smau milano 2013 giovanni cattani
TRANSCRIPT
![Page 1: Smau milano 2013 giovanni cattani](https://reader033.vdocuments.net/reader033/viewer/2022052907/558e99d81a28ab97708b4760/html5/thumbnails/1.jpg)
Penetration Testing Aziendale con BeEFGiovanni Cattani
Penetration Testing Aziendale con BeEF
![Page 2: Smau milano 2013 giovanni cattani](https://reader033.vdocuments.net/reader033/viewer/2022052907/558e99d81a28ab97708b4760/html5/thumbnails/2.jpg)
Penetration Testing Aziendale con BeEF
Giovanni CattaniSecurity Specialist @ Secure Network S.r.l.
#penetrationtest
#vulnerabilityassessment
#riskassessment
#web #mobile #network
![Page 3: Smau milano 2013 giovanni cattani](https://reader033.vdocuments.net/reader033/viewer/2022052907/558e99d81a28ab97708b4760/html5/thumbnails/3.jpg)
Penetration Testing Aziendale con BeEF
BeEF
The Browser Exploitation Framework
• Creato da Wade Alcorn nel 2005
• Gratuito e Open-Source
• Sviluppo continuo e rilasci mensili
• Sviluppato in Ruby (framework) e in JavaScript (moduli)
– I collaboratori sono sempre benvenuti!
beefproject.com
@beefproject
![Page 4: Smau milano 2013 giovanni cattani](https://reader033.vdocuments.net/reader033/viewer/2022052907/558e99d81a28ab97708b4760/html5/thumbnails/4.jpg)
Penetration Testing Aziendale con BeEF
Come Funziona
aggressore
![Page 5: Smau milano 2013 giovanni cattani](https://reader033.vdocuments.net/reader033/viewer/2022052907/558e99d81a28ab97708b4760/html5/thumbnails/5.jpg)
Penetration Testing Aziendale con BeEF
Come Funziona
aggressore
http://
![Page 6: Smau milano 2013 giovanni cattani](https://reader033.vdocuments.net/reader033/viewer/2022052907/558e99d81a28ab97708b4760/html5/thumbnails/6.jpg)
Penetration Testing Aziendale con BeEF
Come Funziona
aggressore
http://
![Page 7: Smau milano 2013 giovanni cattani](https://reader033.vdocuments.net/reader033/viewer/2022052907/558e99d81a28ab97708b4760/html5/thumbnails/7.jpg)
Penetration Testing Aziendale con BeEF
Come Funziona
aggressore
zombie
http://
zombie
zombie
zombie
zombie
![Page 8: Smau milano 2013 giovanni cattani](https://reader033.vdocuments.net/reader033/viewer/2022052907/558e99d81a28ab97708b4760/html5/thumbnails/8.jpg)
Penetration Testing Aziendale con BeEF
Come Funziona
aggressore
zombie
http://
zombie
zombie
zombie
zombie
![Page 9: Smau milano 2013 giovanni cattani](https://reader033.vdocuments.net/reader033/viewer/2022052907/558e99d81a28ab97708b4760/html5/thumbnails/9.jpg)
Penetration Testing Aziendale con BeEF
Come Funziona
aggressore
zombie
http://
zombie
zombie
zombie
zombie
![Page 10: Smau milano 2013 giovanni cattani](https://reader033.vdocuments.net/reader033/viewer/2022052907/558e99d81a28ab97708b4760/html5/thumbnails/10.jpg)
Penetration Testing Aziendale con BeEF
Troppo Smart
![Page 11: Smau milano 2013 giovanni cattani](https://reader033.vdocuments.net/reader033/viewer/2022052907/558e99d81a28ab97708b4760/html5/thumbnails/11.jpg)
