Standard penetration test process: 1 after the early stages of interaction intelligence-gathering phase 2. 3. 4. threat modeling phase vulnerability analysis phase 5. Phase 6. penetration phase penetration attacks 7. Report Stage
1. The early stages of interaction
Tests to determine the scope, objectives, and possibly special needs
Penetration test objectives:
The effect desired effect and low waist
Example:
What the business needs is penetration testing
For the purpose of this surveillance audits of the test or simply to follow the standard procedure
What is the goal
Osmosis module developed for network, system or application vulnerabilities
Penetration terms and definitions used in the test:
https://blog.csdn.net/fuhanghang/article/details/83756025
MD5: irreversible encryption algorithm
Broiler: The control computer
Catching chickens: process control computer
Springboard: attacker exploit to attack other computers, other computer is a springboard. Recorded IP is to be the object of attack control computer ip IP instead of the attacker, the best way is to hang VPN, the catch chickens, broiler last used a springboard to attack
webshell: Web site back door
Mention the right: generally refers to the upgrade server permissions
Source package:
Database library off
Sniffer: Sniffer capture
rootkit: system-level vulnerabilities
cms: Web Content Management System
2. intelligence-gathering stage
Surface active scan and passive scan: active and passive information collector to collect the information
Obtaining Network Information: Scanning service is running, open ports, and verify all services running on these ports, and then determine that these services can be attacked, and they decide how to use the channel as a target of invasion
Step decomposition:
Time to select the target of the attack, determined to achieve the effect of the attack and the entire process takes the attack: target selection
Privacy collected: Information Collection includes device information used to check, even from the information collected in the discarded waste. (Social engineering && white box)
Check out the location of work: including active and passive scanning technology and software for deployment on target
Verify that the target using security mechanisms: Contains firewall target used to confirm the work of protection of network traffic filtering system, network and host, etc.
3. Threat Modeling stage
Target accurately simulate the effect of threats and these threats and possible threats and targets generated to be classified according to these threats. According to the analysis before making the information gathering stage, to make the best attack
Solve the problem:
How to attack a specific network
Those need to obtain important information
Those using more appropriate method of attack
What are the biggest target for security threats
Threat Modeling role
Collect relevant documents related to a high level of threat
Identify resources the organization in accordance with the basic classification
Identification and classification of threats
The organization's resources mapped to model
4. Vulnerability analysis phase
Refers to find vulnerabilities in a system or application process is mainly to test, verify and vulnerability research
Test: Contains active testing and passive testing of those places may be loopholes, testing and initial attempts
Verification: verification of the results of the tests carried out, mainly by removing false positives and manual verification to confirm the existence of loopholes
Study: trigger the vulnerability and confirmed his presence
5. penetration attacks stage
Use the results of vulnerability analysis for intrusion method using loopholes in the target system corresponding to get the appropriate control authority
6. After the penetration stage
More execute commands on the basis of penetration attacks, more threats manufacturing privilege escalation, upload and download files, a springboard for attacks
7. Report Stage
Reports include: targeting the most important threats, the resulting data will generate graphs penetration of recommended improvements to the target system, and fix for these problems