Testbed Platform for Cybersecurity Use Cases A

Total Page:16

File Type:pdf, Size:1020Kb

Testbed Platform for Cybersecurity Use Cases A TESTBED PLATFORM FOR CYBERSECURITY USE CASES A Master's Thesis Submitted to the Faculty of the Escola Tècnica d'Enginyeria de Telecomunicació de Barcelona Universitat Politècnica de Catalunya by Enric Ruhi Velasco In partial fulfilment of the requirements for the degree of MASTER IN ADVANCED TELECOMMUNICATIONS TECHNOLOGIES (MATT) Advisor: Josep Rafael Pegueroles Valles Barcelona, May 2020 Title of the thesis: Testbed platform for Cybersecurity Use cases Author: Enric Ruhi Velasco Advisor: Josep Rafael Pegueroles Valles Abstract In the cybersecurity world, having not only theoretical but also practical experiences is crucial. Cybersecurity Use Cases (UCASES) is a subject from the master’s degree in advanced telecommunication technologies (MATT) that provides the opportunity to see penetration testing and cybersecurity from a practical standpoint. This thesis’ objective is to provide a stable and up to date testbed for UCASES, composed of multiple virtual machines, vulnerable and non-vulnerable. In addition, it also contains a practical beginner’s guide based on the guide provided by the lecturer of the subject, Josep Rafael Pegueroles Valles, and a virtual machine with all tools the students will need to follow the guide and the subject UCASES. 1 Aquest treball està dedicat als meus pares i la meva germana, els quals han estat al meu costat en tot moment, durant tot el màster, donant-me suport i recolzant les meves decisions. Moltes Gracies! 2 Acknowledgements First, I would like to thank my supervisor Josep Rafael Pegueroles Valles. He had infinite patience with me and did far more for me than his role as supervisor required. Without him and his dedication and patience this project would have never been done. 3 Revision history and approval record Revision Date Purpose 0 09/04/2020 Document creation 1 07/05/2020 Document revision 2 11/05/2020 Document correction 3 15/05/2020 Document revision 4 18/05/2020 Document correction 5 22/05/2020 Document final revision Written by: Reviewed and approved by: Date 09/04/2020 Date 22/05/2020 Name Enric Ruhi Velasco Name Josep Rafael Pegueroles Valles Position Project Author Position Project Supervisor 4 Table of contents Abstract ............................................................................................................................ 1 Acknowledgements .......................................................................................................... 3 Revision history and approval record ................................................................................ 4 Table of contents .............................................................................................................. 5 List of Figures ................................................................................................................... 7 List of Tables .................................................................................................................... 8 1. Introduction ................................................................................................................ 9 1.1. Statement of the problem ................................................................................... 9 1.2. Motivation ........................................................................................................... 9 1.3. Solution ............................................................................................................ 10 1.4. Objectives ........................................................................................................ 10 1.5. Work plan, milestones and task diagram .......................................................... 10 2. Technology used or applied in this thesis ................................................................ 14 2.1. Virtual labs........................................................................................................ 14 2.1.1. HackTheBox & TryHackMe ....................................................................... 14 2.2. Tools ................................................................................................................ 15 2.2.1. Reconnaissance ........................................................................................ 15 2.2.2. Exploiting ................................................................................................... 17 3. Project development ................................................................................................ 18 3.1. Virtualization platform ....................................................................................... 18 3.1.1. Why this three requirements? .................................................................... 18 3.1.2. Choosing the platform ............................................................................... 19 3.2. Updating UCASES ........................................................................................... 19 3.2.1. Tools ......................................................................................................... 19 3.3. Virtual Machines ............................................................................................... 20 3.3.1. Attacker ..................................................................................................... 20 3.3.2. Victims ....................................................................................................... 21 4. Results .................................................................................................................... 22 4.1. Scenario ........................................................................................................... 22 4.2. Reconnaissance ............................................................................................... 