Penetration Testing Aziendale con BeEF
E Non Solo…
![Page 12: Smau milano 2013 giovanni cattani](https://reader033.vdocuments.net/reader033/viewer/2022052907/558e99d81a28ab97708b4760/html5/thumbnails/12.jpg)
Penetration Testing Aziendale con BeEF
Nel Dettaglio
L’utente visitahttp://example.com
![Page 13: Smau milano 2013 giovanni cattani](https://reader033.vdocuments.net/reader033/viewer/2022052907/558e99d81a28ab97708b4760/html5/thumbnails/13.jpg)
Penetration Testing Aziendale con BeEF
Nel Dettaglio
http://x.x.x.x/hook.js La pagina caricahook.js
L’utente visitahttp://example.com
![Page 14: Smau milano 2013 giovanni cattani](https://reader033.vdocuments.net/reader033/viewer/2022052907/558e99d81a28ab97708b4760/html5/thumbnails/14.jpg)
Penetration Testing Aziendale con BeEF
Nel Dettaglio
http://x.x.x.x/hook.js La pagina caricahook.js
Invia dettagli del browser
L’utente visitahttp://example.com
![Page 15: Smau milano 2013 giovanni cattani](https://reader033.vdocuments.net/reader033/viewer/2022052907/558e99d81a28ab97708b4760/html5/thumbnails/15.jpg)
Penetration Testing Aziendale con BeEF
Nel Dettaglio
http://x.x.x.x/hook.js La pagina caricahook.js
Invia dettagli del browser
In attesa di comandi
L’utente visitahttp://example.com
![Page 16: Smau milano 2013 giovanni cattani](https://reader033.vdocuments.net/reader033/viewer/2022052907/558e99d81a28ab97708b4760/html5/thumbnails/16.jpg)
Penetration Testing Aziendale con BeEF
Nel Dettaglio
http://x.x.x.x/hook.js La pagina caricahook.js
Invia dettagli del browser
In attesa di comandi
L’aggressore inviaun comando
L’utente visitahttp://example.com
beef.execute()
![Page 17: Smau milano 2013 giovanni cattani](https://reader033.vdocuments.net/reader033/viewer/2022052907/558e99d81a28ab97708b4760/html5/thumbnails/17.jpg)
Penetration Testing Aziendale con BeEF
Nel Dettaglio
http://x.x.x.x/hook.js La pagina caricahook.js
Invia dettagli del browser
In attesa di comandi
L’aggressore inviaun comando
Il comando viene rilevato Il comando vieneeseguito!
L’utente visitahttp://example.com
beef.execute()
![Page 18: Smau milano 2013 giovanni cattani](https://reader033.vdocuments.net/reader033/viewer/2022052907/558e99d81a28ab97708b4760/html5/thumbnails/18.jpg)
Penetration Testing Aziendale con BeEF
Si Dice «Vintage»
![Page 19: Smau milano 2013 giovanni cattani](https://reader033.vdocuments.net/reader033/viewer/2022052907/558e99d81a28ab97708b4760/html5/thumbnails/19.jpg)
Penetration Testing Aziendale con BeEF
Carne Fresca
![Page 20: Smau milano 2013 giovanni cattani](https://reader033.vdocuments.net/reader033/viewer/2022052907/558e99d81a28ab97708b4760/html5/thumbnails/20.jpg)
Penetration Testing Aziendale con BeEF
A penetration test is a method ofevaluating the security of a computersystem or network by simulating anattack.
