Hybrid Kill Chain & Attack Methodology

Report by Miguel Bigueur & Les Davis

image2.png

Figure 1. Anatomy of a URL and Web Server Architecture.

The intent is to manipulate URL inputs as a method of infiltration by means of legitimacy. The goal here is to masquerade as legitimate traffic in an effort to penetrate firewalls uninhibited, while bypassing all pre-established defense mechanisms. Once this is achieved, an attacker is afforded the opportunity to escalate privileges with an opportunity to engage in lateral movements.

A few tools that can be used to help discover vulnerabilities in web and mail servers include: Continue reading

Defending Against Password Attacks

Login

Let’s face it; MAC filtering is not an effective way to combat brute force attacks against pre-shared keys. On my Access Point (AP) at home, in other words my home router, I use MAC filtering not as a security mechanism but rather as a way to assign a private IPs to a specific device’s MAC address using a method called “IP Reservation” with DHCP. This basically ensures the IP is reserved and ready for use on that particular device the next time it connects to the network. With that said, defeating MAC filtering in regards to cracking pre-shared keys is very doable. MACs can be masqueraded “spoofed” very easily, such as, capturing an end-user’s MAC address using a passive network scanner. Continue reading