Upload File

professional penetration testingctf6 – lamp sec

  • Home
  • Documents
  • Professional Penetration TestingCTF6 – LAMP Sec
108
Professional Penetration Testing CTF6 – LAMP Sec @ElHackLab @Autodidactas_Co #ElHackLab

Upload: el-hacklab

Post on 07-Mar-2016

221 views

Category:

Documents


5 download

Report

Tags:

DESCRIPTION

Professional Penetration Testing CTF6 – LAMP Sec

TRANSCRIPT

Page 1: Professional Penetration TestingCTF6 – LAMP Sec

Professional Penetration Testing CTF6 – LAMP Sec

@ElHackLab @Autodidactas_Co #ElHackLab

Page 2: Professional Penetration TestingCTF6 – LAMP Sec

Professional Penetration Testing – CTF 6 LAMP Sec

@ElHackLab @Autodidactas_Co #ElHackLab

Implementación – Sistema Objetivo (CTF6 LAMP Sec)

Page 3: Professional Penetration TestingCTF6 – LAMP Sec

Professional Penetration Testing – CTF 6 LAMP Sec

@ElHackLab @Autodidactas_Co #ElHackLab

Implementación – PenTester (BackTrack)+Windows (7)

Page 4: Professional Penetration TestingCTF6 – LAMP Sec

Professional Penetration Testing – CTF 6 LAMP Sec

@ElHackLab @Autodidactas_Co #ElHackLab

Implementación – Configuración de Red (NAT)

Page 5: Professional Penetration TestingCTF6 – LAMP Sec

Professional Penetration Testing – CTF 6 LAMP Sec

@ElHackLab @Autodidactas_Co #ElHackLab

Metodología Test de Penetración

• Objetivos, Límites, Equipamiento, Entornos, Prioridades, Técnicas.

Planeación y Determinación

de Alcances

• Técnicas de reconocimiento estratégicas: Activas y Pasivas.

Recolección de Información • Selección de targets,

Footprinting, Network Enumeration.

Enumeración

•Identificación manual y automática. Vulnerabilidades de red, S.O, Apps, personas, Dispositivos.

• Análisis Manual

Identificación y Análisis de

Vulnerabilidades • Explotación remota y local

• Elevación de privilegios

Explotación y Post-Explotación

de Vulnerabilidades

•Informes Ejecutivo y Técnico

• Estadísticas.

