Security Testing for entities hosted in cloud

For the applications that are getting migrated to cloud / planned to be hosted in the cloud will need additional security considerations. Failure to ensure proper security protection when using cloud services may potentially result in higher costs and loss to business. Organizations must consider security controls for different services viz. Infrastructures as a service(Iaas), Software as a service (SaaS) or Platform as a service. Which applications should be moved to cloud?     ·         Low to Medium Risk What are the key security risks while hosting in cloud?     ·         Isolation Failure – Multi tenancy is a key thing in cloud. Failure in controls that separate the storage, memory, identity and access control and routing between tenants is a huge risk.     ·         Authentication and Authorization     ·...
Post a Comment

Getting comfortable with Linux

As a pentester most of the times you work on a linux destro and it important that you have the basics right so that you do not search for the commands every-time you try to do something. Best is to train yourself on linux 1st before you get into this side.

I will try to keep this concise and keep updating it as & when I can think of something:

-----------------------------------------------------------------------------------
Common Internet Searches from the terminal :)
-----------------------------------------------------------------------------------
[A] Google search:

    firefox www.google.com/search?q=Harshwardhan\ Kamdi
        (Use the '\' seperator to continue the query. If the '\' seperator is not used then each word seperated by space will be treated as a new website. For e.g. in above example if the '\' is not used then firefox will open google and search for Harshwardhan and then it will open another tab and search for Kamdi.com ;))

    Blah Blah Blah.....
        Found a much easier way - Enter the following code in a terminal:
            google() {     search="";     echo "Googling: $@";     for term in $@; do         search="$search%20$term";     done;     xdg-open "http://www.google.com/search?q=$search"; }

            ===> Once done then keep searching from the terminal as : google "query"   :)

        Google "Search query"
        For Example: google "This is my search" and Hurrah.. this will open the default browser and search for it :)


[B] Youtube search:
    www.youtube.com/results?search_query=this

[C] Opening a Private browsing session?
    Terminal > firefox --private

---------------------------------------------------------------
Symbolic link
---------------------------------------------------------------

Problem: After installing my fav text editor - Sublime there was no way to launch it from the terminal...
Solution: Add a symbolic link

sudo ln -s /opt/sublime_text/sublime_text /usr/local/bin/sublime

Now the sublime text editor can be launched from the terminal by simply typing 'Sublime'

---------------------------------------------------------------
Check and Kill Running Processes:
---------------------------------------------------------------

1. List the running Processes                 ps aux
2. Check running processes from a user        ps aux |grep 'username'  or ps -ef | grep 'username'
3. To kill a Processes                         pkill "process name" for e.g. pkill firefox  if there are multiple instances then killall firefox

---------------------------------------------------------------
Finding Files
---------------------------------------------------------------

https://help.ubuntu.com/community/FindingFiles

find / -type f -name "" would do the trick if you know exact filename.
find / -type f -iname "filename*" if you want to match more files.

locate some-file.avi searches through a database(s) that is maintained of almost every file on the disk, for a file called "some-file.avi"
locate -i "some-file.avi" will ignore the case of the file you are searching for.
locate -i "*.txt" will display a list of location of all the files with *.txt extension on your system.

-------------------------------------------------------------------
Checking Installed programs and packages
-------------------------------------------------------------------
dpkg --get-selections | grep -v deinstall
dpkg --get-selections | grep -v deinstall > ~/Desktop/packages   ----> To get the list of installed packages in a file.

----------------------------------------------------------------------
Scheduled Tasks
----------------------------------------------------------------------
https://help.ubuntu.com/community/CronHowto

----------------------------------------------------------------------
Deleting 1 line at a time in nano editor
----------------------------------------------------------------------

Go to the beginning of the line and press 'ctrl + K'

------------------------------------------------------------------------------

Encoding and Decoding in Base64

Many times during pentesting you will get some text that is encoded in base64 which you want to decode quickly - like tracing a SAML token or trying to see if there is some hidden gem in it !!!''

At times while uploading a reverse shell you may want to encode your string with base64.

While there are tons of ways in which this can be done e.g. Notepad++ plugin etc however the quick and handy from the terminal of your linux box is 'openssl'

To Encode:

openssl base64 -e <<< 'Welcome to Pentestknights blog'








To Decode:

openssl base64 -d <<< encoded text







Comments

Post a Comment

Popular posts from this blog

Change the default SSH keys in Kali Linux ......One important step post installation

All of know that we can authenticate to a box without password if you have the SSH keys. The Kali images have known ssh keys and must be changed.  Here is how you can do this:  Move the default Kali ssh keys to a new folder: cd /etc/ssh/ mkdir default_kali_keys mv ssh_host_* default_kali_keys/ This will move your default keys to the new folder... Regenerate the keys: dpkg-reconfigure openssh-server Creating SSH2 RSA key; this may take some time ... Creating SSH2 DSA key; this may take some time ... Creating SSH2 ECDSA key; this may take some time ... insserv: warning: current start runlevel(s) (empty) of script `ssh' overrides LSB defaults (2 3 4 5). insserv: warning: current stop runlevel(s) (2 3 4 5) of script `ssh' overrides LSB defaults (empty). Verify ssh key hashes are different: md5sum ssh_host_* Compare new key hashes to the hashes below) cd default_kali_keys/ md5sum * b9419ea3a8fff086c258740e89ca86b8 ssh_host_dsa_key f9a5b57d7004e3740d07c5b037d15730 ssh_host_dsa_key.p...
Read more

Keeping logs of your console commands during pentesting

Image
While it is very important to keep the screenshots and the results of your tools logged and recorded correctly, consistently and extensively, it is equally important to keep your console logs. This is very helpful when you are done with your penetration test and recall later during the results analysis / report writing that - what was the result of 'that' command I ran??? It is very commonly missed out by most pentesters - at least the beginners. While there are many ways in which you can do this: 1] copy paste the console logs and save it in your fav text editor 2] use a systematic approach I am sure method [1] is known to all :) Let's learn method [2] - Use script yes there is in inbuilt tool / script in linux that you can make use of: script usage: script filename.log This will start a process and it will keep logging the console output to this file. Once you are done just 'exit' Not to mention that care must be taken that you do not exit this process in between ...
Read more