Source: https://www.owasp.org/index.php/Testing:_Introduction_and_objectives
![Page 21: Smau milano 2013 giovanni cattani](https://reader033.vdocuments.net/reader033/viewer/2022052907/558e99d81a28ab97708b4760/html5/thumbnails/21.jpg)
Penetration Testing Aziendale con BeEF
The Butcher
![Page 22: Smau milano 2013 giovanni cattani](https://reader033.vdocuments.net/reader033/viewer/2022052907/558e99d81a28ab97708b4760/html5/thumbnails/22.jpg)
Penetration Testing Aziendale con BeEF
ANDIAMO IN ESPLORAZIONE
![Page 23: Smau milano 2013 giovanni cattani](https://reader033.vdocuments.net/reader033/viewer/2022052907/558e99d81a28ab97708b4760/html5/thumbnails/23.jpg)
Penetration Testing Aziendale con BeEF
Il Browser
![Page 24: Smau milano 2013 giovanni cattani](https://reader033.vdocuments.net/reader033/viewer/2022052907/558e99d81a28ab97708b4760/html5/thumbnails/24.jpg)
Penetration Testing Aziendale con BeEF
Plugin & Addon
![Page 25: Smau milano 2013 giovanni cattani](https://reader033.vdocuments.net/reader033/viewer/2022052907/558e99d81a28ab97708b4760/html5/thumbnails/25.jpg)
Penetration Testing Aziendale con BeEF
Il Sistema
![Page 26: Smau milano 2013 giovanni cattani](https://reader033.vdocuments.net/reader033/viewer/2022052907/558e99d81a28ab97708b4760/html5/thumbnails/26.jpg)
Penetration Testing Aziendale con BeEF
Giochiamo a Nascondino?
![Page 27: Smau milano 2013 giovanni cattani](https://reader033.vdocuments.net/reader033/viewer/2022052907/558e99d81a28ab97708b4760/html5/thumbnails/27.jpg)
Penetration Testing Aziendale con BeEF
INIZIAMO!
![Page 28: Smau milano 2013 giovanni cattani](https://reader033.vdocuments.net/reader033/viewer/2022052907/558e99d81a28ab97708b4760/html5/thumbnails/28.jpg)
Penetration Testing Aziendale con BeEF
Cambio Link
![Page 29: Smau milano 2013 giovanni cattani](https://reader033.vdocuments.net/reader033/viewer/2022052907/558e99d81a28ab97708b4760/html5/thumbnails/29.jpg)
Penetration Testing Aziendale con BeEF
Cambio Link
![Page 30: Smau milano 2013 giovanni cattani](https://reader033.vdocuments.net/reader033/viewer/2022052907/558e99d81a28ab97708b4760/html5/thumbnails/30.jpg)
Penetration Testing Aziendale con BeEF
Cambio Link
![Page 31: Smau milano 2013 giovanni cattani](https://reader033.vdocuments.net/reader033/viewer/2022052907/558e99d81a28ab97708b4760/html5/thumbnails/31.jpg)
Penetration Testing Aziendale con BeEF
Cambio Link
![Page 32: Smau milano 2013 giovanni cattani](https://reader033.vdocuments.net/reader033/viewer/2022052907/558e99d81a28ab97708b4760/html5/thumbnails/32.jpg)
Penetration Testing Aziendale con BeEF
Cambio Link
![Page 33: Smau milano 2013 giovanni cattani](https://reader033.vdocuments.net/reader033/viewer/2022052907/558e99d81a28ab97708b4760/html5/thumbnails/33.jpg)
Penetration Testing Aziendale con BeEF
Andiamo di Là!
![Page 34: Smau milano 2013 giovanni cattani](https://reader033.vdocuments.net/reader033/viewer/2022052907/558e99d81a28ab97708b4760/html5/thumbnails/34.jpg)
Penetration Testing Aziendale con BeEF
Andiamo di Là!
![Page 35: Smau milano 2013 giovanni cattani](https://reader033.vdocuments.net/reader033/viewer/2022052907/558e99d81a28ab97708b4760/html5/thumbnails/35.jpg)
Penetration Testing Aziendale con BeEF
Andiamo di Là!