23 5 4.2.1. Recon-ng ................................................................................................... 23 4.2.2. Nmap ........................................................................................................ 25 4.2.3. Scapy ........................................................................................................ 26 4.2.4. NSE ........................................................................................................... 27 4.2.5. Nessus ...................................................................................................... 28 4.2.6. Netcat ........................................................................................................ 30 4.2.7. Nikto .......................................................................................................... 30 4.3. Exploiting .......................................................................................................... 30 4.3.1. Metasploit .................................................................................................. 30 4.3.2. Empire ....................................................................................................... 32 5. Budget ..................................................................................................................... 33 6. Conclusions and future development ....................................................................... 34 6.1. Difficulties ......................................................................................................... 34 6.2. Testing ............................................................................................................. 34 6.3. Future developments ........................................................................................ 35 Bibliography .................................................................................................................... 36 Glossary ......................................................................................................................... 38 6 List of Figures Figure 1: Logo TryHackMe & Hack the Box .................................................................... 15 Figure 2: Recon-ng ASCII when starting the framework ................................................. 16 Figure 3: Scapy ASCII when starting the framework ....................................................... 16 Figure 4: Nessus logo ..................................................................................................... 16 Figure 5: Metasploit logo ................................................................................................ 17 Figure 6: UCASES testbed network ................................................................................ 23 Figure 7: Setting a NAMESERVER ................................................................................. 24 Figure 8: Recon-ng database showing reverse-resolve findings ..................................... 24 Figure 9: File of AV domains used by cache-snoop ........................................................ 25 Figure 10: Full TCP SYN scan output ............................................................................. 26 Figure 11: OS fingerprinting on the vulnerable Windows 2008 machine. ........................ 26 Figure 12: TCPdump output of challenge #2 ................................................................... 27 Figure 13: Missing reset [R] response from target's ports 10 & 11 that are "filtered" ....... 27 Figure 14: Content of the "script.db" file .......................................................................... 28 Figure 15: sshv1.nse finds SSH in port 23 .....................................................................
Recommended publications
  • Versatile Exploitation Techniques: Drone Hacking and Jamming with Raspberry-Pi and Wi-Fi Pineapple
    International Journal of Innovative Technology and Exploring Engineering (IJITEE) ISSN: 2278-3075, Volume-9, Issue-1, November 2019 Versatile Exploitation Techniques: Drone Hacking and Jamming with Raspberry-Pi and Wi-Fi Pineapple J Caroline El Fiorenza, Revanth Kumar Lokku, Kirthika Sivakumar, M Reene Stephanie Unmanned aerial (UAVs) vehicles, or drones, are an Abstract—The utilization of Internet-of-Things (IoT) unmanned aerial vehicle that has no pilot ready, and are innovation is developing exponentially as more shoppers and explored by either a remote control, or by ready PCs. Drones organizations recognize the benefits offered by the savvy and are normally partitioned into three unique sorts of classes: (a) shrewd gadgets. The major purpose of this paper arose due to the reason that since drone innovation is a quickly rising segment recreational, (b) business and (c) military drones. inside the IoT and the danger of hacking couldn't just purpose an The expansion of recreational drone usage has prompted information break, it could likewise represent a noteworthy discourses in regards to the security of the unregulated drone hazard to the open well-being. On account of their flexible usage, and how to maintain a strategic distance from specialist applications and access to ongoing data, commercial drones are abusing airspace rules. At a similar time as buyers utilized used across a wide variety of smart city applications. However, with many IoT devices, security is frequently an untimely idea, drones as specialists, organizations have progressively leaving numerous drones helpless against programmers. What is investigated utilizing rambles for business use. being done in this paper is that this paper examines the present In 2016 they uncovered that they were trying a conveyance condition of automation security and exhibits a lot of Wi-Fi administration where clients could get little bundles up to five empowered drone vulnerabilities.