Reportes

Page 6: Professional Penetration TestingCTF6 – LAMP Sec

Professional Penetration Testing – CTF 6 LAMP Sec

@ElHackLab @Autodidactas_Co #ElHackLab

Recolección de Información + Enumeración: NetworkMapping - Netdiscover

Page 7: Professional Penetration TestingCTF6 – LAMP Sec

Professional Penetration Testing – CTF 6 LAMP Sec

@ElHackLab @Autodidactas_Co #ElHackLab

Recolección de Información + Enumeración: Port Scanning - Nmap

Page 8: Professional Penetration TestingCTF6 – LAMP Sec

Professional Penetration Testing – CTF 6 LAMP Sec

@ElHackLab @Autodidactas_Co #ElHackLab

Recolección de Información + Enumeración: Port Scanning - Nmap

Page 9: Professional Penetration TestingCTF6 – LAMP Sec

Professional Penetration Testing – CTF 6 LAMP Sec

@ElHackLab @Autodidactas_Co #ElHackLab

Recolección de Información + Enumeración: Port Scanning - Nmap

Page 10: Professional Penetration TestingCTF6 – LAMP Sec

Professional Penetration Testing – CTF 6 LAMP Sec

@ElHackLab @Autodidactas_Co #ElHackLab

Recolección de Información + Enumeración: O.S Identification - Nmap

Page 11: Professional Penetration TestingCTF6 – LAMP Sec

Professional Penetration Testing – CTF 6 LAMP Sec

@ElHackLab @Autodidactas_Co #ElHackLab

Recolección de Información + Enumeración: Web Analysis - Mantra

Page 12: Professional Penetration TestingCTF6 – LAMP Sec

Professional Penetration Testing – CTF 6 LAMP Sec

@ElHackLab @Autodidactas_Co #ElHackLab

Recolección de Información + Enumeración: Web Analysis – Burp Suite

Page 13: Professional Penetration TestingCTF6 – LAMP Sec

Professional Penetration Testing – CTF 6 LAMP Sec

@ElHackLab @Autodidactas_Co #ElHackLab

Recolección de Información + Enumeración: Web Analysis – Burp Suite

Page 14: Professional Penetration TestingCTF6 – LAMP Sec

Professional Penetration Testing – CTF 6 LAMP Sec

@ElHackLab @Autodidactas_Co #ElHackLab

Recolección de Información + Enumeración: Web Analysis – Burp Suite

Page 15: Professional Penetration TestingCTF6 – LAMP Sec

Professional Penetration Testing – CTF 6 LAMP Sec

@ElHackLab @Autodidactas_Co #ElHackLab

Recolección de Información + Enumeración: Web Analysis – Burp Suite

Page 16: Professional Penetration TestingCTF6 – LAMP Sec

Professional Penetration Testing – CTF 6 LAMP Sec

@ElHackLab @Autodidactas_Co #ElHackLab

Recolección de Información + Enumeración: Web Analysis – WhatWeb

Page 17: Professional Penetration TestingCTF6 – LAMP Sec

Professional Penetration Testing – CTF 6 LAMP Sec

@ElHackLab @Autodidactas_Co #ElHackLab

Recolección de Información + Enumeración: Web Analysis – WhatWeb

Page 18: Professional Penetration TestingCTF6 – LAMP Sec

Professional Penetration Testing – CTF 6 LAMP Sec

@ElHackLab @Autodidactas_Co #ElHackLab

Recolección de Información + Enumeración: Web Analysis – WhatWeb

Page 19: Professional Penetration TestingCTF6 – LAMP Sec

Professional Penetration Testing – CTF 6 LAMP Sec

@ElHackLab @Autodidactas_Co #ElHackLab

Recolección de Información + Enumeración: Source Code Analysis

Page 20: Professional Penetration TestingCTF6 – LAMP Sec

Professional Penetration Testing – CTF 6 LAMP Sec

@ElHackLab @Autodidactas_Co #ElHackLab

Recolección de Información + Enumeración: List-Urls.py

Page 21: Professional Penetration TestingCTF6 – LAMP Sec

Professional Penetration Testing – CTF 6 LAMP Sec

@ElHackLab @Autodidactas_Co #ElHackLab

Recolección de Información + Enumeración: Manual Analysis

Page 22: Professional Penetration TestingCTF6 – LAMP Sec

Professional Penetration Testing – CTF 6 LAMP Sec

@ElHackLab @Autodidactas_Co #ElHackLab

Recolección de Información + Enumeración: Manual Analysis

Page 23: Professional Penetration TestingCTF6 – LAMP Sec

Professional Penetration Testing – CTF 6 LAMP Sec

@ElHackLab @Autodidactas_Co #ElHackLab

Recolección de Información + Enumeración: Manual Analysis

Page 24: Professional Penetration TestingCTF6 – LAMP Sec

Professional Penetration Testing – CTF 6 LAMP Sec

@ElHackLab @Autodidactas_Co #ElHackLab

Recolección de Información + Enumeración: Manual Analysis

Page 25: Professional Penetration TestingCTF6 – LAMP Sec

Professional Penetration Testing – CTF 6 LAMP Sec

@ElHackLab @Autodidactas_Co #ElHackLab

Recolección de Información + Enumeración: Manual Analysis

Page 26: Professional Penetration TestingCTF6 – LAMP Sec

Professional Penetration Testing – CTF 6 LAMP Sec

@ElHackLab @Autodidactas_Co #ElHackLab

Recolección de Información + Enumeración: Manual Analysis

Page 27: Professional Penetration TestingCTF6 – LAMP Sec

Professional Penetration Testing – CTF 6 LAMP Sec

@ElHackLab @Autodidactas_Co #ElHackLab

Recolección de Información + Enumeración: Manual Analysis

Page 28: Professional Penetration TestingCTF6 – LAMP Sec

Professional Penetration Testing – CTF 6 LAMP Sec

@ElHackLab @Autodidactas_Co #ElHackLab

Recolección de Información + Enumeración: Manual Analysis

Page 29: Professional Penetration TestingCTF6 – LAMP Sec

Professional Penetration Testing – CTF 6 LAMP Sec

@ElHackLab @Autodidactas_Co #ElHackLab

Recolección de Información + Enumeración: OWASP DirBuster

Page 30: Professional Penetration TestingCTF6 – LAMP Sec

Professional Penetration Testing – CTF 6 LAMP Sec

@ElHackLab @Autodidactas_Co #ElHackLab

Recolección de Información + Enumeración: OWASP DirBuster

Page 31: Professional Penetration TestingCTF6 – LAMP Sec

Professional Penetration Testing – CTF 6 LAMP Sec

@ElHackLab @Autodidactas_Co #ElHackLab

Recolección de Información + Enumeración: Directorios + Archivos

• http://192.168.10.141/templates/ • http://192.168.10.141/mail/ • http://192.168.10.141/cgi-bin/ • http://192.168.10.141/docs/ • http://192.168.10.141/files/ • http://192.168.10.141/js/ • http://192.168.10.141/css/ • http://192.168.10.141/lib/ • http://192.168.10.141/manual/ • http://192.168.10.141/conf/ • http://192.168.10.141/inc/ • http://192.168.10.141/logs/ • http://192.168.10.141/sql/ • http://192.168.10.141/error/ • http://192.168.10.141/actions/ • http://192.168.10.141/phpmyadmin/

