Uploads Contact
/
Login Upload
NGinx NGinx

NGinx - PowerPoint Presentation

natalia-silvester
natalia-silvester . @natalia-silvester
Follow
538 views
Uploaded On 2016-08-10
About Share Download

NGinx - PPT Presentation

Warhead Sergey Belov whoami Pentester in Digital Security ERPScan Writer habrahabrru Xakep CTF Player Bug bounty member Google Yandex bugscollectorcom creator ID: 440709

proxy nginx reverse dns nginx proxy dns reverse rebinding vuln phishing http part client php apache domain attacker internal

Share:

Link:

Embed:

Download Presentation from below link

Download Presentation The PPT/PDF document "NGinx" is the property of its rightful owner. Permission is granted to download and print the materials on this web site for personal, non-commercial use only, and to display it on your personal computer provided you do not modify the materials and that you retain all copyright notices contained in the materials. By downloading content from our website, you accept the terms of this agreement.

Presentation Transcript

Slide1

NGinx Warhead

Sergey BelovSlide2

whoami

Pentester in Digital Security / ERPScan;

Writer (habrahabr.ru, “

Xakep

”);CTF Player;Bug bounty member (Google, Yandex);bugscollector.com creator.Slide3

intro

Very easy0$

Not mentioned

in the wildSlide4

Part 1/3

NGinx – reverse proxySlide5

NGinx – reverse proxy

Client

Nginx

php

-fpm

ApacheSlide6

NGinx – reverse proxy

Client

Nginx

php

-fpm

Apache

??? http server

attacker.com

vuln.comSlide7

NGinx – reverse proxy

Step 1location / { proxy_pass http://vuln.com;

proxy_set_header

X-Real-IP $remote_addr; }}Slide8

NGinx – reverse proxy

Step 2proxy_set_header Host “vuln.com";sub_filter ‘vuln.com' ‘attacker.com';

sub_filter_once

off;Slide9

NGinx – reverse proxySlide10

Part 2/3

PhishingSlide11

Phishing

NGinx – tool for MitM/phishing?+ Identical design

+ Fully functional working

+ Logging all data (POST/GET)

+ Add custom JS/HTML- Another domain (DNS poising / router hacking, malware, evil apn config e.t.c.)Slide12

Phishing

Pentest Random exploit’s?Change response data (rights of social networks apps)Change apps swf

->

java (exploit)???Slide13

Part 3/3

DNS rebindingSlide14

DNS rebinding

-Another domain

- Very unstable

+ Can attack internal resourcesSlide15

DNS rebinding

Internal, not external!Slide16

DNS rebinding

C:\Users\BeLove>ping

www.ya.ru

Обмен пакетами с

ya.ru [87.250.250.203] с 32 байтами данныхSlide17

DNS rebinding

Remove it from

:

Pentester’s reports Most famous security scannersSlide18

Thanks!

demo:

http://zn.sergeybelove.ru

http

://twitter.com/sergeybelove

Related Contents


Next Show more