    [Show full text]
  • Introduction to Fmxlinux Delphi's Firemonkey For
    Introduction to FmxLinux Delphi’s FireMonkey for Linux Solution Jim McKeeth Embarcadero Technologies [email protected] Chief Developer Advocate & Engineer For quality purposes, all lines except the presenter are muted IT’S OK TO ASK QUESTIONS! Use the Q&A Panel on the Right This webinar is being recorded for future playback. Recordings will be available on Embarcadero’s YouTube channel Your Presenter: Jim McKeeth Embarcadero Technologies [email protected] | @JimMcKeeth Chief Developer Advocate & Engineer Agenda • Overview • Installation • Supported platforms • PAServer • SDK & Packages • Usage • UI Elements • Samples • Database Access FireDAC • Migrating from Windows VCL • midaconverter.com • 3rd Party Support • Broadway Web Why FMX on Linux? • Education - Save money on Windows licenses • Kiosk or Point of Sale - Single purpose computers with locked down user interfaces • Security - Linux offers more security options • IoT & Industrial Automation - Add user interfaces for integrated systems • Federal Government - Many govt systems require Linux support • Choice - Now you can, so might as well! Delphi for Linux History • 1999 Kylix: aka Delphi for Linux, introduced • It was a port of the IDE to Linux • Linux x86 32-bit compiler • Used the Trolltech QT widget library • 2002 Kylix 3 was the last update to Kylix • 2017 Delphi 10.2 “Tokyo” introduced Delphi for x86 64-bit Linux • IDE runs on Windows, cross compiles to Linux via the PAServer • Designed for server side development - no desktop widget GUI library • 2017 Eugene
    [Show full text]
  • Linux Fundamentals – Part 1
    Linux Fundamentals – Part 1 Setup and the stuff you didn’t know you know … Objective of today’s byte Installation of a Virtual Machine and Linux distribution First step to understanding Linux, is to quite simply install it! We will cover: 1. Basic installation on a windows based PC of a Virtual Machine (VM) 2. Installation of a Linux distribution 3. Startup of the Linux distribution ready for use Observation Observation and navigation of the Graphical user Interface (GUI) of different Linux distributions: 1. Understanding the layout 2. Identify icons 3. Identify Programs 4. Link known windows based programs to similar Linux programs Application Use common Linux programs: 1. Use common Linux programs to - Create a document - Create a Picture - Use the web and search The Why This one is simple, the IT world is ever changing and ever growing. With the exception of Skynet becoming active (joke) humans and the interactions they have with software will continualy evolve. The technology we have in our pocket is vastly superior to the technological age of 20 years ago. And if that phone in your pocket is “obsolete” in a year or two, we as IT professionals must keep up with the current advances or strive to push it forward. The basics of this is awareness and understanding. Maybe before today you didn’t know even what Linux was, believing that there were only two, Windows and Apple OS. Hopefully by the end of this byte, you will have a rough awareness of another system, and be surprised at what you already new about it.
    [Show full text]
  • Some Ethical Hacking Possibilities in Kali Linux Environment
    Vol. 9, No. 4, 2019 pp. 129-149 http://doi.org/10.24368/jates.v9i4.139 21 129 Journal of Applied Technical and Educational Sciences jATES ISSN 2560-5429 http://jates.org Some ethical hacking possibilities in Kali Linux environment Petar Cisara, Robert Pinterb aUniversity of Criminal Investigation and Police Studies, Cara Dusana 196, 11080 Zemun, Serbia, [email protected] bSubotica Tech - College of Applied Sciences, Marka Oreskovica 16, 24000 Subotica, Serbia, [email protected] Abstract This paper deals with the problem of ethical hacking and security of computer systems. When we talk about security of an information system, we actually mean the primary three attributes of the system: confidentiality, integrity and availability. There are various approaches with aim to identify existing security weaknesses and security assessment. One of them is using Kali Linux operating system with its integrated effective tools specially adapted to the realization of various types of attacks. The paper gives a general overview of some Kali attacking possibilities on client and server side and highlights their specificities. The undoubted benefit of this operating system is a large collection of different hacking tools in one place which significantly facilitates vulnerability assessment and security testing. Keywords: Kali Linux; tools; attack; security; ethical hacking 1. Introduction In general, four main categories (or phases) of information security assessments can be identified (Hertzog, 2017): a vulnerability assessment, a compliance (audit) test, a traditional internal/external penetration test, and an application assessment. There are various methods with aim to identify existing security weaknesses and security assessment (Allen, 2014).