Page 32: Professional Penetration TestingCTF6 – LAMP Sec

Professional Penetration Testing – CTF 6 LAMP Sec

@ElHackLab @Autodidactas_Co #ElHackLab

Recolección de Información + Enumeración: Directorios + Archivos

Page 33: Professional Penetration TestingCTF6 – LAMP Sec

Professional Penetration Testing – CTF 6 LAMP Sec

@ElHackLab @Autodidactas_Co #ElHackLab

Recolección de Información + Enumeración: Directorios + Archivos

Page 34: Professional Penetration TestingCTF6 – LAMP Sec

Professional Penetration Testing – CTF 6 LAMP Sec

@ElHackLab @Autodidactas_Co #ElHackLab

Recolección de Información + Enumeración: Directorios + Archivos

Page 35: Professional Penetration TestingCTF6 – LAMP Sec

Professional Penetration Testing – CTF 6 LAMP Sec

@ElHackLab @Autodidactas_Co #ElHackLab

Recolección de Información + Enumeración: Directorios + Archivos

Page 36: Professional Penetration TestingCTF6 – LAMP Sec

Professional Penetration Testing – CTF 6 LAMP Sec

@ElHackLab @Autodidactas_Co #ElHackLab

Recolección de Información + Enumeración: Directorios + Archivos

Page 37: Professional Penetration TestingCTF6 – LAMP Sec

Professional Penetration Testing – CTF 6 LAMP Sec

@ElHackLab @Autodidactas_Co #ElHackLab

Recolección de Información + Enumeración: Directorios + Archivos

Page 38: Professional Penetration TestingCTF6 – LAMP Sec

Professional Penetration Testing – CTF 6 LAMP Sec

@ElHackLab @Autodidactas_Co #ElHackLab

Recolección de Información + Enumeración: Directorios + Archivos

Page 39: Professional Penetration TestingCTF6 – LAMP Sec

Professional Penetration Testing – CTF 6 LAMP Sec

@ElHackLab @Autodidactas_Co #ElHackLab

Recolección de Información + Enumeración: Directorios + Archivos

Page 40: Professional Penetration TestingCTF6 – LAMP Sec

Professional Penetration Testing – CTF 6 LAMP Sec

@ElHackLab @Autodidactas_Co #ElHackLab

Recolección de Información + Enumeración: Directorios + Archivos

Page 41: Professional Penetration TestingCTF6 – LAMP Sec

Professional Penetration Testing – CTF 6 LAMP Sec

@ElHackLab @Autodidactas_Co #ElHackLab

Recolección de Información + Enumeración: Directorios + Archivos

Page 42: Professional Penetration TestingCTF6 – LAMP Sec

Professional Penetration Testing – CTF 6 LAMP Sec

@ElHackLab @Autodidactas_Co #ElHackLab

Recolección de Información + Enumeración: Directorios + Archivos

Page 43: Professional Penetration TestingCTF6 – LAMP Sec

Professional Penetration Testing – CTF 6 LAMP Sec

@ElHackLab @Autodidactas_Co #ElHackLab

Recolección de Información + Enumeración: Directorios + Archivos

Page 44: Professional Penetration TestingCTF6 – LAMP Sec

Professional Penetration Testing – CTF 6 LAMP Sec

@ElHackLab @Autodidactas_Co #ElHackLab

Recolección de Información + Enumeración: Directorios + Archivos

Page 45: Professional Penetration TestingCTF6 – LAMP Sec

Professional Penetration Testing – CTF 6 LAMP Sec

@ElHackLab @Autodidactas_Co #ElHackLab

Recolección de Información + Enumeración: Directorios + Archivos

Page 46: Professional Penetration TestingCTF6 – LAMP Sec

Professional Penetration Testing – CTF 6 LAMP Sec

@ElHackLab @Autodidactas_Co #ElHackLab

Recolección de Información + Enumeración: Directorios + Archivos

Page 47: Professional Penetration TestingCTF6 – LAMP Sec

Professional Penetration Testing – CTF 6 LAMP Sec

@ElHackLab @Autodidactas_Co #ElHackLab

Recolección de Información + Enumeración: Directorios + Archivos

Page 48: Professional Penetration TestingCTF6 – LAMP Sec

Professional Penetration Testing – CTF 6 LAMP Sec

@ElHackLab @Autodidactas_Co #ElHackLab

Recolección de Información + Enumeración: Directorios + Archivos

Page 49: Professional Penetration TestingCTF6 – LAMP Sec

Professional Penetration Testing – CTF 6 LAMP Sec

@ElHackLab @Autodidactas_Co #ElHackLab

Recolección de Información + Enumeración: Directorios + Archivos

Page 50: Professional Penetration TestingCTF6 – LAMP Sec

