Penetration Testing

What is Penetration test?

A penetration test, or as you may call it pentest, is an attack on a computer system .
The intention of this attack is to find security weaknesses and thus gaining access to it.
Following is the process that leads to gaining access to data and functionality of the targeted system :

1.    Identify the goal2.    Identifying the target systems
3.    Reviewing the available information

What can be the targets , let’s see :

Following can be the potential targets for penetration test :
1.    light purple box (where all background and system information is provided) or 
2.    A black box (where only basic or no information is provided except the company name).
Image result for penetration testing icon

What does a penetration test target reveal?

 A penetration test can help us understand that whether a system being targeted is vulnerable to attack.
It also tells about the defences available against the attack and if those  defences are sufficient enough to protect the system from a potential attack.
Also it can reveal which defences  got defeated in the penetration test.

The process involved in penetration testing:

    • Discovering a combination of legal operations that will let the tester execute an illegal operation
    •  unescaped SQL commands
    •  unchanged salts in source-visible projects
    •  human relationships, using old hash/crypto function.

  1. Fuzzing is a technique used to discover vulnerabilities. Under this technique we need to get an unhandled error through random input. Random input will allow the penetration tester to use less often used code paths . It is important because as we know well-trodden code paths would have usually been rid of errors. Errors can expose information, such as HTTP server crashes with full info tracebacks .

  2. Take for example a website having several text input boxes. A few of them would be vulnerable to SQL injections on certain strings. So if we test these textboxes by submitting random strings , hopefully it might hit the bugged code path. The error will show up as a broken HTML page half rendered because of SQL error.

  3. Software systems have many possible input streams including textboxes, such as cookie/session data, the uploaded file stream, RPC channels, or the memory. In any of these input streams, errors can happen.

  4.  As a penetration tester, our goal must be to get hold of an unhandled error, and then analyse the nature of the flaw. Then write an automated tool to test this until it is corrected. Package the illegal operation so that its execution will be triggered. The illegal operation, also known as payloads can be:   

    •      Remote mouse controller
    •      Webcam peeker
    •      Ad popupper
    •      Botnet drone
    •      Password hash stealer