    [Show full text]
  • Blackarch Linux, the Blackarch Linux Guide
    BlackArch Linux The BlackArch Linux Guide http://www.blackarch.org/ February 5, 2014 Contents 1 Introduction 3 1.1 What is BlackArch Linux?................................ 3 1.2 Get involved....................................... 3 2 User Guide 4 2.1 Installation........................................ 4 2.1.1 Setting up repository .............................. 4 2.1.2 Installing packages ............................... 5 2.1.3 Installing packages from source......................... 5 2.1.4 Installing from live-, netinstall- ISO or ArchLinux ............... 6 3 Developer Guide7 3.1 Contributing to repository................................ 7 3.1.1 Required tutorials................................ 7 3.1.2 Steps for contributing.............................. 7 3.1.3 Example..................................... 8 3.1.3.1 Fetch PKGBUILD........................... 8 3.1.3.2 Clean up PKGBUILD......................... 8 3.1.3.3 Adjust PKGBUILD.......................... 8 3.1.3.4 Build the package........................... 8 3.1.3.5 Install and test the package ..................... 9 3.1.3.6 Add, commit and push package ................... 9 3.1.3.7 Create a pull request......................... 9 3.1.4 Requests..................................... 9 3.1.5 General tips................................... 9 A Appendix 10 A.1 FAQs........................................... 10 A.2 AUTHORS........................................ 10 2 Chapter 1 Introduction 1.1 What is BlackArch Linux? BlackArch Linux is a lightweight expansion to Arch Linux for penetration testers. The toolset is distributed as an Arch Linux unofficial user repository so you can install BlackArch- Linux on top of an existing Arch Linux installation. Packages may be installed individually or by category. We currently have over 650 tools in our toolset and the repository is constantly expanding. All tools are thoroughly tested before being added to the codebase to maintain the quality of the repository.
    [Show full text]
  • Lattepanda Security
    Latte Panda For Security Distros? Hello reader, One of the SBC's I'm tinkering with at the moment is the Latte Panda by DFRobot. A 64 bit Windows 10 capable maker board with an Intel Cherry Trail SOC that sports an integrated Intel HD. Out of the box the system does require a steady and strong power supply. And as many of the reviews are focused on it's Windows 10 performance... Let's talk Linux. Yes we tried Bunsen Labs - Grub 2 didn't cooperate but otherwise it worked fine. For a variety of makers, the distributions of Linux that will work on the Latte Panda is increasing slowly with it's popularity. The original "It will only work with Ubuntu," is gone and replaced with, "It does Debian,AlwaysInTao.com and Debian based Distros to varying authored degrees of capability. by This Brian is largely in Taylor part due to the recent kernel upgrades that account for Cherry Trail. It can handle Android and with a bit of research possibly other operating systems provided they have reasonably well set uefi settings - and of course certain window managers aren't the default. (Examples like gnome loading only a blank screen etc are part of the fun of testing.) Video courtesy of ExplainingComputers Kali works, Parrot OS works provided you can work around the default mate panels not loading, and my experience with the speed of the system has been pleasant. There are programs that seem to be a challenge to the intel chip - but mostly that depends on what kind of system you are on.
    [Show full text]
  • INF526: Secure Systems Administration
    INF526: Secure Systems Administration Red Teaming and Pen Testing Tools Prof. Clifford Neuman Lecture 6 15 February 2017 OHE100C Class Presentation Schedule 2/8 Miles Wright-Walker - Developing adversarial security plan 2/15 Matthew Jackoski - Red Teaming / Pen Testing Tools 2/22 Abdulla Binkulaib - Developing a response plan 3/1 Jikun Li - Linux security administration 3/8 Daniel Dmytrisin - Network security components & Tech 3/22 Haibo Zhang - Network Security administration 3/29 Mariam Fahad Bubeshait - Configuration Management 4/5 Mohammed Alsubaie – SIEM and Intrusion Detection 4/12 Vishnu Vadlamani - Network Monitoring/Attack Forensics 4/19 Andrew Gronski - Accreditation and acceptance testing 1 Group Exercise One • Decide on the software components to be deployed to implement software requirements on next slide. – Custom development should be simple scripts. – Use packages for database and other components. • Decide on the VM’s to be created to run those software components. – You can run more than one software component within a VM if you choose. – Decide on the methods you will use to contain access to those software components, and to the information managed by those components. • Configure communication between VM’s and to the outside • Install packages • Write scripts and demonstrate basic flow through system. • Report on progress as group now by email on Tuesday 7 Feb. 2 INF526: Secure Systems Administration Penetration Tools Yatin Wadhawan (Teaching Assistant) Prof. Clifford Neuman Lecture 5 17 June 2016 OHE100C INF526: Secure Systems Administration Penetration Tools Yatin Wadhawan (Ph.D. candidate) Prof. Clifford Neuman DISCLAIMER DO NOT USE THESE TOOLS AND METHODOLOGY FREELY OVER THE INTERNET. IT MAY CAUSE DAMAGE TO SOME ORGANIZATION’S CYBER INFRASTRUCTURE WHICH IS A CRIMINAL OFFENCE.THIS TUTORIAL IS JUST FOR LEARNING PURPOSE.
