interactive_reverse_http_s_sessions
Differences
This shows you the differences between two versions of the page.
Both sides previous revisionPrevious revision | Next revisionBoth sides next revision | ||
interactive_reverse_http_s_sessions [2016/10/12 10:54] – lucy | interactive_reverse_http_s_sessions [2016/10/12 10:57] – lucy | ||
---|---|---|---|
Line 1: | Line 1: | ||
- | ==== Background Info ==== | + | ===== Background Info ===== |
Not only does the popular perimeter-based approach to security provide little risk reduction today; it is in fact contributing to the increased attack surface criminals are using to launch potentially devastating attacks. In general, the perimeter-based approach assumes two types of agents: insiders and outsiders. The outsiders are considered to be untrusted while the insiders are assumed to be extremely trustworthy. This type of approach promotes the development of architectures where networks are clearly broken into delineated “trusted” zones and “untrusted” zones. The obvious flaw with the perimeter approach is that all the insiders — that is the employees of a business — are assumed to be fully trustworthy. | Not only does the popular perimeter-based approach to security provide little risk reduction today; it is in fact contributing to the increased attack surface criminals are using to launch potentially devastating attacks. In general, the perimeter-based approach assumes two types of agents: insiders and outsiders. The outsiders are considered to be untrusted while the insiders are assumed to be extremely trustworthy. This type of approach promotes the development of architectures where networks are clearly broken into delineated “trusted” zones and “untrusted” zones. The obvious flaw with the perimeter approach is that all the insiders — that is the employees of a business — are assumed to be fully trustworthy. | ||
Line 5: | Line 5: | ||
With LUCY, we are now able to expose how the emerging breed of attackers are able to leverage application and browser flaws to launch “inside-out” attacks, allowing them to assume the role of the trusted insider; a type of attack used in the "1 Billion Dollar Heist" (see page 9 https:// | With LUCY, we are now able to expose how the emerging breed of attackers are able to leverage application and browser flaws to launch “inside-out” attacks, allowing them to assume the role of the trusted insider; a type of attack used in the "1 Billion Dollar Heist" (see page 9 https:// | ||
- | ==== About the Tool ==== | ||
- | The tool is called " | + | ===== About the Tool ===== |
+ | |||
+ | The tool is called " | ||
+ | |||
+ | |||
+ | ===== Differences to MSF ===== | ||
+ | |||
+ | LUCY is mainly a tool that simulates social hacks with a big variety in attack templates. Those predefined attack templates can be combined with actual malware simulations, | ||
+ | |||
+ | |||
+ | ===== Security Concerns ===== | ||
- | ==== Security Concerns ==== | ||
The Tool only runs in the memory (called “file” in Process View). After the termination, | The Tool only runs in the memory (called “file” in Process View). After the termination, | ||
- | ==== Configuration ==== | + | ===== Configuration |
To be able to perform an interactive attack, the user needs to download and execute the file that LUCY creates during the campaign. On the user's side, the file requires no installation (it runs as a portable executable) and needs only standard Windows user rights. | To be able to perform an interactive attack, the user needs to download and execute the file that LUCY creates during the campaign. On the user's side, the file requires no installation (it runs as a portable executable) and needs only standard Windows user rights. | ||
Line 20: | Line 28: | ||
You can either choose to send the attachment via Email (use the network activity report) or create a download page (e.g. select the VPN Download scenario). The specific Malware Simulation Settings can then be edited, either within the landing page template or the email template. To perform an attack with the interactive shell, please select " | You can either choose to send the attachment via Email (use the network activity report) or create a download page (e.g. select the VPN Download scenario). The specific Malware Simulation Settings can then be edited, either within the landing page template or the email template. To perform an attack with the interactive shell, please select " | ||
- | {{120.jpg? | + | {{ 120.jpg?600 }} |
If you only want the executable to be provided as a download link and not an email attachment, simply select the " | If you only want the executable to be provided as a download link and not an email attachment, simply select the " | ||
Line 28: | Line 36: | ||
\\ | \\ | ||
- | ==== Where to type in your commands? ==== | + | ===== Where to type in your commands? ===== |
All interactive sessions can be configured in the Top Navigation Menu under " | All interactive sessions can be configured in the Top Navigation Menu under " | ||
Line 38: | Line 47: | ||
\\ | \\ | ||
- | ==== What commands are supported? ==== | + | ===== What commands are supported? ===== |
The tool allows you to use a limited set of commands. Some commands in Windows are not executable, they are built into the command line (Example of command with executable: whoami). | The tool allows you to use a limited set of commands. Some commands in Windows are not executable, they are built into the command line (Example of command with executable: whoami). | ||
Line 47: | Line 57: | ||
* cmd /c dir " | * cmd /c dir " | ||
\\ | \\ | ||
- | ==== Where to download the session logs? ==== | + | |
+ | ===== Where to download the session logs? ===== | ||
All raw session logs can be downloaded under Statistics/ | All raw session logs can be downloaded under Statistics/ | ||
Line 55: | Line 67: | ||
\\ | \\ | ||
- | ==== Can I upload my custom payload to the client? ==== | + | ===== Can I upload my custom payload to the client? ===== |
Within a session you can upload your own custom payload to the victim' | Within a session you can upload your own custom payload to the victim' |
interactive_reverse_http_s_sessions.txt · Last modified: 2021/03/15 17:58 by lucy