An overview of essential information security concepts and tools is provided, including nmap, Burp Suite, IDOR, LFI, and SIEM platforms.
The initial attack phase begins with an nmap scan to discover open ports and services, identifying potential web applications and an Apache server.
After failed SQL injection attempts, access is gained by logging in with common default credentials and a path disclosure vulnerability is found via a malformed JSON.
A base64-encoded cookie is manipulated to access another organization's data, and fuzzing reveals a hidden admin parameter to view sensitive information.
A known path traversal vulnerability in the Apache server is exploited to read the `/etc/passwd` file and a sensitive configuration file containing credentials.
Using the leaked username, the password from the configuration file is modified by incrementing the year to successfully log into the server via SSH.
The defender analyzes API logs to identify failed SQL injection attempts, a successful login, parameter fuzzing, and cookie manipulation by observing response codes and body sizes.
Apache and authentication logs are examined to find evidence of the nmap scan, the path traversal exploit, and the final successful SSH login after several failed attempts.
A Security Information and Event Management (SIEM) tool is shown to automatically detect and flag suspicious activity, such as the nmap user agent, in real-time.
The workshop concludes with a summary of the attack chain and provides key recommendations for developers and defenders, such as patch management and maintaining high-quality logs.
43:56Mauro Verderosa
29:34Reto Kaeser
44:30Milecia McGregor
40:38Anna Bacher
37:32Martin Schmiedecker
57:47Fabien Vauchelles
1:41:05Mathias Tausig
45:19Reinhard Kugler
.png?w=240&auto=compress,format)
Jobs that call for the skills explored in this talk.
Bite Client
Atlanta, United States of America
Barcelona, Spain
GULP Information Services GmbH