    [Show full text]
  • Linux Fundamentals – Part 1
    Linux Fundamentals – Part 1 Setup and the stuff you didn’t know you know … Objective of today’s byte Installation of a Virtual Machine and Linux distribution First step to understanding Linux, is to quite simply install it! We will cover: 1. Basic installation on a windows based PC of a Virtual Machine (VM) 2. Installation of a Linux distribution 3. Startup of the Linux distribution ready for use Observation Observation and navigation of the Graphical user Interface (GUI) of different Linux distributions: 1. Understanding the layout 2. Identify icons 3. Identify Programs 4. Link known windows based programs to similar Linux programs Application Use common Linux programs: 1. Use common Linux programs to - Create a document - Create a Picture - Use the web and search The Why This one is simple, the IT world is ever changing and ever growing. With the exception of Skynet becoming active (joke) humans and the interactions they have with software will continualy evolve. The technology we have in our pocket is vastly superior to the technological age of 20 years ago. And if that phone in your pocket is “obsolete” in a year or two, we as IT professionals must keep up with the current advances or strive to push it forward. The basics of this is awareness and understanding. Maybe before today you didn’t know even what Linux was, believing that there were only two, Windows and Apple OS. Hopefully by the end of this byte, you will have a rough awareness of another system, and be surprised at what you already new about it.
    [Show full text]
  • Delphi's Firemonkey for Linux Solution
    Introduction to FMXLinux Delphi’s FireMonkey for Linux Solution Jim McKeeth Embarcadero Technologies [email protected] Chief Developer Advocate & Engineer Slides, replay and more https://embt.co/FMXLinuxIntro Your Presenter: Jim McKeeth Embarcadero Technologies [email protected] | @JimMcKeeth Chief Developer Advocate & Engineer Agenda • Overview • Installation • Supported platforms • PAServer • SDK & Packages • Usage • UI Elements • Samples • Database Access FireDAC • Migrating from Windows VCL • midaconverter.com • 3rd Party Support • Broadway Web Why FMX on Linux? • Education - Save money on Windows licenses • Kiosk or Point of Sale - Single purpose computers with locked down user interfaces • Security - Linux offers more security options • IoT & Industrial Automation - Add user interfaces for integrated systems • Federal Government - Many govt systems require Linux support • Choice - Now you can, so might as well! Delphi for Linux History • 1999 Kylix: aka Delphi for Linux, introduced • It was a port of the IDE to Linux • Linux x86 32-bit compiler • Used the Trolltech QT widget library • 2002 Kylix 3 was the last update to Kylix • 2017 Delphi 10.2 “Tokyo” introduced Delphi for x86 64-bit Linux • IDE runs on Windows, cross compiles to Linux via the PAServer • Designed for server side development - no desktop widget GUI library • 2017 Eugene Kryukov of KSDev release FMXLinux • Eugene was one of the original architects of FireMonkey • A modification of FireMonkey, bringing FMX to Linux • 2019 Embarcadero includes FMXLinux
    [Show full text]
  • 1) Seguridad Informática 2020
    Seguridad informática – Prácticas de laboratorio Seguridad informática – Prácticas de laboratorio Índice 1. Manejo de un Keylogger…………………………3 2. Ataque MITM……………………………………..9 SEGURIDAD INFORMÁTICA 3. Pruebas de pentesting con OWASP……………..17 Prácticas de hacking ético 4. Ataque por fuerza bruta…………………………24 5. Pruebas de ingeniería inversa…………………...51 6. Hacking de redes WI-FI………………………….54 ED. 2020 7. Esteganografía…………………………………....61 8. Ataque DOS……………………………………….67 9. Recuperación de accesos con Trinity Rescue…..78 10. Hacking de cuenta ROOT en sistemas Ubuntu…85 11. Generación de un Email-spamming…………….93 12. Rastreando delincuentes…………………………101 Cuadernillo de trabajo Seguridad informática – Prácticas de laboratorio 3 Seguridad informática – Prácticas de laboratorio 4 1. Barra de herramientas: contiene una serie de opciones generales que van desde 1.0 MANEJO DE UN KEYLOGGER el ícono para comenzar con el monitoreo, ocultar el programa o desinstalarlo del equipo. Este proyecto está orientado a conocer la forma de operación de una herramienta 2. Ficha de configuración: tras pulsar sobre esta opción, se visualiza una interfaz de monitoreo conocida como keylogger. Así como los alcances de su concepción, con cuatro fichas, sobre las cuales, se efectúan los ajustes necesarios para conseguir que van desde una simple labor de vigilancia con propósitos de mejora, hasta el un resultado óptimo en la tarea de sniffing. robo de información almacenada en el equipo, datos de usuarios registrados 3. Botón actualizar y Eliminar: tras parar el monitoreo y pulsar el botón (credenciales de acceso), etc. actualizar, se mostrará el resultado de las pulsaciones en el área de monitoreo. Este puede eliminarse en cualquier momento. Un keylogger es un software o hardware (este último suele ser más flexible para los 4.
