Forgotten Art of Basic Network Penetration Testing presented at XFocus 2013

by Ryan Baxendale,

Summary : As security researchers we thrive on discovering new and cutting edge methods of breaking down security barriers. We reach for 0day vulnerabilities in new software, 0day techniques to defeat security controls and complex privilege escalation shell code, all in the quest to get the elusive remote shell.But it was not always like this. Compromising security in the early days of the Internet was a simple affair, vulnerabilities revolved around discovering user accounts through services such as finger or smtp, and attempting several weak passwords against a telnet service to get shell. Although the security industry may have advanced greatly, these simplistic attacks are still present today – only as security researchers we have forgotten how to use them, or disregard them as unsophisticated. This presentation will illustrate a new age approach to an old-school style of hacking. Revitalising the attacks of the past with modern technology and proving the fact that history only repeats itself.