Vulnerability Assessment Fundamentals
Vulnerability Assessment Fundamentals
Sections in This Note
- Vulnerability
- Auditing Fundamentals
- CIA Triad
- Compliance Regulations
- Frameworks and Maturity
- Exploiting Bash CVE-2014-6271 Vulnerability (Shellshock)
Vulnerability
A weakness in the computational logic (e.g., code) found in software and hardware components that, when exploited, results in a negative impact to confidentiality, integrity, or availability.
Auditing Fundamentals
Cybersecurity is the practice of defending computers, servers, mobile devices, electronic systems, networks, and data from malicious attacks. Also known as information technology security or electronic information security.
CIA Triad
- Confidentiality: Only authorized users and processes should be able to access or modify data.
- Integrity: Data should be maintained in a correct state and nobody should be able to improperly modify it, either accidentally or maliciously.
- Availability: Authorized users should be able to access data whenever they need to do so.
Compliance Regulations
- PCI DSS: Payment Card Industry Data Security Standard. Mandated by card brands and administered by the Payment Card Industry Security Standards Council. Created to increase control around data to reduce credit card fraud.
- HIPAA: Health Insurance Portability and Accountability Act of 1996. US regulation for the use and disclosure of Protected Health Information (PHI). Final rule on security standards was issued on February 20, 2003.
- GDPR: General Data Protection Regulation. Maintained by the data protection and privacy law in the European Union and the European Economic Area. Controllers and processors of personal data must put in place appropriate technical and organizational measures to implement data protection principles.
- CCPA: California Consumer Privacy Act. Intended to enhance privacy rights and consumer protection for residents of California, US.
Frameworks and Maturity
- ISO/IEC 27000: International Organization for Standardization and the International Electrotechnical Commission.
- COBIT: Control Objectives for Information and Related Technologies.
Host Based Attacks
System/Host based attacks target a specific system or host running a specific operating system (Windows or Linux). These attacks usually come into play after gaining access to a target network, whereby you exploit servers, workstations, or laptops on the internal network. They focus on exploiting inherent vulnerabilities in the target OS.
Windows Vulnerabilities
Exploiting Bash CVE-2014-6271 Vulnerability (Shellshock)
Shellshock (CVE-2014-6271) is the name given to a family of vulnerabilities in the Bash shell (since v1.3) that allow an attacker to execute remote arbitrary commands via Bash, consequently allowing remote access via a reverse shell.
The vulnerability is caused by Bash mistakenly executing trailing commands after a series of characters: () { :; };
Burp Suite can be used: after forwarding to Repeater, change the User-Agent value to, e.g.:
() { :;}; echo; echo; /bin/bash -c 'cat /etc/passwd'
https://github.com/opsxcq/exploit-CVE-2014-6271