Scribd Logo
Upload

Welcome to Scribd!

  • T2) Víctor Flores Sánchez

    Uploaded by

    Leandro Cartajena
    9 views26 pages
    This document summarizes how ethical hacking can be done easily without extensive skills or effort. It will demonstrate exploiting weak application security compared to heavily fortified infrastructure through OWASP Top 10 vulnerabilities, sensitive data exposure, hardcoded secrets, account enumeration with Burp Suite, SQL injection with SQLMap, and discovering secrets in mobile apps with MobSF. Examples will show how minor issues like failing to properly secure apps during installation can leave vulnerabilities for attackers.

    Original Description:

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    This document summarizes how ethical hacking can be done easily without extensive skills or effort. It will demonstrate exploiting weak application security compared to heavily fortified infrastructure through OWASP Top 10 vulnerabilities, sensitive data exposure, hardcoded secrets, account enumeration with Burp Suite, SQL injection with SQLMap, and discovering secrets in mobile apps with MobSF. Examples will show how minor issues like failing to properly secure apps during installation can leave vulnerabilities for attackers.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as pdf or txt
    9 views26 pages

    T2) Víctor Flores Sánchez

    Uploaded by

    Leandro Cartajena
    This document summarizes how ethical hacking can be done easily without extensive skills or effort. It will demonstrate exploiting weak application security compared to heavily fortified infrastructure through OWASP Top 10 vulnerabilities, sensitive data exposure, hardcoded secrets, account enumeration with Burp Suite, SQL injection with SQLMap, and discovering secrets in mobile apps with MobSF. Examples will show how minor issues like failing to properly secure apps during installation can leave vulnerabilities for attackers.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as pdf or txt
    of 26

    Hacking ético de

    forma fácil y
    sencilla

    • Víctor Flores Sánchez


    Whoami $>
    Víctor Flores Sánchez
    • Head Red Team
    • CEH (Certified Ethical Hacker)
    • ECSA (EC-Council Certified Security Analyst)
    • Outside of security, a hobby I love is running.

    https://www.linkedin.com/in/victorfloressanchez/
    https://twitter.com/victorfls?lang=es
    What we will see?
    We will see how there are times when finding certain vulnerabilities
    does not require great effort and/or knowledge, allowing an attacker to
    achieve his goal in a short time.
    Often companies focus much of their efforts on protecting their
    systems, routers, firewalls, in short, their infrastructure, but forget
    about the applications, leaving "doors and windows" exposed to any
    attacker with time to look.
    Heavily fortified infrastructures
    Weakly secured applications
    OWASP Top 10 Vulnerabilities
    SHODAN
    Sensitive Data Exposure
    La falta de Hardening, pulsar “next” “next”...
    al instalar software puede dejar estas
    “perlas” para un atacante.
    Sensitive Data Exposure & Broken Access Control
    Enumeration and brute force
    attacks are commonly used for
    this type of vulnerability.
    Hardcoded Secrets in a Mobile Application
    Account Enumeration, Escalation of Privileges and Fuzzing with Burp Suite
    We will use Burp Suite, its Intruder utility, to perform a Brute
    Force attack to Enumerate Valid Accounts.
    The User we are logged in with only has access to an account
    ending in 2 and another ending in 3, but we see that we get
    data from accounts ending in 4, 5, 6 and 7.
    SQL Injection with SQLMap
    We will attack 2 different applications, in both we test injecting the "quotation mark" character to see if it returns any error and we see that the error indicates that
    there is a problem in the SQL statement, so we will attack it with SQLMap.
    With SQLMap we can extract databases, tables, fields, data and even the /etc/passwd file.
    MobSF – Mobile Security Framework
    We will use MobSF to discover secrets in the code, activity, the key to decrypt the password, ...
    This is the application, which requires a login to access the different functionalities.
    In this case in the AndroidManifest.xml we can see an Activity (exported) called PostLogin, which we will launch and it will open without the need
    of login
    Using MobSF it is very easy to decompile an application and access the source code where we can see the AES encryption key, an administrator
    user that does not need a password and a CreateUser section whose validation could be modified to pass it.

    You might also like