Vulnerability Exploitation
In this final stage, all information obtained during the previous steps iscollated, classified and mapped. At this point it is possible to draw a
’map’ of the security behavior of the target site. Possible vulnerabilities
are prioritized according to level of risk, and possible paths of attack
constructed. Vulnerabilities are tried out with exploit code.
• Vulnerability mapping: In this phase, based on all the information
collected in previous Stages, a vulnerability mapping exercise is
undertaken, and all relevant exploit material is gathered. Exploits
are tried on all externally visible systems, such as mail systems, ftp
servers, web servers, etc. For instance, do ftp servers provide any
files of interest? As far as web servers are concerned: do inputs seem
to be validated with regards to length and content restrictions?
• Vulnerability chaining: Based on a comprehensive list of
vulnerabilities, attempts will be made to combine these weaknesses,
so their effect is greater than the sum of individual weaknesses and
vulnerabilities. A common example of this is the exploitation of
trust relationships. As such, possible paths of attack can be
determined.
• Vulnerability exploitation: Possible vulnerabilities are closely
examined and exploit code is run to check whether unauthorized
access could be granted, or any damage could be done to the target
systems.
• Monitoring: During the different phases of this exercise, all
meaningful network traffic is monitored using network sniffers to
detect any information that may be security-sensitive.
This stage completes the assessment by verifying which of the potential
vulnerabilities and attack paths can actually lead to a security
compromise or exposure. If any break-in attempt is successful, an
estimate should be made of potential damage.
No comments:
Post a Comment