Professional Penetration Testing – CTF 6 LAMP Sec

@ElHackLab @Autodidactas_Co #ElHackLab

Exploración PHPMyAdmin

Page 51: Professional Penetration TestingCTF6 – LAMP Sec

Professional Penetration Testing – CTF 6 LAMP Sec

@ElHackLab @Autodidactas_Co #ElHackLab

Exploración PHPMyAdmin

Page 52: Professional Penetration TestingCTF6 – LAMP Sec

Professional Penetration Testing – CTF 6 LAMP Sec

@ElHackLab @Autodidactas_Co #ElHackLab

Exploración PHPMyAdmin

Page 53: Professional Penetration TestingCTF6 – LAMP Sec

Professional Penetration Testing – CTF 6 LAMP Sec

@ElHackLab @Autodidactas_Co #ElHackLab

HASH Cracking

Page 54: Professional Penetration TestingCTF6 – LAMP Sec

Professional Penetration Testing – CTF 6 LAMP Sec

@ElHackLab @Autodidactas_Co #ElHackLab

Exploración PHPMyAdmin

Page 55: Professional Penetration TestingCTF6 – LAMP Sec

Professional Penetration Testing – CTF 6 LAMP Sec

@ElHackLab @Autodidactas_Co #ElHackLab

Exploración PHPMyAdmin

Page 56: Professional Penetration TestingCTF6 – LAMP Sec

Professional Penetration Testing – CTF 6 LAMP Sec

@ElHackLab @Autodidactas_Co #ElHackLab

Exploración PHPMyAdmin

Page 57: Professional Penetration TestingCTF6 – LAMP Sec

Professional Penetration Testing – CTF 6 LAMP Sec

@ElHackLab @Autodidactas_Co #ElHackLab

Brute Force MySQL - HASH

Page 58: Professional Penetration TestingCTF6 – LAMP Sec

Professional Penetration Testing – CTF 6 LAMP Sec

@ElHackLab @Autodidactas_Co #ElHackLab

Brute Force MySQL - HASH

Page 59: Professional Penetration TestingCTF6 – LAMP Sec

Professional Penetration Testing – CTF 6 LAMP Sec

@ElHackLab @Autodidactas_Co #ElHackLab

Identificación de Vulnerabilidades + Enumeración: Directorios + Archivos - Nikto

Page 60: Professional Penetration TestingCTF6 – LAMP Sec

Professional Penetration Testing – CTF 6 LAMP Sec

@ElHackLab @Autodidactas_Co #ElHackLab

Análisis de Vulnerabilidades + Enumeración: Source Code Analysis

Page 61: Professional Penetration TestingCTF6 – LAMP Sec

Professional Penetration Testing – CTF 6 LAMP Sec

@ElHackLab @Autodidactas_Co #ElHackLab

Análisis de Vulnerabilidades + Enumeración: Source Code Analysis

Page 62: Professional Penetration TestingCTF6 – LAMP Sec

Professional Penetration Testing – CTF 6 LAMP Sec

@ElHackLab @Autodidactas_Co #ElHackLab

Análisis de Vulnerabilidades + Enumeración: Source Code Analysis

Page 63: Professional Penetration TestingCTF6 – LAMP Sec

Professional Penetration Testing – CTF 6 LAMP Sec

@ElHackLab @Autodidactas_Co #ElHackLab

Análisis de Vulnerabilidades + Enumeración: Source Code Analysis

Page 64: Professional Penetration TestingCTF6 – LAMP Sec

Professional Penetration Testing – CTF 6 LAMP Sec

@ElHackLab @Autodidactas_Co #ElHackLab

Explotación de Vulnerabilidades + Inyección + SQLi – Top 10 OWASP A1

Page 65: Professional Penetration TestingCTF6 – LAMP Sec

Professional Penetration Testing – CTF 6 LAMP Sec

@ElHackLab @Autodidactas_Co #ElHackLab

Explotación de Vulnerabilidades + Inyección + SQLi – Top 10 OWASP A1 - Login

Page 66: Professional Penetration TestingCTF6 – LAMP Sec

Professional Penetration Testing – CTF 6 LAMP Sec

@ElHackLab @Autodidactas_Co #ElHackLab

Explotación de Vulnerabilidades + Inyección + SQLi – Top 10 OWASP A1 - Login

Page 67: Professional Penetration TestingCTF6 – LAMP Sec

Professional Penetration Testing – CTF 6 LAMP Sec

@ElHackLab @Autodidactas_Co #ElHackLab

Explotación de Vulnerabilidades + Inyección + SQLi – Top 10 OWASP A1 - Login

Page 68: Professional Penetration TestingCTF6 – LAMP Sec

Professional Penetration Testing – CTF 6 LAMP Sec

@ElHackLab @Autodidactas_Co #ElHackLab

Explotación de Vulnerabilidades + Inyección + SQLi – Top 10 OWASP A1 - Login

Page 69: Professional Penetration TestingCTF6 – LAMP Sec

Professional Penetration Testing – CTF 6 LAMP Sec

@ElHackLab @Autodidactas_Co #ElHackLab

Explotación de Vulnerabilidades + Inyección + SQLi – Top 10 OWASP A1 – id=X