![Page 36: Smau milano 2013 giovanni cattani](https://reader033.vdocuments.net/reader033/viewer/2022052907/558e99d81a28ab97708b4760/html5/thumbnails/36.jpg)
Penetration Testing Aziendale con BeEF
Portiamo anche BeEF
![Page 37: Smau milano 2013 giovanni cattani](https://reader033.vdocuments.net/reader033/viewer/2022052907/558e99d81a28ab97708b4760/html5/thumbnails/37.jpg)
Penetration Testing Aziendale con BeEF
Portiamo anche BeEF
![Page 38: Smau milano 2013 giovanni cattani](https://reader033.vdocuments.net/reader033/viewer/2022052907/558e99d81a28ab97708b4760/html5/thumbnails/38.jpg)
Penetration Testing Aziendale con BeEF
I <3 HTML
![Page 39: Smau milano 2013 giovanni cattani](https://reader033.vdocuments.net/reader033/viewer/2022052907/558e99d81a28ab97708b4760/html5/thumbnails/39.jpg)
Penetration Testing Aziendale con BeEF
I <3 HTML
![Page 40: Smau milano 2013 giovanni cattani](https://reader033.vdocuments.net/reader033/viewer/2022052907/558e99d81a28ab97708b4760/html5/thumbnails/40.jpg)
Penetration Testing Aziendale con BeEF
Dillo Anche a Me!
![Page 41: Smau milano 2013 giovanni cattani](https://reader033.vdocuments.net/reader033/viewer/2022052907/558e99d81a28ab97708b4760/html5/thumbnails/41.jpg)
Penetration Testing Aziendale con BeEF
Dillo Anche a Me!
![Page 42: Smau milano 2013 giovanni cattani](https://reader033.vdocuments.net/reader033/viewer/2022052907/558e99d81a28ab97708b4760/html5/thumbnails/42.jpg)
Penetration Testing Aziendale con BeEF
Dillo Anche a Me!
![Page 43: Smau milano 2013 giovanni cattani](https://reader033.vdocuments.net/reader033/viewer/2022052907/558e99d81a28ab97708b4760/html5/thumbnails/43.jpg)
Penetration Testing Aziendale con BeEF
Pronti all’Uso
Numerosi exploit già integrati
Exploit pronti per essere eseguiti
Nuove vulnerabilità Nuovi exploit
Exploit esterni sono facili da integrare
Target: server, router, switch, NAS, etc.
![Page 44: Smau milano 2013 giovanni cattani](https://reader033.vdocuments.net/reader033/viewer/2022052907/558e99d81a28ab97708b4760/html5/thumbnails/44.jpg)
Penetration Testing Aziendale con BeEF
L’ANELLO DEBOLE
![Page 45: Smau milano 2013 giovanni cattani](https://reader033.vdocuments.net/reader033/viewer/2022052907/558e99d81a28ab97708b4760/html5/thumbnails/45.jpg)
Penetration Testing Aziendale con BeEF
L’ANELLO DEBOLE
![Page 46: Smau milano 2013 giovanni cattani](https://reader033.vdocuments.net/reader033/viewer/2022052907/558e99d81a28ab97708b4760/html5/thumbnails/46.jpg)
Penetration Testing Aziendale con BeEF
Basically, social engineering is the artand science of getting people tocomply to your wishes.
Harl – “People Hacking: The Psychology of Social Engineering” (1997)
![Page 47: Smau milano 2013 giovanni cattani](https://reader033.vdocuments.net/reader033/viewer/2022052907/558e99d81a28ab97708b4760/html5/thumbnails/47.jpg)
Penetration Testing Aziendale con BeEF
Buone Abitudini
![Page 48: Smau milano 2013 giovanni cattani](https://reader033.vdocuments.net/reader033/viewer/2022052907/558e99d81a28ab97708b4760/html5/thumbnails/48.jpg)
Penetration Testing Aziendale con BeEF
A Volte Ritornano…
![Page 49: Smau milano 2013 giovanni cattani](https://reader033.vdocuments.net/reader033/viewer/2022052907/558e99d81a28ab97708b4760/html5/thumbnails/49.jpg)
Penetration Testing Aziendale con BeEF
A Volte Ritornano…
![Page 50: Smau milano 2013 giovanni cattani](https://reader033.vdocuments.net/reader033/viewer/2022052907/558e99d81a28ab97708b4760/html5/thumbnails/50.jpg)
Penetration Testing Aziendale con BeEF
Socializziamo!
![Page 51: Smau milano 2013 giovanni cattani](https://reader033.vdocuments.net/reader033/viewer/2022052907/558e99d81a28ab97708b4760/html5/thumbnails/51.jpg)
Penetration Testing Aziendale con BeEF
Socializziamo!
