Transferred from: Tsinghua-Zhuge Jian Wei
1. Format requirements: Flash format, screenshot screen video demo
2. Post-processing: magnifying effect/explanatory annotation; with narration recording
3. Each case study divides into the environment preparation, the infiltration utilization and the flaw analysis three video demo, the concrete process:
(a) Environmental preparation process
I. Environmental interpretation
1. Attack aircraft environment (using which attacks software, such as Metasploit,python script ...) )
2. Infiltration Module
3. Drone environment (attack target software, version)
4. Vulnerability description (OSVDB Etc Vulnerability Library Query Access Vulnerability Information)
Ii. installation and start-up of the target software (operating on drone)
Iii. target software opening and version confirmation
1. Server-side: attack aircraft using NMAP scanning and service type identification
2. Client: Can operate on the drone
Iv. Vulnerability Scan Confirmation
1. Server side: Attack using Nessus/openvas scan confirmation
2. Client: May Skip
(b) Infiltration utilization process
I. Select Metasploit corresponding module and view options via info
Ii. choose the applicable payload and explain
Iii. fill in the relevant parameters
IV. If the module supports check, execute check for vulnerability confirmation
V. Implementation of exploit for osmotic use
Vi. initial interaction (e.g. id,whoami,ifconfig, etc.) in the acquired session, confirming the fall
c) Vulnerability Analysis process
I. Interpreting vulnerability analysis tools (e.g. ollydbg/windbg; IDAPRO) and basic processes
Ii. according to the basic description information of the vulnerability, the file module and technical type of the vulnerability
Iii. setting breakpoints through dynamic binary debugging tools, tracking the execution flow of the target software after receiving the penetration data, and determining the trigger point of the vulnerability
Iv. Combining the Idapro tool to analyze the target software program logic, explain the path from the infiltration data input point to the trigger point, exploit the mechanism, and analyze the trigger condition (that is, the essential characteristic of the flaw).