Penetration Testing &
Mitigation Techniques
Sean Latimer Yalikun Yasheng Andrew David Masoud Shakiba
Contents
• Penetration Testing – Introduction
• Research Hardware/Software
• John the Ripper – Abstract
• Physical Credential Attacks Results
• Remote Credential Attacks Results
• Metasploit – Abstract
• Metasploit Attack Results
• Mitigation Techniques
Penetration Testing
• What is Penetration Testing?
• Our Project Focus
• Importance of our Project
Target Audience
• 94% of NZ population are active internet users.
• 97% of students have access to a device.
Research Focus – Windows/Linux
Hardware and Software
John the Ripper - Abstract
• What is John the Ripper?
• John the Ripper Modes – Single Crack/Wordlist/Brute-Force
• Main Goal of Attack
Physical Credential Attack – Process
Exploit System – Live Kali Linux
1
Extract Credential Files –
SAM/Shadow
2
Crack Passwords – John the Ripper
3
Physical System Exploitation - Windows
Physical System Exploitation - Linux
Physical
Credential Extraction – Windows (Mimikatz)
Physical Credential Extraction – Linux (Unshadow)
Remote Credential Attack - Process
Create Payload
1
Download
Payload –Victim Machine
2
Escalate Privileges – Bypass UAC (Windows)
3
Run Hashdump – Credential
Information
4
Crack Passwords –John the
Ripper
5
Payload Creation – Windows/Linux
Remote Credential Attacks – UAC Bypass
Remote Credential Attacks - Hashdump
John the Ripper – Wordlist Method
John the Ripper – Brute Force Method
John the Ripper – Single-Crack Method
Results
Physical Credential Attacks
Windows (7/8/10) - Successful
Linux (Ubuntu/Fedora/Debian) – Successful Remote Credential Attacks
Windows(7/8) – Successful
Linux (Ubuntu/Fedora/Debian) – Successful
Metasploit - Abstract
• What is Metasploit framework
• framework that combines various security and exploiting tools
• standardized interface and powerful vulnerabilities assessment
• History of Metasploit
• Establish by HD Moore in 2003 written in Perl
• Migrate framework to Ruby in 2007
Metasploit
generate payload
Metasploit Exploitation
Metasploit Exploitation
Result
Operating system Fresh version Update version
Windows 7 success success
Windows 8 success success
Windows 10 success (detect by defender) success (detect by defender)
Fedora success success
Debian success success
Ubuntu success success
Mitigation Techniques
• BIOS/Start-Up Password – Physical Attacks
• Strengthening Passwords
• Credential Guard – Windows 10
• Windows Defender/Firewall
• Antivirus
• Educating Yourself/Others – Social Engineering/Securing System
Conclusion
• Reflection
• Lessons Learned
• Project Review
Questions?
• e-mail us:
Sean Latimer – [email protected] Yalikun Yasheng – [email protected] Andrew David – [email protected]
Masoud Shakiba – [email protected]