![Page 52: Smau milano 2013 giovanni cattani](https://reader033.vdocuments.net/reader033/viewer/2022052907/558e99d81a28ab97708b4760/html5/thumbnails/52.jpg)
Penetration Testing Aziendale con BeEF
LastPass
![Page 53: Smau milano 2013 giovanni cattani](https://reader033.vdocuments.net/reader033/viewer/2022052907/558e99d81a28ab97708b4760/html5/thumbnails/53.jpg)
Penetration Testing Aziendale con BeEF
LastPass
![Page 54: Smau milano 2013 giovanni cattani](https://reader033.vdocuments.net/reader033/viewer/2022052907/558e99d81a28ab97708b4760/html5/thumbnails/54.jpg)
Penetration Testing Aziendale con BeEF
Don’t Be Evil
![Page 55: Smau milano 2013 giovanni cattani](https://reader033.vdocuments.net/reader033/viewer/2022052907/558e99d81a28ab97708b4760/html5/thumbnails/55.jpg)
Penetration Testing Aziendale con BeEF
Don’t Be Evil
![Page 56: Smau milano 2013 giovanni cattani](https://reader033.vdocuments.net/reader033/viewer/2022052907/558e99d81a28ab97708b4760/html5/thumbnails/56.jpg)
Penetration Testing Aziendale con BeEF
Sembra tutto a posto
![Page 57: Smau milano 2013 giovanni cattani](https://reader033.vdocuments.net/reader033/viewer/2022052907/558e99d81a28ab97708b4760/html5/thumbnails/57.jpg)
Penetration Testing Aziendale con BeEF
Sembra tutto a posto
![Page 58: Smau milano 2013 giovanni cattani](https://reader033.vdocuments.net/reader033/viewer/2022052907/558e99d81a28ab97708b4760/html5/thumbnails/58.jpg)
Penetration Testing Aziendale con BeEF
Se lo dice il browser…
• a
![Page 59: Smau milano 2013 giovanni cattani](https://reader033.vdocuments.net/reader033/viewer/2022052907/558e99d81a28ab97708b4760/html5/thumbnails/59.jpg)
Penetration Testing Aziendale con BeEF
E NON CI LASCEREMO MAI…
![Page 60: Smau milano 2013 giovanni cattani](https://reader033.vdocuments.net/reader033/viewer/2022052907/558e99d81a28ab97708b4760/html5/thumbnails/60.jpg)
Penetration Testing Aziendale con BeEF
Sicuro? Sicuro, Sicuro?
• h
![Page 61: Smau milano 2013 giovanni cattani](https://reader033.vdocuments.net/reader033/viewer/2022052907/558e99d81a28ab97708b4760/html5/thumbnails/61.jpg)
Penetration Testing Aziendale con BeEF
Resto Qui
![Page 62: Smau milano 2013 giovanni cattani](https://reader033.vdocuments.net/reader033/viewer/2022052907/558e99d81a28ab97708b4760/html5/thumbnails/62.jpg)
Penetration Testing Aziendale con BeEF
Resto Qui
![Page 63: Smau milano 2013 giovanni cattani](https://reader033.vdocuments.net/reader033/viewer/2022052907/558e99d81a28ab97708b4760/html5/thumbnails/63.jpg)
Penetration Testing Aziendale con BeEF
Resto Qui
![Page 64: Smau milano 2013 giovanni cattani](https://reader033.vdocuments.net/reader033/viewer/2022052907/558e99d81a28ab97708b4760/html5/thumbnails/64.jpg)
Penetration Testing Aziendale con BeEF
Resto Qui
![Page 65: Smau milano 2013 giovanni cattani](https://reader033.vdocuments.net/reader033/viewer/2022052907/558e99d81a28ab97708b4760/html5/thumbnails/65.jpg)
Penetration Testing Aziendale con BeEF
iFrame Invisibile
![Page 66: Smau milano 2013 giovanni cattani](https://reader033.vdocuments.net/reader033/viewer/2022052907/558e99d81a28ab97708b4760/html5/thumbnails/66.jpg)
Penetration Testing Aziendale con BeEF
iFrame Invisibile
![Page 67: Smau milano 2013 giovanni cattani](https://reader033.vdocuments.net/reader033/viewer/2022052907/558e99d81a28ab97708b4760/html5/thumbnails/67.jpg)
Penetration Testing Aziendale con BeEF
iFrame – Come Funziona?
