CompTIA English Subtitles PDF
Document Details
Uploaded by EruditeDada5177
2021
CompTIA
Tags
Related
- Certified Cybersecurity Technician Exam 212-82 PDF
- Chapter 8 - 05 - Understand Fundamentals Of Penetration Testing and its Benefits - 02_ocred.pdf
- Chapter 8 - 05 - Understand Fundamentals Of Penetration Testing and its Benefits - 04_ocred_fax_ocred.pdf
- CompTIA Security+ Guide to Network Security Fundamentals, 7th Edition Module 2 PDF
- CEHv12 Questions and Answers 2024 PDF
- Metasploit Framework Important Questions PDF
Summary
This document is a CompTIA past paper from October 13, 2021, focusing on researching attack vectors and performing network-based attacks during penetration testing. It includes dialogue between two individuals discussing various security techniques and approaches for network attacks.
Full Transcript
CompTIA English Subtitles Pentest_3.1_Roger_FC1_10.13.21 Prepared by Take 1 Tel: (855) 958 2531 [email protected] www.take1.tv Job...
CompTIA English Subtitles Pentest_3.1_Roger_FC1_10.13.21 Prepared by Take 1 Tel: (855) 958 2531 [email protected] www.take1.tv Job ID: 189213 CompTIA English Subtitles Pentest_3.1_Roger_FC1_10.13.21 2 CLOCK INFO: NO CLOCK SCREEN Job ID: 189213 CompTIA English Subtitles Pentest_3.1_Roger_FC1_10.13.21 3 Time-codes Dialogue 01:00:00:10 TITLE SEQUENCE 01:00:09:28 James Stanger When it comes to researching attack vectors for network based attacks, it's important to choose the right tool for the right time. To help us understand the dynamics more though, we've got Roger O'Farril, Indiana's own Roger O'Farril. How are you doing Roger? 01:00:25:00 Roger O'Farril Excellent, excellent, thank you for having me. 01:00:26:28 James Stanger Ah, it's good to have you here. Tell us a bit about yourself, and let's start talking about network based attacks. 01:00:32:18 Roger O'Farril Sure, I've been doing IT for a little bit over 20 years, started early in my days after college doing desktop support. From there I moved on to do servers, networking, little bit of databases, that's when I learned that databases were not for me. [LAUGHS] 01:00:50:00 James Stanger [LAUGHS] 01:00:50:01 Roger O'Farril But then I did that for a long time, then moved into security maybe eight, nine years ago. But I've been doing that for a while now. I manage a team of defenders, blue teamers, and we also have like a little offensive side of the house. So, yeah, doing security for some time now, and nowadays cloud security, so that's what I do. Job ID: 189213 CompTIA English Subtitles Pentest_3.1_Roger_FC1_10.13.21 4 01:01:02:19 James Stanger Very good. Well, let's talk about pen testing. As you get started, there's so many different approaches, you know, you can do the poisoning scene, you can do the on path, used to be known as man in the middle. There are so many things, where would you start, depending on where you're pen testing? 01:01:30:12 Roger O'Farril Sure. My approach has always been, you know, think about the basics. A lot of people get distracted by what's new out there, the latest things that they see, they wanna exploit the biggest, baddest, freshest vulnerability, but we can't forget about the basics. The basics are still an issue. I always talk about passwords. Password attacks are still useful, are still producing some results. Why? Because people can get a handle on passwords, people are reusing passwords, they rotate them on a regular basis, so yeah, that's one of the first things that we're going to be looking at. I always talk about multi-factor, people think, oh, multi- factor, it's killing user passwords and all that, and I would say to some extent, but I was reading an article the other day that says, like, less than 10% of systems in the world out there are using multi-factor right now. So that's a big [LAUGHS] 90% that are up for grabs to the traditional attacks that passwords are involved. 01:02:33:15 James Stanger So they're still a valid vector. Let's talk about, you know, brute force versus dictionary. We know brute force, you're kinda going at things in a, I'll say, fairly unsophisticated way, and then the dictionary attacks. Let's talk about dictionary attacks. As a pen tester, how do you go about spicing up that dictionary file? How do you add things that are unique to a particular client that you're working with, so you can pen test it? 01:02:59:17 Roger O'Farril Yeah, that's a good point, that's something that should be done, you should be targeting those dictionaries to whatever engagement you have going on at the moment, because if you don't do that, it's basically a hail Mary, it's let's throw a whole bunch of stuff, see what sticks. Job ID: 189213 CompTIA English Subtitles Pentest_3.1_Roger_FC1_10.13.21 5 01:03:13:22 James Stanger Yeah. 01:03:14:27 Roger O'Farril And when we're doing engagements we're usually constrained by some specific time frame, and if we're using every single password combination out there, that's not gonna help us. We need those dictionaries because if we do our job right, we try to see what information we can find about that target, what's the format of their user IDs? Maybe you can gain some intel from an ex employee or something. What's the password complexity? If we know that, we can build that into our dictionaries, and that's really gonna improve the time that it's gonna spend to try to compromise one of those targets. 