EH-Net

Offensive Security recently posted a 20 minute video at their blog in which they reconstructed a pentest they performed. It's an excellent video IMHO. Muts has again done a fantastic job and tried to explain every single step he took.

Penetration Testing in the real world. If you are tired of “Hacking with Netcat” webcasts or “Penetration Testing with RPC DCOM”, then this movie is for you. It’s a quick reconstruction of a Security Audit we preformed over a year ago, replicated in our labs. The video is under 20 minutes long, and highly edited – attacks rarely go as quickly and smoothly as this !

Check the video here:-
http://www.offensive-security.com/videos/penetration-testing-in-the-real-world/

Muts strikes back with another great network scenario. Great find Equix3n- - Nice and comprehensive video.

That was a great video thanks for sharing.

Thanks for sharing.   That was a great video!

I still need to find 20 minutes where I can sit down and watch it.  :-\

I think EHNet members can post similar videos constructing scenarios from their actual pentests. That would be an awesome resource as almost everyone has his own little tricks and we can learn from each other. Even writing articles explaining how they approached a pentest would be very useful.

Excellent demo and explanation for how they did it and the mindset they used to work into the environment. Some great work and clever thinking.

What I take from it, from the defense side, is that some simple, good practices would have stopped the attack in its tracks.

As an example, if the servers weren't allow outbound access to any locations, the tunneling would have failed. Simple controlled egress filters would have successful "saved" the target from being exploited in this way.

The OffSec folks built a replica lab environment of the actual pen test.   You can't really include the results of a live pentest in a training video.   Most clients wouldn't go for that.   I am wondering how many hours were spent on recreating the environment and creating the video.

I dunno, but based on the detail that I've heard they have in the OSCP lab (I signed up, today, for the 60-day OSCP v3,) I'd bet they did it pretty quickly.  After all, if you KNOW what you exploited, it shouldn't be too hard to recreate, right?  ;)

I showed this video to my developers.  I used it to interest them in the actual threats posed by "minor holes." It was an attempt to help them understand how a bad guy leverages various holes to gain control of the entire network.

I also showed a sanitized screenshot of sqlmap dumping a HR DB through a simple website.  This was an effort to show them the danger of reusing accounts repeatedly.

I think that the combination worked well.  I immediately received email questions and comments. 

Anyone else try this?

Thanks for sharing! downloading now and i will check it later. If it is a DCOM exploit it should be that hard to build it in a replica environment?

Great movie!  Keep em coming if anyone have more such videos.  Kinda great when it's not just a tut on a single method, but when its all put together its awesome =)

Sweet video! Thanks!

watched the video the other day and i must say i'm impressed! this truely shows the hacker mindset you need to thourougly scan a complete network, finding the right puzzle pieces to finish and to think out of the box. this one goes into my collection!

Hey,

@mtgarden: I have showed the video to the developers, managers and even a director where I work. I paused the video every  minute or so and explained in simple words what he was doing. It was very, very well received!!!

I will probably start demos and presentations during lunch time on topics such as "How to secure a wireless router", "SQL Injection", "How to code securely", etc...

Even if it wasn't my goal at all, it kind of put me on the map!  ;D

I encourage you guys to do the same.

I found more articles by muts explaining how he conducted some pentests. There's no video this time, still the articles will help a lot of people.

A White Hat's Penetration Test  (http://www.securitypronews.com/2003/1216.html)

How I Got Root A Penetration Testers Diary (http://www.webpronews.com/topnews/2004/02/11/how-i-got-root-a-penetration-testers-diary)

Penetration Test : My Meanest Hack (http://www.webpronews.com/topnews/2004/02/10/penetration-test-my-meanest-hack)

Also, how can someone forget the 15 minute network pentest video series by Ryann Linn!
Video: The 15-Minute Network Pen Test Part 1  (http://www.ethicalhacker.net/content/view/227/24/)
Video: The 15-Minute Network Pen Test Part 2  (http://www.ethicalhacker.net/content/view/238/24/)

These clearly demonstrate the hacker approach and give you a 'virtual' experience of a pentest. Excellent stuff for beginners! Furthermore, I suggest going through sample pentest reports available to you. The methodology section in these reports is nothing more than how the tester approached the pentest. I enjoy going through them, if nothing more than just to see different approaches taken by different pentesters. Moreover, they always give you little tips/tricks.

man, i cant get enough of those pentest stories! thanks for the find!

the 15min pentest vids are on EH.net also, remember these is more then just a forum ;)

I've provided the forum link only  ;)

Finally got around to watching this. Wow is there so much that I don't know.

[/b]

the same thing keeps amazing myself too...

Nice video, thanks for sharing.