|
|
Instructor: Mati Aharoni - Mati is a network security professional, currently working with various Israeli Military and Government agencies. His day to day work involves vulnerability research, exploit development and whitebox / blackbox Penetration Testing. In addition, he is the lead trainer in the "Offensive Security" courses, which focus on attacker tools and methodologies. Mati has been training security and hacking courses for over 10 years and is actively involved in the security arena, and is the core developer of the BackTrack live CD. |
ChicagoCon 2008s Exclusive
This is the first time EVER that this course will be offered as an instructor led class. Add to that the fact that the core developer of BackTrack is there at your disposal for 5 full days of ethical hacking, and it makes this a once in a lifetime opportunity to learn from one of the brightest members of the security community.
"BackTrack to the Max" is a course designed for seasoned security professionals who want to learn about the inner workings of BackTrack. Topics such as offensive scripting, VPN auditing, Software Exploitation, Web Application Auditing and more are discussed. This course gives an advanced understanding of the penetration testing process -using BackTrack - and is a highly recommended course for security auditors.
What Is BackTrack?
BackTrack is the result of the merging of two Innovative Penetration Testing live Linux distributions - Whax and Auditor. BackTrack has been dubbed as the best Security Live CD today, and has been rated 1st in its category, and 32nd overall in Insecure.org. Based on SLAX (Slackware), BackTrack provides user modularity. This means the distribution can be easily customised by the user to include personal scripts, additional tools, customised kernels, etc.
This course will be taught using BackTrack 3 which has yet to be released as a stable version. Until then try the Ethical Hacker Network's version of BackTrack 2, the only official version of BT with Metasploit 3. It is also packaged as a VMware Virtual Appliance for the ultimate in learning convenience.
Certification Information
Students attending this class will be able to take the 'BackTrack to the Max' certification Challenge online after the course ends. The challenge can be scheduled up to the end of Aug 2008.
BackTrack to the Max
Cracking the Perimeter
Overview:
The first real hurdle during an external pentest is cracking the organizational perimeter. Back in 2003, the average RPC remote exploit would do the job, however this is not the case anymore. Defensive security technologies have adapted themselves to the harsh reality of the internet, and security awareness is on the steady increase. “Cracking” the organizational perimeter is getting harder and harder as time goes on.
“BackTrack to the Max” is an intensive, hardcore, hands on Security class by the creators of Backtrack designed to take you through advanced, modern day “Perimeter Cracking” scenarios ‐ all based on the award winning live Distribution ‐ BackTrack 3. The course is composed of several "hardcore drilldowns", such as bypassing ASLR during exploit development, injecting malicious code into files under Windows Vista, bypassing Antivirus systems, practical Cisco GRE sniffing attacks, VPN attacks, etc ‐ all based on the award winning live Distribution‐ BackTrack 3.
The course is heavily laced with the “do it yourself” approach, and will expose you to the raw underlying mechanisms of the various attack vectors, enhancing your skills in these areas significantly.
Topics Covered:
• The 0day angle:
o Fuzzing with spike
o Basic shellcode development
o Working in limited buffer spaces Egghunters
o Practical exploitation methods (under Vista)
o Developing client side attacks
• The Web Application angle:
o Code analysis to pwnage – PHP based analysis
o SQL Injection revisited – ASP based analysis
• The Network Infrastructure angle:
o Bypassing ACL’s using spoofed SNMP packets
o Common VPN attacks
o Remote packet sniffing over GRE tunnels (demo)
• Trojan Horses:
o Backdooring PE files under Windows Vista
o Simple “Super Trojans” – Bypassing Personal Firewalls with 15 lines of code
o Antivirus Avoidance
Course Prerequisites:
o Students need to be comfortable in Linux ‐ We'll be using BackTrack during the whole course as our attacking platform. Navigating through directories, executing scripts and tools and writing basic bash scripts are the basic skills expected from the student.
o A solid understanding of TCP/IP and various network services (DNS, DHCP, etc).
o A fair understanding of penetration testing methodology and familiarity with common tools of the trade and attack vectors (basic SQL injection, password attacks, etc).
o An understanding of the mechanisms behind Win32 Buffer Overflows.
o Knowledge of a scripting language (Perl, Python, Ruby) is recommended, but not required.
Who should attend?
“BackTrack to the Max” is a highly technical course aimed at security professionals. People with entry level “hacking” security certifications in need of modern and practical real world penetration testing experience and insights should attend. This is not an entry level course. Students are expected to be familiar with the basic methods and methodologies of an attack as a prerequisite.
Lab Description
This course includes complex hands on labs throughout the training. All students will be provided with pre‐configured VMware machines for the duration of the course for a personal and in depth learning experience. We will break Windows 2000, XP SP2, Vista and Cisco – all using a special version of BackTrack 3 specially designed for this course.
|