01:03:49:11 James Stanger Last dictionary file I used I think was, I swear it was almost a gigabyte. They can get pretty big, can't they? 01:03:57:01 Roger O'Farril They can, they can, but again, if we know what we're trying to target, we can build better dictionaries and it's all about doing that prep work, if you will, trying to understand your target, especially if you're not given much information, it's up to you to see what you can find out there from open source intel and things like that to help build them, because, again, the bigger they get, the more possibilities, the more time it's gonna take. 01:04:22:22 James Stanger Ah. 01:04:23:00 Roger O'Farril And yeah, time is gonna be limited. 01:04:25:16 James Stanger Job ID: 189213 CompTIA English Subtitles Pentest_3.1_Roger_FC1_10.13.21 6 As a pen tester, what are some of the ways that you try to stay underneath the radar? 'Cause some of these things can be very noisy. What are some of those techniques to think about in terms of network attacks? 01:04:35:27 Roger O'Farril Sure. There's the tools that everybody knows, Mmap, Metasploit, sequel map, all those kind of tools that we have been using for a long time. The problem with that is that if you have a capable defender team, a blue team, they're gonna be able to spot that from a mile away, so we have to be tactical about what is it that we're going to. If we're targeting somebody who's a big company, you're doing a penetration test engagement against a big company, most likely they have a lot of detection, those modern products that have signatures or risk takes or behavioral, or all this type of traffic. In those cases you have to try to see what's on the other side. Again, see what intel you can gain. You may need to even develop some custom solutions to kind of try to disguise your patterns on the network. That might be something that would be definitely very helpful. 01:05:29:04 James Stanger And when it comes to custom solutions, most people talk in terms of Python as that programming language. I assume you'll any programming language that's appropriate. 01:05:38:03 Roger O'Farril Absolutely, everything is fair game. The good thing with Python, it's that it's super popular [LAUGHS] out there in the security world... 01:05:45:00 James Stanger Sure. 01:05:45:14 Roger O'Farril...nowadays, so it's easy. For example, some people are not super good programmers. I'm one of those, [LAUGHS] so what I usually do is I leverage work that others have done, and then modify it to suit my needs. Again, you're a Job ID: 189213 CompTIA English Subtitles Pentest_3.1_Roger_FC1_10.13.21 7 penetration tester, you could develop some exploits and things like that, but if you need to develop something from zero, it might take too long. 01:06:08:14 James Stanger True. 01:06:09:05 Roger O'Farril Security community is always sharing, so you might leverage things that others have done, but again, Python is super popular, so it's definitely one of the go-to choices. 01:06:17:12 James Stanger When you did some modifications, was it to go after like a different port, or some sort of buffer overflow, or was it just to quiet things down a bit so that you stay underneath the radar of the blue team listening in? 01:06:31:00 Roger O'Farril Yeah, both actually. Sometimes you have some sort of scrape that does something, and it's a lot of things, and you trim it down for the two reasons that you mentioned. One, I don't think this specific vector is gonna be valid in this engagement, so I have my theory, so I'm gonna exclude that. That's gonna let my engagement move a little bit quicker. And second, sometimes you wanna throttle down the activity that your tools are throwing at the network. It's no secret that those things that are super noisy, Mmap, for example, if you don't throttle that down it's gonna make a lot of noise and it's gonna light up on the defenders' dashboards like crazy. So, you do need to modify both your target, to reduce some things that you have good confidence that they don't exist there, and second to, yeah, kind of slow and steady it's gonna get you there, instead of just throwing everything out. 01:07:25:19 James Stanger Well, thank you so much, Roger, for your insights about performing network based attacks and choosing the appropriate vector. Sure appreciate it, man. Job ID: 189213 CompTIA English Subtitles Pentest_3.1_Roger_FC1_10.13.21 8 01:07:32:22 Roger O'Farril Very well. 01:07:33:16 END OF PROGRAMME
