In this how to I am going to describe how to do a serious pentest in a short time span (two weeks).
The reason I write this is since I think a lot of people really "don't get" it.
A lot of people #even professionals# are completely dependent on third-party tools, a lot of "pentest" companies use Nessus, import this to the MSF launch a bunch of exploits.
Get some shells and call it quits. And if metasploit fails a lot of people just leave it be.
Therefor I feel smug enough to tell everybody how to do it proper in a short time span, just two weeks.
First we determine the parts of a pentest, these are:
- Legal
- Reconisance
- Attack
- Maintaining Access
- Reporting
All of them are important. And remember, NEVER do something before the previous step is completed.
First you need to get legal in order. Best way of doing this is get a lawyer to do all of this.
And don't even show your face or let them hear your voice. You're going to need these to con the CEO, CISO and Secratary.
Get everything in writing, put the original in your safe and make copies to always have with you when you are 'on the job' this is so you can actually escape if you get caught.
If you don't have this contract on you might have a very nasty evening with law officials.
Consult with your lawyer if it's required you'll need to inform local law enforcement in the area where you are doing this attack.
I assume the contract and initial payment is made on Monday #day 0#.
Reconisance
[[ Will be added if people are interested in this ]]
Attack
[[ Will be added if people are interested in this ]]
[[
Here I'll go on about a serious attack factor. More so than Nessus->MSF->Shell.
I'll examine the attack factors in this part, these are.
User -> Social Engineer your way in.
Application -> 0day attack, and 0day development in a short time span.
Network -> Gaining access and escalate
Physical -> Lock pick, look at video cameras
]]
Maintaining Access
[[ Will be added if people are interested in this ]]
Reporting
[[ Will be added if people are interested in this ]]
I've just written the first part of this as I need to get my echo stroked before I finish this write-up.
I hope people are interested in a writeup like this, and if so. I'll gladly finish this write-up.
- Stolas
« Last Edit: October 18, 2012, 10:11:02 AM by Stolas »
Whenever you think you can or can't your right.