Page 70: Professional Penetration TestingCTF6 – LAMP Sec

Professional Penetration Testing – CTF 6 LAMP Sec

@ElHackLab @Autodidactas_Co #ElHackLab

Explotación de Vulnerabilidades + Inyección + SQLi – Top 10 OWASP A1 – id=X

Page 71: Professional Penetration TestingCTF6 – LAMP Sec

Professional Penetration Testing – CTF 6 LAMP Sec

@ElHackLab @Autodidactas_Co #ElHackLab

Explotación de Vulnerabilidades + Inyección + SQLi – Top 10 OWASP A1 – id=X

Page 72: Professional Penetration TestingCTF6 – LAMP Sec

Professional Penetration Testing – CTF 6 LAMP Sec

@ElHackLab @Autodidactas_Co #ElHackLab

Explotación de Vulnerabilidades + Inyección + SQLi – Top 10 OWASP A1 – id=X

Page 73: Professional Penetration TestingCTF6 – LAMP Sec

Professional Penetration Testing – CTF 6 LAMP Sec

@ElHackLab @Autodidactas_Co #ElHackLab

Explotación de Vulnerabilidades + Inyección + SQLi – Top 10 OWASP A1 – id=X

Page 74: Professional Penetration TestingCTF6 – LAMP Sec

Professional Penetration Testing – CTF 6 LAMP Sec

@ElHackLab @Autodidactas_Co #ElHackLab

Explotación de Vulnerabilidades + Inyección + SQLi – Top 10 OWASP A1 – id=X

Page 75: Professional Penetration TestingCTF6 – LAMP Sec

Professional Penetration Testing – CTF 6 LAMP Sec

@ElHackLab @Autodidactas_Co #ElHackLab

Explotación de Vulnerabilidades + Inyección + SQLi – Top 10 OWASP A1 – id=X

Page 76: Professional Penetration TestingCTF6 – LAMP Sec

Professional Penetration Testing – CTF 6 LAMP Sec

@ElHackLab @Autodidactas_Co #ElHackLab

Explotación de Vulnerabilidades + Inyección + SQLi – Top 10 OWASP A1 – id=X

Page 77: Professional Penetration TestingCTF6 – LAMP Sec

Professional Penetration Testing – CTF 6 LAMP Sec

@ElHackLab @Autodidactas_Co #ElHackLab

Explotación de Vulnerabilidades + Inyección + SQLi – Top 10 OWASP A1 – id=X

Page 78: Professional Penetration TestingCTF6 – LAMP Sec

Professional Penetration Testing – CTF 6 LAMP Sec

@ElHackLab @Autodidactas_Co #ElHackLab

Explotación de Vulnerabilidades + Inyección + SQLi – Top 10 OWASP A1 – id=X

Page 79: Professional Penetration TestingCTF6 – LAMP Sec

Professional Penetration Testing – CTF 6 LAMP Sec

@ElHackLab @Autodidactas_Co #ElHackLab

Explotación de Vulnerabilidades + Inyección + SQLi – Top 10 OWASP A1 – id=X

Page 80: Professional Penetration TestingCTF6 – LAMP Sec

Professional Penetration Testing – CTF 6 LAMP Sec

@ElHackLab @Autodidactas_Co #ElHackLab

Explotación de Vulnerabilidades + Inyección + SQLi – Top 10 OWASP A1 – id=X

Page 81: Professional Penetration TestingCTF6 – LAMP Sec

Professional Penetration Testing – CTF 6 LAMP Sec

@ElHackLab @Autodidactas_Co #ElHackLab

Explotación de Vulnerabilidades + Inyección + SQLi – Top 10 OWASP A1 – id=X

Page 82: Professional Penetration TestingCTF6 – LAMP Sec

Professional Penetration Testing – CTF 6 LAMP Sec

@ElHackLab @Autodidactas_Co #ElHackLab

Explotación de Vulnerabilidades + Inyección + SQLi – Top 10 OWASP A1 – id=X

Page 83: Professional Penetration TestingCTF6 – LAMP Sec

Professional Penetration Testing – CTF 6 LAMP Sec

@ElHackLab @Autodidactas_Co #ElHackLab

Explotación de Vulnerabilidades + Inyección + SQLi – Top 10 OWASP A1 – id=X

Page 84: Professional Penetration TestingCTF6 – LAMP Sec

Professional Penetration Testing – CTF 6 LAMP Sec

@ElHackLab @Autodidactas_Co #ElHackLab

Explotación de Vulnerabilidades + Inyección + SQLi – Top 10 OWASP A1 – id=X

Page 85: Professional Penetration TestingCTF6 – LAMP Sec

Professional Penetration Testing – CTF 6 LAMP Sec

@ElHackLab @Autodidactas_Co #ElHackLab

Explotación de Vulnerabilidades + Inyección + SQLi – Top 10 OWASP A1 – id=X

Page 86: Professional Penetration TestingCTF6 – LAMP Sec

Professional Penetration Testing – CTF 6 LAMP Sec

@ElHackLab @Autodidactas_Co #ElHackLab

Explotación de Vulnerabilidades + Inyección + SQLi – Top 10 OWASP A1 – id=X

Page 87: Professional Penetration TestingCTF6 – LAMP Sec

Professional Penetration Testing – CTF 6 LAMP Sec

