Network Exploitation
1 like426 views
This document provides an overview of network exploitation, including types of networks, network environments, internal vs external networks, network enumeration tools, and attack routing. It announces upcoming events and provides details about local area networks (LANs), wide area networks (WANs), metropolitan area networks (MANs), corporate and personal network environments, using Nmap and Nessus for scanning, and pivoting through internal networks from external points.
Network Exploitation
- 2. Get Involved ● Discord - discord.gg/kuejt8p ● Fire Talks - October 24th, 2018 ● Live Stream - Whenever you want* ● CSG CTF - ctf.utdcsg.club
- 3. Events ● The Assembly Group - Wednesday @ 8:15 pm in ECSS 2.201 ● 0DAYALLDAY Research Event - September 29 @ 11 AM off campus ● Dallas Hackers Association - October 3 @ 7 pm off campus
- 4. Overview ● Types of Networks ● Types of Network Environments ● Internal VS External ● Enumeration ● Tools ● Attack Routing ● Demo
- 5. Types of Networks Local Area Network (LAN) - Internal network of computers inside of a building or a small land mass Wide Area Network (WAN) - External network of computers connected miles apart from each other Metropolitan Area Network (MAN) - A network of computers in a metropolitan area usually a city.
- 6. Types of Network Environments ● Corporate - A network consisting of users, servers, and a domain controller (usually) ● Personal - A home network consisting of a user, router, and sometimes a switch (usually)
- 7. Internal VS External Networks ● Local Area Networks are internal networks in an organisation or home that can communicate with each other through a router or switch ● Wide Area Networks are external networks that must go through a larger datacenter or internet service provider to communicate with other computers ● Exploiting external networks allows you to gain access to someone’s internal network if you are not attacking from within the LAN already ● This gives you more options to pivot and gather information because you have a larger attack surface
- 8. Where are we in the network? What is our goal?
- 9. Network Enumeration External Enumeration ● Open Ports ● Running Services ○ RDP, VPN, RPC, VNC, SSH ● Web portals ○ Ports 80,443 ● Anything that can allow us to get into the network Internal Enumeration ● Find Users/Hosts ● Exploitable Services ● Internal Web portals ● Anything that will give you more information and pivot around the network
- 10. Tools ● NMap - Network scanning tool that allows you to see services and ports that are running ○ Nmap -sC -sV -oA output IPADDRESS ● Nessus - Vulnerability and Services scanning tool (Very heavy not very stealthy)
- 11. Attack Routing ● Routing external attacks through internal network for more surface ● Ability to pivot through a network from a external machine Now time for the demo...