ABSTRACT
This paper presents a case study in an attempt to raise awareness on computer security. Our research showed that theoretically one could indeed build a tool capable of automating a hacking attack, functional under certain circumstances. In this work, we first discuss the fundamental concepts of a penetration testing process and afterwards we highlight a number of open source tools, frameworks and programming languages used to build an automated process (Nmap, Metasploit, Python). Then, we demonstrate how those three technologies/tools can be combined to automate the intrusion process and create a script, allowing an attacker to access a single or multiple remote systems by only typing a single command. Finally, we present some countermeasures. Overall, this paper will serve to justify not only the increase in cyber-attacks but also the decrease in the required knowledge to conduct and be successful in the attack.
- Apache, "Apache Tomcat," {Online}. Available: http://tomcat.apache.org/. {Accessed 15 5 2015}.Google Scholar
- C. J. Marquez, "An Analysis of the IDS Penetration Tool: Metasploit," {Online}. Available: http://www.infosecwriters.com/text_resources/pdf/jmarquez_Metasploit.pdf.Google Scholar
- CVE, "Common Vulnerabilities and Exposures," {Online}. Available: http://cve.mitre.org/cgibin/cvename.cgi?name=CVE-2009-4188.Google Scholar
- G. Lyon, Nmap Network Scanning: The Official Nmap Project Guide to Network Discovery and Security Scanning, Nmap Project, 2009. Google ScholarDigital Library
- G. v. Rossum, "Python Documentation," {Online}. Available: https://docs.python.org/2/library/os.html. {Accessed 15 5 2015}.Google Scholar
- G. v. Rossum, "Python," {Online}. Available: https://www.python.org/. {Accessed 16 5 2015}.Google Scholar
- H. Moore, "Metasploit," {Online}. Available: www.metasploit.com.Google Scholar
- H. Moore, "Metasploitable," {Online}. Available: https://community.rapid7.com/docs/DOC-1875.Google Scholar
- H. Moore, "Six Ways to Automate Metasploit," {Online}. Available: https://community.rapid7.com/community/metasploit/blog/2011/12/08/six-ways-to-automate-metasploit.Google Scholar
- jduck, "rapid7," {Online}. Available: http://www.rapid7.com/db/modules/exploit/multi/http/tomcat_mgr_deploy.Google Scholar
- Kaspersky, "2014 Security Bulletin," {Online}. Available: https://securelist.com/files/2014/12/Kaspersky-Security-Bulletin-2014-EN.pdf. {Accessed 16 5 2015}.Google Scholar
- M. Cantoni, "Rapid 7," {Online}. Available: http://www.rapid7.com/db/modules/auxiliary/admin/http/tomcat_administration.Google Scholar
- Mcclure, Scambray and Kurtz, Hacking Exposed 7, McGraw-Hill Osborne Media, 2011.Google Scholar
- Navigant, "2014 Cyber security Trends," {Online}. Available: http://www.navigant.com/insights/hottopics/technology-solutions-experts-corner/cyber-security-trends-2014-part-1/. {Accessed 15 5 2015}.Google Scholar
- P. Passeri, "hackmageddon," {Online}. Available: http://hackmageddon.com/?s=march+2015+timeline. {Accessed 23 4 2015}.Google Scholar
- w3techs {Online}. Available: http://w3techs.com/technologies/details/ws-tomcat/all/all.Google Scholar
- Wikipedia, "Common Vulnerabilities and Exposures," {Online}. Available: http://en.wikipedia.org/wiki/Common_Vulnerabilities_and_Exposures. {Accessed 16 5 2015}.Google Scholar
Index Terms
- An automated network intrusion process and countermeasures
Recommendations
Intelligent, automated red team emulation
ACSAC '16: Proceedings of the 32nd Annual Conference on Computer Security ApplicationsRed teams play a critical part in assessing the security of a network by actively probing it for weakness and vulnerabilities. Unlike penetration testing - which is typically focused on exploiting vulnerabilities - red teams assess the entire state of a ...
Testing of network security systems through DoS, SQL injection, reverse TCP and social engineering attacks
Cyber-attacks are happening with an ever-increasing frequency with the goal of gaining access to sensitive information. These attacks can cause huge damage to all kinds of organisations. With web applications becoming a preferred target for attackers ...
A practical framework for cyber defense generation, enforcement and evaluation
AbstractIt is challenging to enforce and evaluate cyber-defenses for large networks. The current state-of-the-art approaches on defense enforcement and evaluations are manually performed by a security expert and they are executed separately ...
Highlights- A novel framework for automating the defense (blue) team operations.
- An ...
Comments