New Technique of Penetration Test (Proposed by Ray Aegis)

資安議題研究區

New Technique of Penetration Test (Proposed by Ray Aegis)

Postby BlueStar » Tue Jul 01, 2014 4:54 pm

Black-box information security diagnosis is often challenging, because of limited information and no prior knowledge. Testers usually get error messages and need to spend much time digging into issues, trying hard to minimize both false negatives and false positives. It’s usually infeasible for testers to find all the exploits manually. Automatic tools have very limited help to identify previously unknown issues, and they are blocked by defending systems easily. We have come up with new idea to make the process more efficient and provide better proof of concepts.

We propose EUU (exploits under uncertainty), a technique which applies statistical methods under uncertainty to find working exploits and zero-day issues of applications automatically.

The software of proof of concepts is built and tested on working platforms to prove that the results will be convergent to exploits like SQL injection, Cross-site scripting, DoS, and buffer overflow. It can fuzz and then find transformed requests to bypass or crash defending systems like web application firewalls and ASP.NET built-in features to fend off web attacks as well. Zero-day exploits may be generated, without manual work.

In a recent test, we have applied the mechanism to find dozens of critical issues for an organization, which has deployed defending systems like WAF. Their systems are periodically evaluated by penetration tests and vulnerability scanning, and no critical issue was found before.

Details to be released after conference...
BlueStar
 
Posts: 54
Joined: Fri Jun 06, 2014 5:01 pm

Return to 研究專區(Research Area)

cron