    [Show full text]
  • |FREE| Unix Desktop Guide To
    UNIX DESKTOP GUIDE TO C C EBOOK Author: Sams Staff Number of Pages: none Published Date: 01 Nov 1991 Publisher: Prentice Hall (Higher Education Division, Pearson Education) Publication Country: New Jersey, United States Language: English ISBN: 9780672300943 Download Link: CLICK HERE Unix Desktop Guide To C C Online Read Archived from the original on October 13, What are Computer Programming Languages? Meta magazine. The language was introduced to the public in and is now owned by Oracle. Python OOP 3. Free software projects, although developed through collaborationare often produced independently of each other. Process scheduling subsystem. IBM Developer Works. Archived from the original on October 17, Archived from the original on December 30, Offers a free, extensive course in C fundamentals Microsoft Unix Desktop Guide to c C Academy. Reviews Unix Desktop Guide To C C Archived from the original PDF on January 11, These projects are based on the GTK and Qt widget toolkitsrespectively, which can also be used independently of the larger framework. It is also possible to run applications written for Android on other versions of Linux using Anbox. C Language is a structure-oriented, middle-level programming language mostly used to develop Unix Desktop Guide to c C applications. Main article: Video4Linux. Retrieved April 14, Free and open-source software. Ina new initiative was launched to automatically collect a database of all tested hardware configurations. Archived from the original on May 19, Retrieved January 5, Build a minesweeper app or choose another mini project at Make School. Archived from the original on June 3, About Unix Desktop Guide To C C Writer Java Servlets 3.
    [Show full text]
  • OS-Level Frameworks for Rapid Prototyping of Process Scheduling Algorithms on Linux
    OS-level frameworks for rapid prototyping of process scheduling algorithms on Linux Final Project for the Degree in Computer Science and Engineering Carlos Bilbao Muñoz Advisor: Juan Carlos Sáez Alcaide Grado en Ingeniería Informática (grupo bilingüe) Facultad de Informática Universidad Complutense de Madrid Madrid, Junio de 2020 ii OS-level frameworks for rapid prototyping of process scheduling algorithms on Linux Final Project Report Carlos Bilbao Muñoz Advisor: Juan Carlos Sáez Alcaide Grado en Ingeniería Informática (Grupo Bilingüe) Facultad de Informática Universidad Complutense de Madrid Madrid, Junio de 2020 “No one told you when to run, you missed the starting gun.” - Pink Floyd ii Acknowledgments I am grateful to my advisor, Juan Carlos Sáez Alcaide, from whom I feel very fortunate to have been able to learn. Thanks to him I was not only able to get my first internship, but also meet great people and discovered the fun of research along the way. I also want to thank my parents for their unconditional support. Finally, for all the nice memories I would like to thank the friends I have made these years at UCM. iii iv Abstract Linux is equipped with multiple scheduling algorithms that are implemented as separate scheduling classes. Unfortunately, due to the current design of the scheduler these classes have to be created inside the kernel, which makes difficult to develop and debug new algorithms. In particular, for each new bug detected in the implementation of the algorithm it is necessary to recompile the kernel and reboot the system, thus making development at this level a time-consuming process.
    [Show full text]