Abstract

This Null Puliya session would walkthru the steps below which could be followed to find vulnerabilities, exploit these vulnerabilities and finally achieve system/ root.

Generally, we go through the following stages when solving a vulnerable machine:

• Finding the IP address
• Port Scanning
• Rabbit Holes?
• From Nothing to a Unprivileged Shell
• Unprivileged Shell to Privileged Shell In this session, we will walk-thru, what can be done in each separate stage. Will provide Tips and Tricks for solving vulnerable VMs. Additionally Infrastructure PenTest Series : Part 2 - Vulnerability Analysis could be referred for exploitation of any particular services (i.e. it provides information such as “If you have identified service X (like ssh, Apache tomcat, JBoss, iscsi etc.), how they can be exploited”).

Requirement:
- Laptop with Virtual box and a vulnerable Machine (Any)
- Would suggest to have the vulnerable machine running on Host Only Interface, so that we can directly start.

Speaker

Vijay Kumar

Timing

Starts at Saturday April 28 2018, 10:10 AM. The sessions runs for about 6 hours.

Resources