.

Example Internal Penetration Test

<<

Rhyder

User avatar

Newbie
Newbie

Posts: 4

Joined: Fri Mar 02, 2007 10:33 pm

Location: Scotland

Post Fri Mar 02, 2007 10:40 pm

Example Internal Penetration Test

Hi Guys, am newbie and I am looking for an Example Internal Penetration Test....  Any help would be well appreciated and rewarded in some form of thanks...  ;)

Yeah, and i need this thing kinda sharpish too, next couple of days if poss...

Oh and Hi, I am Rhyder...... I'll be around quite a bit from now on.  ;D

thanks in advance
Hell Yeah!!!
<<

LSOChris

Post Fri Mar 02, 2007 11:08 pm

Re: Example Internal Penetration Test

what do you want to know?  it would be pretty much the same as a black box / outside pen test, minus having to find which IPs belong to the company.  i am assuming they gave you the IPs to test.
<<

Cutaway

User avatar

Jr. Member
Jr. Member

Posts: 96

Joined: Mon Nov 20, 2006 5:02 pm

Post Sat Mar 03, 2007 12:29 am

Re: Example Internal Penetration Test

Rhyder,
  First I would start with getting signed permission stating what you are going to be doing, which assets you are going to be doing it to, the start and stop times of the testing, and a "if I break anything on accident it is not my fault" clause.  Check out the SANS Policy Project and look at their "Audit Vulnerability Assessment Policy" which is located at http://www.sans.org/resources/policies/.  I have used this as a base in the past and so has Paul Asadoorian http://seclists.org/pen-test/2006/May/0182.html.  There is also this document but with some of the exploits in MS Word running around I did not downloaded it to check it out: http://www.professionalsecuritytesters.org/Documents/getoutofjail/getoutofjail.doc

Next you should look at the Vulnerability Assessment Framework by Toggmeister (a.k.a Kev Orrey) & Lee Lawson which is located at http://www.vulnerabilityassessment.co.uk/Penetration%20Test.html.

That should get you started.  Anything you do will be a product of the environment you are asked to test.  How you are going to do your discovery, enumeration, vulnerability assessment, exploitation attempts, internal capitalization, and reporting are all going to be slightly different depending on the situation.
Go forth and do good things,
Cutaway
<<

Rhyder

User avatar

Newbie
Newbie

Posts: 4

Joined: Fri Mar 02, 2007 10:33 pm

Location: Scotland

Post Sat Mar 03, 2007 3:29 am

Re: Example Internal Penetration Test

Hey Guys, thanks....... what it is I need is an example of how to carry out an Internal Pen test.... like step by step and all that....... i know the tools i should use but am not 100% confident of good strategy.... "start with...... then ......" sorta thing.

Its for an essay due  :S
Hell Yeah!!!
<<

Cutaway

User avatar

Jr. Member
Jr. Member

Posts: 96

Joined: Mon Nov 20, 2006 5:02 pm

Post Sat Mar 03, 2007 3:36 am

Re: Example Internal Penetration Test

Rhyder,

Take a look at the framework that I linked to again.  It is basically a step-by-step example.  What might be throwing you off is the fact that it includes a lot more information than "run this tool then this tool, wash, rinse, repeat". 

Pentesting is a methodology that is dependent on a variety of factors.

Good Luck.
Go forth and do good things,
Cutaway
<<

Rhyder

User avatar

Newbie
Newbie

Posts: 4

Joined: Fri Mar 02, 2007 10:33 pm

Location: Scotland

Post Sat Mar 03, 2007 4:07 am

Re: Example Internal Penetration Test

Thanks for that...... I had a look and found the stuff very helpful, so cheers.... am just gettin a little stressed, will be alright now tho...... thanks.
Hell Yeah!!!
<<

blackazarro

User avatar

Sr. Member
Sr. Member

Posts: 368

Joined: Sun Aug 13, 2006 5:31 pm

Post Sat Mar 03, 2007 5:25 pm

Re: Example Internal Penetration Test

If your already plugged in the organization's network and you don't have any information pertaining to it, for example, IP addresses, type of OS, services running and etc... I would first use
  Code:
tcpdump arp

as the first stage of the test in order to gain terrain awareness. By this, you will get to know the IP addresses of hosts working in the local network. Tcpdump is a passive tool in which it doesn't send any data onto the network but waits for packets sent by other computers. Therefore, the results won't appear right away. You need to be patient. After collecting few IP addresses and knowing the network's address, I would use nmap or other scanners for scanning the entire network in hopes of discovering other computers that was not detected during ARP sniffing with Tcpdump. Now that you have identified all live hosts within the local network, proceed by scanning and enumerating each and one of them for open ports, OS identification, banner grabbing and etc. With this information in hand, start researching for available exploits in the Internet. You can also use a vulnerability scanner such as nessus to facilitate you in finding vulnerabilities for the discovered hosts.

This was my quick and dirty, in a nutshell on internal pen-testing. There's more to this but I hope this will help you get started.

For complete info on the subject refer to the following links for list of docs:

http://www.securitydocs.com/Vulnerability_Management/Auditing/Pen_Test
Last edited by blackazarro on Sat Mar 03, 2007 5:30 pm, edited 1 time in total.
Security+, OSCP, CEH
<<

Rhyder

User avatar

Newbie
Newbie

Posts: 4

Joined: Fri Mar 02, 2007 10:33 pm

Location: Scotland

Post Sat Mar 03, 2007 7:05 pm

Re: Example Internal Penetration Test

excellent, thanks for that, its all useful information for me  :)
Hell Yeah!!!
<<

zillah2004

Post Thu Mar 29, 2007 4:59 am

Re: Example Internal Penetration Test

Thanks for that

Return to Network Pen Testing

Who is online

Users browsing this forum: No registered users and 2 guests

.
Powered by phpBB® Forum Software © phpBB Group.
Designed by ST Software