@ElHackLab @Autodidactas_Co #ElHackLab

Explotación de Vulnerabilidades + Inyección + SQLi – Top 10 OWASP A1 – id=X

Page 88: Professional Penetration TestingCTF6 – LAMP Sec

Professional Penetration Testing – CTF 6 LAMP Sec

@ElHackLab @Autodidactas_Co #ElHackLab

Explotación de Vulnerabilidades + Inyección + SQLi – Top 10 OWASP A1 – id=X

Page 89: Professional Penetration TestingCTF6 – LAMP Sec

Professional Penetration Testing – CTF 6 LAMP Sec

@ElHackLab @Autodidactas_Co #ElHackLab

Explotación de Vulnerabilidades + Inyección + SQLi – Top 10 OWASP A1 – id=X

Page 90: Professional Penetration TestingCTF6 – LAMP Sec

Professional Penetration Testing – CTF 6 LAMP Sec

@ElHackLab @Autodidactas_Co #ElHackLab

Explotación de Vulnerabilidades + Inyección + SQLi – Top 10 OWASP A1 – id=X

Page 91: Professional Penetration TestingCTF6 – LAMP Sec

Professional Penetration Testing – CTF 6 LAMP Sec

@ElHackLab @Autodidactas_Co #ElHackLab

Explotación de Vulnerabilidades + Inyección + SQLi – Top 10 OWASP A1 – id=X

Page 92: Professional Penetration TestingCTF6 – LAMP Sec

Professional Penetration Testing – CTF 6 LAMP Sec

@ElHackLab @Autodidactas_Co #ElHackLab

Explotación de Vulnerabilidades + Inyección + SQLi – Top 10 OWASP A1 – id=X

Page 93: Professional Penetration TestingCTF6 – LAMP Sec

Professional Penetration Testing – CTF 6 LAMP Sec

@ElHackLab @Autodidactas_Co #ElHackLab

Explotación de Vulnerabilidades + Inyección + SQLi – Top 10 OWASP A1 – id=X

Page 94: Professional Penetration TestingCTF6 – LAMP Sec

Professional Penetration Testing – CTF 6 LAMP Sec

@ElHackLab @Autodidactas_Co #ElHackLab

Explotación de Vulnerabilidades + Inyección + SQLi – Top 10 OWASP A1 – id=X

Page 95: Professional Penetration TestingCTF6 – LAMP Sec

Professional Penetration Testing – CTF 6 LAMP Sec

@ElHackLab @Autodidactas_Co #ElHackLab

Explotación de Vulnerabilidades + Inyección + SQLi – Top 10 OWASP A1 – id=X

Page 96: Professional Penetration TestingCTF6 – LAMP Sec

Professional Penetration Testing – CTF 6 LAMP Sec

@ElHackLab @Autodidactas_Co #ElHackLab

Explotación de Vulnerabilidades + Inyección + SQLi – Top 10 OWASP A1 – id=X

Page 97: Professional Penetration TestingCTF6 – LAMP Sec

Professional Penetration Testing – CTF 6 LAMP Sec

@ElHackLab @Autodidactas_Co #ElHackLab

Explotación de Vulnerabilidades + Inyección + SQLi – Top 10 OWASP A1 – id=X

Page 98: Professional Penetration TestingCTF6 – LAMP Sec

Professional Penetration Testing – CTF 6 LAMP Sec

@ElHackLab @Autodidactas_Co #ElHackLab

Explotación de Vulnerabilidades + Inyección + SQLi – Top 10 OWASP A1 – id=X

Page 99: Professional Penetration TestingCTF6 – LAMP Sec

Professional Penetration Testing – CTF 6 LAMP Sec

@ElHackLab @Autodidactas_Co #ElHackLab

Explotación de Vulnerabilidades + Inyección + SQLi – Top 10 OWASP A1 – id=X

Page 100: Professional Penetration TestingCTF6 – LAMP Sec

Professional Penetration Testing – CTF 6 LAMP Sec

@ElHackLab @Autodidactas_Co #ElHackLab

Escalada de Privilegios – Post Exploitation

sh-3.2$ cat /etc/passwd root:x:0:0:root:/root:/bin/bash bin:x:1:1:bin:/bin:/sbin/nologin daemon:x:2:2:daemon:/sbin:/sbin/nologin adm:x:3:4:adm:/var/adm:/sbin/nologin lp:x:4:7:lp:/var/spool/lpd:/sbin/nologin sync:x:5:0:sync:/sbin:/bin/sync shutdown:x:6:0:shutdown:/sbin:/sbin/shutdown halt:x:7:0:halt:/sbin:/sbin/halt mail:x:8:12:mail:/var/spool/mail:/sbin/nologin news:x:9:13:news:/etc/news: uucp:x:10:14:uucp:/var/spool/uucp:/sbin/nologin operator:x:11:0:operator:/root:/sbin/nologin games:x:12:100:games:/usr/games:/sbin/nologin gopher:x:13:30:gopher:/var/gopher:/sbin/nologin ftp:x:14:50:FTP User:/var/ftp:/sbin/nologin nobody:x:99:99:Nobody:/:/sbin/nologin rpm:x:37:37::/var/lib/rpm:/sbin/nologin dbus:x:81:81:System message bus:/:/sbin/nologin avahi:x:70:70:Avahi daemon:/:/sbin/nologin mailnull:x:47:47::/var/spool/mqueue:/sbin/nologin smmsp:x:51:51::/var/spool/mqueue:/sbin/nologin