A
![Page 68: Smau milano 2013 giovanni cattani](https://reader033.vdocuments.net/reader033/viewer/2022052907/558e99d81a28ab97708b4760/html5/thumbnails/68.jpg)
Penetration Testing Aziendale con BeEF
iFrame – Come Funziona?
AB
![Page 69: Smau milano 2013 giovanni cattani](https://reader033.vdocuments.net/reader033/viewer/2022052907/558e99d81a28ab97708b4760/html5/thumbnails/69.jpg)
Penetration Testing Aziendale con BeEF
Pop Up
![Page 70: Smau milano 2013 giovanni cattani](https://reader033.vdocuments.net/reader033/viewer/2022052907/558e99d81a28ab97708b4760/html5/thumbnails/70.jpg)
Penetration Testing Aziendale con BeEF
Pop Up
![Page 71: Smau milano 2013 giovanni cattani](https://reader033.vdocuments.net/reader033/viewer/2022052907/558e99d81a28ab97708b4760/html5/thumbnails/71.jpg)
Penetration Testing Aziendale con BeEF
Pop Up
![Page 72: Smau milano 2013 giovanni cattani](https://reader033.vdocuments.net/reader033/viewer/2022052907/558e99d81a28ab97708b4760/html5/thumbnails/72.jpg)
Penetration Testing Aziendale con BeEF
Pop Up Under
![Page 73: Smau milano 2013 giovanni cattani](https://reader033.vdocuments.net/reader033/viewer/2022052907/558e99d81a28ab97708b4760/html5/thumbnails/73.jpg)
Penetration Testing Aziendale con BeEF
Pop Up Under
![Page 74: Smau milano 2013 giovanni cattani](https://reader033.vdocuments.net/reader033/viewer/2022052907/558e99d81a28ab97708b4760/html5/thumbnails/74.jpg)
Penetration Testing Aziendale con BeEF
Pop Up Under
![Page 75: Smau milano 2013 giovanni cattani](https://reader033.vdocuments.net/reader033/viewer/2022052907/558e99d81a28ab97708b4760/html5/thumbnails/75.jpg)
Penetration Testing Aziendale con BeEF
SPORCHIAMOCI LE MANI
![Page 76: Smau milano 2013 giovanni cattani](https://reader033.vdocuments.net/reader033/viewer/2022052907/558e99d81a28ab97708b4760/html5/thumbnails/76.jpg)
Penetration Testing Aziendale con BeEF
Integrazione di Metasploit Framework (MSF) in BeEF
Interfaccia web di BeEF per lanciare gli exploit
Accesso diretto a numerosi exploit aggiornati
Usare i browser agganciati come pivot per gli attacchi
• Sviluppato da Rapid7
• Framework per sviluppare ed eseguire exploit
• Diverse versioni, sia gratuite che a pagamento
![Page 77: Smau milano 2013 giovanni cattani](https://reader033.vdocuments.net/reader033/viewer/2022052907/558e99d81a28ab97708b4760/html5/thumbnails/77.jpg)
Penetration Testing Aziendale con BeEF
MSF Integrato
![Page 78: Smau milano 2013 giovanni cattani](https://reader033.vdocuments.net/reader033/viewer/2022052907/558e99d81a28ab97708b4760/html5/thumbnails/78.jpg)
Penetration Testing Aziendale con BeEF
MSF Integrato
![Page 79: Smau milano 2013 giovanni cattani](https://reader033.vdocuments.net/reader033/viewer/2022052907/558e99d81a28ab97708b4760/html5/thumbnails/79.jpg)
Penetration Testing Aziendale con BeEF
v. 6.0.0M1
![Page 80: Smau milano 2013 giovanni cattani](https://reader033.vdocuments.net/reader033/viewer/2022052907/558e99d81a28ab97708b4760/html5/thumbnails/80.jpg)
