Development and operations a practical guide


Always consider the risk in every action taken



Download 4.62 Mb.
View original pdf
Page62/96
Date11.02.2023
Size4.62 Mb.
#60628
1   ...   58   59   60   61   62   63   64   65   ...   96
1 Joe Vest, James Tubberville Red Team Development and Operations
Always consider the risk in every action taken.
Exploitation without Exploits
Exploitation does not always require exploit based on code flaws. Experienced penetration testers and Red Teamers will use the concept of Exploitation without Exploits. This is the idea of exploiting or compromising a system by using the system design, functions, and configuration against itself. Poor security controls and misconfigurations will often lead to compromise. Not only can using a system against itself support a compromise, it usually involves a smaller IOC footprint. In many cases,
attacking a system without exploits looks very similar to the same activity performed by a network administrator.
There are several techniques a threat can use to exploit, compromise, or gain access to a target system. Do not fall into the trap of canned exploits being needed to achieve goals. Exploits can be rare, costly, and ephemeral. When they work, they are great, but most exploits have a short lifetime.
Good Red Team Operators regularly explore and practice many means of remote exploitation or compromise. This is an ever-changing area of security. Research and practice are needed to keep current on modern techniques.
Web Application Vulnerability
Security has increased over the years, and the number of traditional memory corruption exploits has dropped significantly. This has driven threats to search for alternate means of gaining access to a target. Web applications are excellent targets for exploitation and remote code execution. Although web applications have been around for years, their security is still quite weak and misunderstood.
This makes web applications prime doorways into a network as even the most basic application can provide a backdoor to a threat. In short, web applications are one of the most effective ways to gain remote access to an environment.
Security Misconfigurations
Security has improved over the years, and the number of traditional memory corruption exploits has dropped significantly. This has driven threats to search for alternate means of gaining access to a target. Web applications are excellent targets for exploitation and remote code execution. Although web applications have been around for years, their security defenses are still quite weak and misunderstood. This misunderstanding makes web applications prime doorways into a network as even the most basic application can provide a backdoor to a threat. In short, web applications can be

one of the most effective ways to gain remote access to an environment.
Misconfigured network security rules often provide multiple paths for threat traversal. When systems can communicate freely in a network, they can quickly exchange information. This includes a threat's traffic. It is prevalent for an organization to configure externally facing traffic rules and leave internal network communications wide open. It is also common for credentials to be stored in cleartext in publicly available locations on a network. These credentials maybe user or administrative. Either way, when threats use valid credentials, they look and feel like insiders. It can be very difficult fora Blue Team to distinguish between a threat and a valid user. These are important measurements of security operations capability.

Download 4.62 Mb.

Share with your friends:
1   ...   58   59   60   61   62   63   64   65   ...   96




The database is protected by copyright ©ininet.org 2024
send message

    Main page