Page 101: Professional Penetration TestingCTF6 – LAMP Sec

Professional Penetration Testing – CTF 6 LAMP Sec

@ElHackLab @Autodidactas_Co #ElHackLab

Escalada de Privilegios – Post Exploitation

distcache:x:94:94:Distcache:/:/sbin/nologin apache:x:48:48:Apache:/var/www:/sbin/nologin nscd:x:28:28:NSCD Daemon:/:/sbin/nologin vcsa:x:69:69:virtual console memory owner:/dev:/sbin/nologin rpc:x:32:32:Portmapper RPC user:/:/sbin/nologin rpcuser:x:29:29:RPC Service User:/var/lib/nfs:/sbin/nologin nfsnobody:x:65534:65534:Anonymous NFS User:/var/lib/nfs:/sbin/nologin sshd:x:74:74:Privilege-separated SSH:/var/empty/sshd:/sbin/nologin squid:x:23:23::/var/spool/squid:/sbin/nologin mysql:x:27:27:MySQL Server:/var/lib/mysql:/bin/bash pcap:x:77:77::/var/arpwatch:/sbin/nologin haldaemon:x:68:68:HAL daemon:/:/sbin/nologin dovecot:x:97:97:dovecot:/usr/libexec/dovecot:/sbin/nologin john:x:500:500::/home/john:/bin/bash linda:x:501:501::/home/linda:/bin/bash fred:x:502:502::/home/fred:/bin/bash molly:x:503:503::/home/molly:/bin/bash toby:x:504:504::/home/toby:/bin/bash

Page 102: Professional Penetration TestingCTF6 – LAMP Sec

Professional Penetration Testing – CTF 6 LAMP Sec

@ElHackLab @Autodidactas_Co #ElHackLab

Escalada de Privilegios – Post Exploitation

sh-3.2$ cat /etc/group root:x:0:root bin:x:1:root,bin,daemon daemon:x:2:root,bin,daemon sys:x:3:root,bin,adm adm:x:4:root,adm,daemon tty:x:5: disk:x:6:root lp:x:7:daemon,lp mem:x:8: kmem:x:9: wheel:x:10:root mail:x:12:mail news:x:13:news uucp:x:14:uucp man:x:15: games:x:20: gopher:x:30: dip:x:40: ftp:x:50:

Page 103: Professional Penetration TestingCTF6 – LAMP Sec

Professional Penetration Testing – CTF 6 LAMP Sec

@ElHackLab @Autodidactas_Co #ElHackLab

Escalada de Privilegios – Post Exploitation

lock:x:54: nobody:x:99: users:x:100: rpm:x:37: dbus:x:81: utmp:x:22: avahi:x:70: mailnull:x:47: smmsp:x:51: distcache:x:94: apache:x:48: nscd:x:28: utempter:x:35: floppy:x:19: vcsa:x:69: rpc:x:32: rpcuser:x:29: nfsnobody:x:65534: sshd:x:74:

Page 104: Professional Penetration TestingCTF6 – LAMP Sec

Professional Penetration Testing – CTF 6 LAMP Sec

@ElHackLab @Autodidactas_Co #ElHackLab

Escalada de Privilegios – Post Exploitation

squid:x:23: mysql:x:27: pcap:x:77: slocate:x:21: haldaemon:x:68: dovecot:x:97: john:x:500: linda:x:501: fred:x:502: molly:x:503: toby:x:504:

Page 105: Professional Penetration TestingCTF6 – LAMP Sec

Professional Penetration Testing – CTF 6 LAMP Sec

@ElHackLab @Autodidactas_Co #ElHackLab

Escalada de Privilegios – Post Exploitation

Page 106: Professional Penetration TestingCTF6 – LAMP Sec

Professional Penetration Testing – CTF 6 LAMP Sec

@ElHackLab @Autodidactas_Co #ElHackLab

Escalada de Privilegios – Post Exploitation

Page 107: Professional Penetration TestingCTF6 – LAMP Sec

Professional Penetration Testing – CTF 6 LAMP Sec

@ElHackLab @Autodidactas_Co #ElHackLab

Escalada de Privilegios – Post Exploitation

Page 108: Professional Penetration TestingCTF6 – LAMP Sec

Professional Penetration Testing – CTF 6 LAMP Sec

@ElHackLab @Autodidactas_Co #ElHackLab

Escalada de Privilegios – Post Exploitation


Penetration Mechanism of Partial Penetration Electron Beam Welding

Writing a Penetration Testing Report - Abaxio · (Sample Penetration Testing Report Black Box Penetration Testing For GPEN.KM V1.0 Month dd th, ... Title Black Box Penetration Testing

Xenon lamp, Xenon flash lamp, Mercury-Xenon lamp, … · 2011-11-07 · Xenon lamp, Xenon flash lamp, Mercury-Xenon lamp, Deuterium lamp and Hollow cathode lamp. 2 1 CONTENTS LIGHT

LAMP. TAVOLO - TABLE LAMP CU LUCI LAMP. PARETE - W AL … · lamp. terra - floor lamp lamp. tavolo - table lamp lamp. parete - w al mp lamp. soffitto - celing lamp lamp. sospen. -

FILTER€¦ · Test Filter Type - Performance Particle Filtration to register: Test 1: Penetration (media calculated 30 sec after the test beginning) Test 2: Max Penetration till