Penetration Testing Aziendale con BeEF
v. 6.0.0M1
![Page 81: Smau milano 2013 giovanni cattani](https://reader033.vdocuments.net/reader033/viewer/2022052907/558e99d81a28ab97708b4760/html5/thumbnails/81.jpg)
Penetration Testing Aziendale con BeEF
v. 6.0.0M1
![Page 82: Smau milano 2013 giovanni cattani](https://reader033.vdocuments.net/reader033/viewer/2022052907/558e99d81a28ab97708b4760/html5/thumbnails/82.jpg)
Penetration Testing Aziendale con BeEF
v. 6.0.0M1
![Page 83: Smau milano 2013 giovanni cattani](https://reader033.vdocuments.net/reader033/viewer/2022052907/558e99d81a28ab97708b4760/html5/thumbnails/83.jpg)
Penetration Testing Aziendale con BeEF
v. 6.0.0M1
![Page 84: Smau milano 2013 giovanni cattani](https://reader033.vdocuments.net/reader033/viewer/2022052907/558e99d81a28ab97708b4760/html5/thumbnails/84.jpg)
Penetration Testing Aziendale con BeEF
v. 6.0.0M1
![Page 85: Smau milano 2013 giovanni cattani](https://reader033.vdocuments.net/reader033/viewer/2022052907/558e99d81a28ab97708b4760/html5/thumbnails/85.jpg)
Penetration Testing Aziendale con BeEF
adminforums.com
v. 6.0.0M1
![Page 86: Smau milano 2013 giovanni cattani](https://reader033.vdocuments.net/reader033/viewer/2022052907/558e99d81a28ab97708b4760/html5/thumbnails/86.jpg)
Penetration Testing Aziendale con BeEF
adminforums.com
v. 6.0.0M1
![Page 87: Smau milano 2013 giovanni cattani](https://reader033.vdocuments.net/reader033/viewer/2022052907/558e99d81a28ab97708b4760/html5/thumbnails/87.jpg)
Penetration Testing Aziendale con BeEF
adminforums.com
v. 6.0.0M1
![Page 88: Smau milano 2013 giovanni cattani](https://reader033.vdocuments.net/reader033/viewer/2022052907/558e99d81a28ab97708b4760/html5/thumbnails/88.jpg)
Penetration Testing Aziendale con BeEF
adminforums.com
v. 6.0.0M1
![Page 89: Smau milano 2013 giovanni cattani](https://reader033.vdocuments.net/reader033/viewer/2022052907/558e99d81a28ab97708b4760/html5/thumbnails/89.jpg)
Penetration Testing Aziendale con BeEF
adminforums.com
v. 6.0.0M1
![Page 90: Smau milano 2013 giovanni cattani](https://reader033.vdocuments.net/reader033/viewer/2022052907/558e99d81a28ab97708b4760/html5/thumbnails/90.jpg)
Penetration Testing Aziendale con BeEF
adminforums.com
v. 6.0.0M1
![Page 91: Smau milano 2013 giovanni cattani](https://reader033.vdocuments.net/reader033/viewer/2022052907/558e99d81a28ab97708b4760/html5/thumbnails/91.jpg)
Penetration Testing Aziendale con BeEF
adminforums.com
v. 6.0.0M1
![Page 92: Smau milano 2013 giovanni cattani](https://reader033.vdocuments.net/reader033/viewer/2022052907/558e99d81a28ab97708b4760/html5/thumbnails/92.jpg)
Penetration Testing Aziendale con BeEF
adminforums.com
v. 6.0.0M1
![Page 93: Smau milano 2013 giovanni cattani](https://reader033.vdocuments.net/reader033/viewer/2022052907/558e99d81a28ab97708b4760/html5/thumbnails/93.jpg)
Penetration Testing Aziendale con BeEF
adminforums.com
v. 6.0.0M1
