 1500 on the target system)

Linux server penetration testing project

Page 22: Linux server penetration testing project

22

Linux server penetration testing project

Embedded backdoors Step2 (Out of the target system)

Page 23: Linux server penetration testing project

23

Linux server penetration testing project

Embedded backdoors Step3 (Enter target without login)

Page 24: Linux server penetration testing project

24

Linux server penetration testing project

Page 25: Linux server penetration testing project

25

Linux server penetration testing project

Page 26: Linux server penetration testing project

26

Linux server penetration testing project


DNS Server Linux

DNS Server Linux

Documents
CA Embedded Entitlements Manager Workload Automation A… · Linux x86/64 SUSE Linux Enterprise Server 10, SUSE Linux Enterprise Server 11 Red Hat Enterprise Linux Server 5, Red Hat

CA Embedded Entitlements Manager Workload Automation A… · Linux x86/64 SUSE Linux Enterprise Server 10, SUSE Linux Enterprise Server 11 Red Hat Enterprise Linux Server 5, Red Hat

Documents
Vembu BDR Server Installation Guide - Linux · Vembu BDR Server Installation Guide - Linux Vembu BDR Server Installation Guide - Linux Vembu BDR server is currently supported for

Vembu BDR Server Installation Guide - Linux · Vembu BDR Server Installation Guide - Linux Vembu BDR Server Installation Guide - Linux Vembu BDR server is currently supported for

Documents
Penetration Test Process Specification · Penetration test for Linux operating system entos. Database System Penetration test for MySQL and MongoD . Application System Penetration

Penetration Test Process Specification · Penetration test for Linux operating system entos. Database System Penetration test for MySQL and MongoD . Application System Penetration

Documents
Linux Server Hacks

Linux Server Hacks

Documents
Kali Linux Wireless Penetration Testing Beginner's Guide - Sample Chapter

Kali Linux Wireless Penetration Testing Beginner's Guide - Sample Chapter

Technology
Linux Virtual Server Administration

Linux Virtual Server Administration

Documents
SUSE Linux Enterprise Server for SAP Applications · SUSE ® Linux Enterprise Server for SAP Applications. 2 SUSE Linux Enterprise Server for SAP ... SUSE Linux Enterprise High Availability

SUSE Linux Enterprise Server for SAP Applications · SUSE ® Linux Enterprise Server for SAP Applications. 2 SUSE Linux Enterprise Server for SAP ... SUSE Linux Enterprise High Availability

Documents
BackBox Linux: Simulazione di un Penetration Test e CTF

BackBox Linux: Simulazione di un Penetration Test e CTF

Technology
Linux distributions. Ubuntu Server

Linux distributions. Ubuntu Server

Technology
Network Security-Penetration Testing Using Kali Linux

Network Security-Penetration Testing Using Kali Linux

Documents
SUSE Linux Enterprise Server for SAP Applications · PDF file2 SUSE Linux Enterprise Server for SAP Agenda •Why Linux? •SUSE Linux Enterprise Platform •SUSE Linux Enterprise

SUSE Linux Enterprise Server for SAP Applications · PDF file2 SUSE Linux Enterprise Server for SAP Agenda •Why Linux? •SUSE Linux Enterprise Platform •SUSE Linux Enterprise

Documents
(Linux Server Admin)

(Linux Server Admin)

Documents
Web Penetration Testing with Kali Linux - Packt

Web Penetration Testing with Kali Linux - Packt

Documents
Linux Virtual Server (LVS) for Red Hat Enterprise Linux 5 · Linux Virtual Server Administration Linux Virtual Server (LVS) for Red Hat Enterprise Linux 5.2 Virtual_Server_Administration

Linux Virtual Server (LVS) for Red Hat Enterprise Linux 5 · Linux Virtual Server Administration Linux Virtual Server (LVS) for Red Hat Enterprise Linux 5.2 Virtual_Server_Administration

Documents
cPanel // Linux Server · PDF fileAKJZNAzsqknsxxkjnsjx Getting Started Guide Page 1 cPanel // Linux Server Getting Started Guide cPanel for your Linux Server

cPanel // Linux Server · PDF fileAKJZNAzsqknsxxkjnsjx Getting Started Guide Page 1 cPanel // Linux Server Getting Started Guide cPanel for your Linux Server

Documents
Linux ubuntu server

Linux ubuntu server

Education
Kernel Messages - SUSE Linux Enterprise Server 12 · System z® specific Linux kernel modules on SUSE Linux Enterprise Server 12. On SUSE Linux Enterprise Server 12, these messages

Kernel Messages - SUSE Linux Enterprise Server 12 · System z® specific Linux kernel modules on SUSE Linux Enterprise Server 12. On SUSE Linux Enterprise Server 12, these messages

Documents
web penetration testing with kali linux

web penetration testing with kali linux

Technology
BackBox Linux: Simulazione di un Penetration Test

BackBox Linux: Simulazione di un Penetration Test

Technology
Small Business Server 2003 Linux Small Business Server versus Linux functionality

Small Business Server 2003 Linux Small Business Server versus Linux functionality

Documents
Secure Penetration Testing Operations - Black Hat · Secure Penetration Testing Operations ... Host Security, Penetration Tester . ... validate server & client certificates

Secure Penetration Testing Operations - Black Hat · Secure Penetration Testing Operations ... Host Security, Penetration Tester . ... validate server & client certificates

Documents
for your Linux Server

for your Linux Server

Documents
SUSE Linux Enterprise Server 12 - cloudstore.interoute.com · SUSE ® Linux Enterprise Server 12 Virtualization Technologies Product Guide Guide Server

SUSE Linux Enterprise Server 12 - cloudstore.interoute.com · SUSE ® Linux Enterprise Server 12 Virtualization Technologies Product Guide Guide Server

Documents
Linux Server Start

Linux Server Start

Documents
Kali Linux Wireless Penetration Testing Essentials - Sample Chapter

Kali Linux Wireless Penetration Testing Essentials - Sample Chapter

Technology
Virtual Server Administration - Linux Virtual Server (LVS ... · Red Hat Enterprise Linux 5 Virtual Server Administration Linux Virtual Server (LVS) for Red Hat Enterprise Linux

Virtual Server Administration - Linux Virtual Server (LVS ... · Red Hat Enterprise Linux 5 Virtual Server Administration Linux Virtual Server (LVS) for Red Hat Enterprise Linux

Documents
Kernel Messages - SUSE Linux Enterprise Server 12 SP2 · 2016. 11. 4. · specific Linux kernel modules on SUSE Linux Enterprise Server 12 SP2. On SUSE Linux Enterprise Server 12

Kernel Messages - SUSE Linux Enterprise Server 12 SP2 · 2016. 11. 4. · specific Linux kernel modules on SUSE Linux Enterprise Server 12 SP2. On SUSE Linux Enterprise Server 12

Documents
Dissecting Java Server Faces for Penetration Testing

Dissecting Java Server Faces for Penetration Testing

Technology
Move or Migrate User Accounts From Old Linux Server to a New Linux Server

Move or Migrate User Accounts From Old Linux Server to a New Linux Server

Documents