Model meX+20 lite meX+20 meX+40 meX+60 meX+100 · 2017-07-28 · Lamp 50 W Halogen LED LED LED LED Auto Timer 30 sec. 30 sec. 30 sec. 30 sec. 30 sec. Laser Pointer single laser dual

Web Application Penetration Testing · Penetration Testing By: Frank Coburn & Haris Mahboob. Take Aways Overview of the web app penetration ... §Penetration testing vs vulnerability

The New SEC system - mruc.netmruc.net/uploads/posts/b17695616c422ec8d9dadafc1c3eec26.pdfto the system, because “consumer durables” penetration will change faster than education

Market Penetration and Acquisition Strategies for …klausmeyer.co.uk/publications/2006_meyer_tran_LRP_final.pdf · Market Penetration and Acquisition Strategies for ... Market Penetration

6 Sec Lighting Lum C-KK - flexproltd.com_MFW... · lor 3x26W. CFL/PL Series lamp at 240V. AC. (Integral type) or 300W. GLS. Or 250W. HPMV/HPSV/MH or 150W HPSV Lamp at 240V. AC. (Non-Integral

WoVG Standard - Information Security - Penetration Testing ... · PDF filePenetration testing (SEC/STD/03) ... A penetration test is a limited snapshot of the security controls at

 · FINAL LIST OF CANDIDATES AFTER APPROVAL OF PANEL AND SYMBOL ALLOCATION Name of the Constituency : MUMBAI CST - 01 1 Symbol LAMP LA Mp LA Mp LAMP LAMP LAMP LAMP LAM p LAMP LAMP

Penetration testing

DROPLET IMPACT AND PENETRATION ONTO … · droplet impact and penetration into structured permeable geometries using ANSYS ... Liquid front penetration for no ... penetration according

Lamp Efficacy, Lumen Maintenance, Lamp Life and ...united4efficiency.org/wp-content/uploads/2017/01/Lamp-Efficacy... · Lamp Efficacy, Lumen Maintenance, Lamp Life and Measurement

Penetration enhancers

WALL LAMP TABLE LAMP CEILING LAMP LAMP SHADES · 2019. 12. 24. · MRP: 1200 Table Lamp 3D Glass Flower 44039011 Size : 11.5 x 14 cm Table Lamp 3D Glass Butterfly Article No: 44039010

UNIT I SITE INVESTIGATION AND SELECTION OF FOUNDATION · Standard penetration test (SPT) Static cone penetration test (CPT) Dynamic cone penetration test (DCPT) Standard penetration

auto-lighting (head-lamp and fog-lamp)

LAMP FREE SERIES - Solavanti Lighting...LAMP FREE SERIES LFS 6W table lamp black-brass dull 15W floor lamp black-brass dull 6W wall lamp black-brass dull 15W ceiling lamp black-brass

SEC No Action Letter Lamp Technologies, Inc. May, 29, 1998

BITUMINA - BITUMEN PENETRATION GRADE 60 70- …€¦ · BITUMEN PENETRATION GRADE 70/100 ... specified by the penetration and softening point test. ... BITUMINA - BITUMEN PENETRATION

sap penetration testing sap penetration testing - Black Hat

LIFI LCD Projection TV Service Training Guidediagramas.diagramasde.com/televisores/PT-xxLCX70_LIFI_LCD_PTV Training.pdfLIFI New Lamp Technology • Fast starting (less than 10 sec)

WISDOM Lamp catalog(v1.8) Cap Lamp & Multi Purpose Lamp

Lamp illuminazione working lamp 2014 3

LAMP. TAVOLO - TABLE LAMP CU LUCI LAMP. PARETE - W AL … · luci light lamp. terra - floor lamp lamp. tavolo - table lamp lamp. parete - w al mp lamp. soffitto - celing lamp lamp

ÐCED...Mythila Publishers, Puduvayal Download Question Bank From from the base of a lamp post at a speed of 1.2m/sec. If the lamp post is 3.6m above the ground, find the length of

Penetration Test Process Specification · Penetration test for Linux operating system entos. Database System Penetration test for MySQL and MongoD . Application System Penetration

Lotus Lamp Knappa IKEA Lamp Hack

One Hundred Tenth Congress of the United States of · PDF fileH.R.6—3 Sec. 322. Incandescent reflector lamp efficiency standards. Sec. 323. Public building energy efficient and renewable

QUICKTRONIC T8 Instant Start · Red. LAMP LAMP. QUICKTRONIC 2x96HO. Black White Yellow Yellow Blue Blue Red Red. BALLAST LAMP LAMP LAMP LAMP. Blue Blue Red. BALLAST. Black White Note:

Microalgae Lamp : A Lamp that absorbs CO2

Certificado - dsteamseguridaddsteamseguridad.com/movilesec/brochure-sec-moviles-2017.pdf · 2017. 3. 28. · Hacking ético – y-o Penetration Testing Conocimientos en hacking en

LED Corn Bulb Lamp Series - 1000Bulbs.com · High bay lamp Ceiling lamp Garden lamp Model:PLT-1103 AC100-277V 50-60Hz Power:10W CCT:5000K LED Corn Bulb lamp LED Corn Bulb lamp AC100-277V