网络攻防赛，提升你的安全技术水平.pdf

Tel +41 55 214 41 60 Fax +41 55 214 41 61 teamcsnc.ch www.csnc.ch Compass Security AG Werkstrasse 20 Postfach 2038 CH-8645 Jona Ivan Bütler ivan.buetlercompass-security.com National Cyber Storm Competition HandsHands- -On Security ChallengesOn Security Challenges OWASP AppSec Beijing 2013 © Compass Security AG Slide 2 www.csnc.ch My Name is «Ivan Bütler» CEO Compass Security AG Switzerland © Compass Security AG Slide 3 www.csnc.ch My Home, Switzerland © Compass Security AG Slide 4 www.csnc.ch Compass Security AG Penetration Testing Forensic Analysis © Compass Security AG Slide 5 www.csnc.ch Why am I here? Because we run a Remote Security Lab in Switzerland. It is called HackingHacking- -LabLab Security Puzzles / Challenges / HandsSecurity Puzzles / Challenges / Hands- -OnOn Because OWASP is offering free Hacking- Lab OWASP TOP 10OWASP TOP 10 Web Security Challenges Because Hacking-Lab is being used for NATIONAL CYBER STORM COMPETITIONSNATIONAL CYBER STORM COMPETITIONS Tel +41 55 214 41 60 Fax +41 55 214 41 61 teamcsnc.ch www.csnc.ch Compass Security AG Werkstrasse 20 Postfach 2038 CH-8645 Jona At the endAt the end: You should understand how to setup your own security lab security lab and how to use the freefree OWASP challenges © Compass Security AG Slide 7 www.csnc.ch A long time ago . I was looking for a young jedi knight 俗塵 - 絕地武士 CTF 2007 in Switzerland © Compass Security AG Slide 8 www.csnc.ch 2009 Swiss Cyber Storm 2 Fist Swiss Cyber Talent Competition 瑞士的網絡天賦競爭 © Compass Security AG Slide 9 www.csnc.ch 2011 Swiss Cyber Storm 3 International CTF SCS3 in Switzerland Prize獎 = New CarNew Car新車 © Compass Security AG Slide 10 www.csnc.ch 2013 - Swiss Cyber Storm 4 © Compass Security AG Slide 11 www.csnc.ch Challenge Categories Web Security Malware / Trojan / Bugs Windows Security Apple Security Penetration Testing Networking Forensics Reverse Engineering VoiP / SS7 / GSM Wireless Security Unix / Linux Security Crypto Challenges Programming Fun Challenge iPhone Challenge Android Challenge Tel +41 55 214 41 60 Fax +41 55 214 41 61 teamcsnc.ch www.csnc.ch Compass Security AG Werkstrasse 20 Postfach 2038 CH-8645 Jona What is «Hacking-Lab»? © Compass Security AG Slide 13 www.csnc.ch What is «Hacking-Lab»? © Compass Security AG Slide 14 www.csnc.ch Understanding Hacking-Lab 1)Registration 2)Challenge Details Solving the challenges(VPN) Send Solution Solution Grading Tel +41 55 214 41 60 Fax +41 55 214 41 61 teamcsnc.ch www.csnc.ch Compass Security AG Werkstrasse 20 Postfach 2038 CH-8645 Jona SQL Injection & XML External Entity Attack DemonstrationDemonstration Hacking-Lab Tel +41 55 214 41 60 Fax +41 55 214 41 61 teamcsnc.ch www.csnc.ch Compass Security AG Werkstrasse 20 Postfach 2038 CH-8645 Jona Details about «Hacking-Lab» © Compass Security AG Slide 17 www.csnc.ch What is «Hacking-Lab»? (1) Vulnerable Servers and Applications (Web, Windows, Linux, iOS, Android) (2) Description about the security challenges (3) Tools required for solving the challenges (4) Teacher functions (accept/reject solutions) solutions, solution movies © Compass Security AG Slide 18 www.csnc.ch Details about Hacking-Lab (1/4) (1) Vulnerable Servers and Applications (Web, Windows, Linux, iOS, Android) (2) Description about the security challenges (3) Tools required for solving the challenges (4) Teacher function (accept/reject solutions) © Compass Security AG Slide 19 www.csnc.ch Details about Hacking-Lab Vulnerable ServersServers Remote Security Lab Vulnerable MobileMobile Apps Automatic Revert to Snapshot Automatic Revert to Snapshot Tel +41 55 214 41 60 Fax +41 55 214 41 61 teamcsnc.ch www.csnc.ch Compass Security AG Werkstrasse 20 Postfach 2038 CH-8645 Jona Movie 1: Vulnerable Servers (ESXi) © Compass Security AG Slide 21 www.csnc.ch Vulnerable Servers (ESX Virtualization) © Compass Security AG Slide 22 www.csnc.ch Vulnerable Servers (ESX Virtualization) Vulnerable Servers * SIP Gateway * IIS * Web Security * Fuzzing Challenge * Pyhton Challenge * Mimikatz * Shell of the Future * License Challenge * Nessus Scanning © Compass Security AG Slide 23 www.csnc.ch Vulnerable Servers (ESX Virtualization) Vulnerable Servers * Splung Engine * Java Script Arena * Web Goat * Struts Challenge * Buffer Overflow * HTML5 Challenge * JSP Challenge * Oracle Challenges * Conficker * Metasploit Lab © Compass Security AG Slide 24 www.csnc.ch Vulnerable Servers (ESX Virtualization) Vulnerable Servers * Server LiveCD * SSH Challenge * Backtrack * Unix Challenge * Active Directory * Terminal Server * Chat The Hacking-Lab servers will revert to snapshot revert to snapshot ever 1, 2 or 4 hours © Compass Security AG Slide 25 www.csnc.ch Details about Hacking-Lab (2/4) (1) Vulnerable Servers and Applications (Web, Windows, Linux, iOS, Android) (2) Description about the security challenges (3) Tools required for solving the challenges (4) Teacher function (accept/reject solutions) © Compass Security AG Slide 26 www.csnc.ch © Compass Security AG Slide 27 www.csnc.ch © Compass Security AG Slide 28 www.csnc.ch © Compass Security AG Slide 29 www.csnc.ch © Compass Security AG Slide 30 www.csnc.ch © Compass Security AG Slide 31 www.csnc.ch © Compass Security AG Slide 32 www.csnc.ch Details about Hacking-Lab (3/4) (1) Vulnerable Servers and Applications (Web, Windows, Linux, iOS, Android) (2) Description about the security challenges (3) Tools required for solving the challenges (4) Teacher function (accept/reject solutions) © Compass Security AG Slide 33 www.csnc.ch Tools required to solve the Challenges VPN to Lab OpenVPNOpenVPN into ESX Server Infrastructure LiveCDLiveCD © Compass Security AG Slide 34 www.csnc.ch LiveCD freefree Download http:/media.hackinghttp:/media.hacking- -lab.comlab.com LiveCD ISO LiveCD VirtualBox OVA LiveCD Vmware OVA © Compass Security AG Slide 35 www.csnc.ch Hacking-Lab LiveCD Project © Compass Security AG Slide 36 www.csnc.ch How to connect using VPN VPN © Compass Security AG Slide 37 www.csnc.ch How to use the Browser Browser 1) Two profiles 2) Attacker 3) Victim 4) SwitchProxy 5) LiveHttpHeader 6) . more © Compass Security AG Slide 38 www.csnc.ch How to use ZAP Proxy ZAP Inspection Proxy 1) Web Analysis 2) Man in the Middle 3) Open Source 4) Java based 5) Loading = slow © Compass Security AG Slide 39 www.csnc.ch How to get a Root Shell ROOT Shell © Compass Security AG Slide 40 www.csnc.ch How to access Microsoft XP (VDI) Vmware View VDI © Compass Security AG Slide 41 www.csnc.ch Details about Hacking-Lab (4/4) (1) Vulnerable Servers and Applications (Web, Windows, Linux, iOS, Android) (2) Description about the security challenges (3) Tools required for solving the challenges (4) Teacher function (accept/reject solutions) © Compass Security AG Slide 42 www.csnc.ch Solution Grading as «Teacher» © Compass Security AG Slide 43 www.csnc.ch Solution Grading as «Teacher» Tel +41 55 214 41 60 Fax +41 55 214 41 61 teamcsnc.ch www.csnc.ch Compass Security AG Werkstrasse 20 Postfach 2038 CH-8645 Jona Hacking-Lab for China © Compass Security AG Slide 45 www.csnc.ch Problems for Chinese Users Problems with httpshttps:/www.hacking-lab.com/ It is not working from everywhere in China Problems with OpenVPNOpenVPN It is not working from everywhere in China Proposed SolutionProposed Solution TranslatingTranslating the OWASP TOP 10 to the Chinese language Hosting a Chinese server http:/china.hacking-lab.com © Compass Security AG Slide 46 www.csnc.ch http:/china.hacking-lab.com Future PlansPlans for China China Switzerland PS: Must be checked with Chinese law! Tel +41 55 214 41 60 Fax +41 55 214 41 61 teamcsnc.ch www.csnc.ch Compass Security AG Werkstrasse 20 Postfach 2038 CH-8645 Jona This is a prototype not ready yet! Movie: china.hacking-lab.com © Compass Security AG Slide 48 www.csnc.ch http:/china.hacking-lab.com/ OWASP TOP 10 Challenges in Chinese Language © Compass Security AG Slide 49 www.csnc.ch http:/china.hacking-lab.com/ Tel +41 55 214 41 60 Fax +41 55 214 41 61 teamcsnc.ch www.csnc.ch Compass Security AG Werkstrasse 20 Postfach 2038 CH-8645 Jona Conclusion How to buildbuild your own security security lablab © Compass Security AG Slide 51 www.csnc.ch Conclusion Free OWASP TOP 10 challengesFree OWASP TOP 10 challenges httpshttps:/www.hacking:/www.hacking- -lab.com/sh/yrNdMqklab.com/sh/yrNdMqk Tel +41 55 214 41 60 Fax +41 55 214 41 61 teamcsnc.ch www.csnc.ch Compass Security AG Werkstrasse 20 Postfach 2038 CH-8645 Jona What do you think? Tel +41 55 214 41 60 Fax +41 55 214 41 61 teamcsnc.ch www.csnc.ch Compass Security AG Werkstrasse 20 Postfach 2038 CH-8645 Jona Ivan Bütler ivan.buetlercompass-security.com Thank you very much!