![Page 94: Smau milano 2013 giovanni cattani](https://reader033.vdocuments.net/reader033/viewer/2022052907/558e99d81a28ab97708b4760/html5/thumbnails/94.jpg)
Penetration Testing Aziendale con BeEF
adminforums.com
getBrowserDetails()
Windows XP SP3Internet Explorer 8
v. 6.0.0M1
![Page 95: Smau milano 2013 giovanni cattani](https://reader033.vdocuments.net/reader033/viewer/2022052907/558e99d81a28ab97708b4760/html5/thumbnails/95.jpg)
Penetration Testing Aziendale con BeEF
adminforums.com
getBrowserPlugins()
Flash Playerv. 10.2.153.1
getBrowserDetails()
Windows XP SP3Internet Explorer 8
v. 6.0.0M1
![Page 96: Smau milano 2013 giovanni cattani](https://reader033.vdocuments.net/reader033/viewer/2022052907/558e99d81a28ab97708b4760/html5/thumbnails/96.jpg)
Penetration Testing Aziendale con BeEF
adminforums.com
getBrowserPlugins()
Flash Playerv. 10.2.153.1
getBrowserDetails()
Windows XP SP3Internet Explorer 8
v. 6.0.0M1
![Page 97: Smau milano 2013 giovanni cattani](https://reader033.vdocuments.net/reader033/viewer/2022052907/558e99d81a28ab97708b4760/html5/thumbnails/97.jpg)
Penetration Testing Aziendale con BeEF
adminforums.com
getBrowserPlugins()
Flash Playerv. 10.2.153.1
getBrowserDetails()
Windows XP SP3Internet Explorer 8
MSF ExploitAdobe Flash Player 10.2.153.1
SWF Memory Corruption
PayloadReverse Meterpreter TCP
ExploitHEAD Request JSP Shell
v. 6.0.0M1
![Page 98: Smau milano 2013 giovanni cattani](https://reader033.vdocuments.net/reader033/viewer/2022052907/558e99d81a28ab97708b4760/html5/thumbnails/98.jpg)
Penetration Testing Aziendale con BeEF
adminforums.com
getBrowserPlugins()
Flash Playerv. 10.2.153.1
getBrowserDetails()
Windows XP SP3Internet Explorer 8
MSF ExploitAdobe Flash Player 10.2.153.1
SWF Memory Corruption
PayloadReverse Meterpreter TCP
ExploitHEAD Request JSP Shell
v. 6.0.0M1
> insert command
![Page 99: Smau milano 2013 giovanni cattani](https://reader033.vdocuments.net/reader033/viewer/2022052907/558e99d81a28ab97708b4760/html5/thumbnails/99.jpg)
Penetration Testing Aziendale con BeEF
![Page 100: Smau milano 2013 giovanni cattani](https://reader033.vdocuments.net/reader033/viewer/2022052907/558e99d81a28ab97708b4760/html5/thumbnails/100.jpg)
Penetration Testing Aziendale con BeEF
Percorsi Aruba: E-Security
Partecipate ad almeno 2 tra i workshop selezionati da Aruba e ritirare il vostro attestato.
Penetration Testing Aziendale con BeEF
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
Stand Aruba – Padiglione 2
![Page 101: Smau milano 2013 giovanni cattani](https://reader033.vdocuments.net/reader033/viewer/2022052907/558e99d81a28ab97708b4760/html5/thumbnails/101.jpg)
Penetration Testing Aziendale con BeEF
Q&A
![Page 102: Smau milano 2013 giovanni cattani](https://reader033.vdocuments.net/reader033/viewer/2022052907/558e99d81a28ab97708b4760/html5/thumbnails/102.jpg)
Penetration Testing Aziendale con BeEF
beefproject.com
@beefproject
github.com/beefproject
securenetwork.it
Giovanni Cattani
gcattani.co.vu
gcattani