Attack Tool Repository and Player for ISEAGE May 06-11 Team:Jeremy Brotherton Timothy Hilby Brett...

Attack Tool Repository and Attack Tool Repository and Player for ISEAGEPlayer for ISEAGE

May 06-11 Team:May 06-11 Team: Jeremy BrothertonJeremy Brotherton

Timothy HilbyTimothy Hilby

Brett MastbergenBrett Mastbergen

Jasen StoekerJasen Stoeker

Faculty Advisor:Faculty Advisor: Doug JacobsonDoug Jacobson

Client:Client: Information Assurance Information Assurance CenterCenter

April 25, 2006

May06-11 ISEAGE Attack Tool RepoMay06-11 ISEAGE Attack Tool Repository and Playersitory and Player

22

OutlineOutline IntroductionIntroduction

– Project background and requirementsProject background and requirements Project activitiesProject activities

– Research, design, implementation, and testingResearch, design, implementation, and testing Resources and scheduleResources and schedule

– Personnel and financial Personnel and financial Closing materialClosing material

– Project evaluationProject evaluation– Lessons learnedLessons learned– Risk managementRisk management– Closing summaryClosing summary


33

DefinitionsDefinitions ASPASP - Active Server Pages, programming language for dynamic - Active Server Pages, programming language for dynamic

websites.websites. ExploitExploit - An attack on a computer system that takes advantage - An attack on a computer system that takes advantage

of a vulnerability.of a vulnerability. GUI GUI – Graphical user interface– Graphical user interface ISEAGEISEAGE - Internet Scale Event and Attack Generation - Internet Scale Event and Attack Generation

Environment, a network dedicated to creating a virtual Internet Environment, a network dedicated to creating a virtual Internet for the purpose of researching, designing, and testing cyber for the purpose of researching, designing, and testing cyber defense mechanisms. defense mechanisms.

MySQLMySQL - Open source database that uses the Structured Query - Open source database that uses the Structured Query Language.Language.

PHPPHP - PHP: Hypertext Preprocessor, another programming - PHP: Hypertext Preprocessor, another programming language for dynamic websites.language for dynamic websites.

SSHSSH – Secure Shell, a protocol that allows users to interact with – Secure Shell, a protocol that allows users to interact with a computer remotely over a secure session.a computer remotely over a secure session.

VulnerabilityVulnerability - A weakness in a system due to security - A weakness in a system due to security procedures, implementation or other means that could be procedures, implementation or other means that could be exploited. exploited.


44

Problem StatementProblem Statement

Problem StatementProblem Statement– Currently, trying to attack a computer Currently, trying to attack a computer

vulnerability means scouring the Internet for the vulnerability means scouring the Internet for the right attackright attack

– Computer professionals and others, need a way Computer professionals and others, need a way to locate and launch exploits quickly and easilyto locate and launch exploits quickly and easily

Problem SolutionProblem Solution– Develop a web application that interfaces to a Develop a web application that interfaces to a

database of network attacksdatabase of network attacks– Users can search the database and launch Users can search the database and launch

attacks through a web browserattacks through a web browser


55

Operating EnvironmentOperating Environment

ISEAGE network at ISU research parkISEAGE network at ISU research park– Software can operate on any platformSoftware can operate on any platform– 60-90 degrees Fahrenheit60-90 degrees Fahrenheit– Low moistureLow moisture


66

Intended Users and UsesIntended Users and Uses

UsersUsers– Researchers, students, vendors, and Researchers, students, vendors, and

computer professionals computer professionals UsesUses

– Evaluate weaknesses in computer Evaluate weaknesses in computer systems and network architectures systems and network architectures

– Training users about computer and Training users about computer and network securitynetwork security


77

AssumptionsAssumptions

The application is being coded using PHP and MySQL

Maximum number of simultaneous users is twenty

Maximum query response time is two seconds

Any attack can only run for 60 seconds


88

LimitationsLimitations

The database will not include all possible attacks or all known attacks

Size of database is limited to available disk space

This system will not fix vulnerabilities or pinpoint the cause of failure


99

End Product and End Product and DeliverablesDeliverables

Complete PHP website and MySQL Complete PHP website and MySQL database populated with exploits database populated with exploits (commented source code)(commented source code)

User’s guideUser’s guide Administrative guide – includes setup Administrative guide – includes setup

and maintenance instructionsand maintenance instructions Final reportFinal report


1010

Present AccomplishmentsPresent Accomplishments

Verified client needs and requirementsVerified client needs and requirements Researched approaches for problem solution Researched approaches for problem solution Completed detailed designCompleted detailed design Created prototype website and databaseCreated prototype website and database Added prototype functionality to meet Added prototype functionality to meet

client’s needsclient’s needs Developed accompanying documentationDeveloped accompanying documentation Working application was approved by client Working application was approved by client

and has been deliveredand has been delivered


1111

Approaches Considered and Approaches Considered and UsedUsed

MySQL database of current exploits for MySQL database of current exploits for several platformsseveral platforms

PHP based webpage that allows users PHP based webpage that allows users to search the database for exploitsto search the database for exploits

PHP code that allows users to launch PHP code that allows users to launch exploits with the click of a buttonexploits with the click of a button

Apache web server for hosting the Apache web server for hosting the interfaceinterface


1212

Approaches Considered and Approaches Considered and Used cont.Used cont.

Stand alone computer applicationStand alone computer application Remote connection to databaseRemote connection to database Database remotely connects to Database remotely connects to

various computersvarious computers


1313

Definition ActivitiesDefinition Activities

Discussed project needs with client Discussed project needs with client and obtained approval for proposed and obtained approval for proposed solutionsolution

Final Project DefinitionFinal Project Definition– To develop a scalable, web-based To develop a scalable, web-based

application that provides users with the application that provides users with the ability to search for network attacks and ability to search for network attacks and launch them with a single clicklaunch them with a single click


1414

Research ActivitiesResearch Activities

Webpage programming languagesWebpage programming languages– PHP and ASPPHP and ASP

Database optionsDatabase options– MySQL and SQL Server 2005MySQL and SQL Server 2005


1515

Database TechnologiesDatabase Technologies

MySQLMySQL SQL Server 2005SQL Server 2005 Open SourceOpen Source Mature and Well Mature and Well TestedTested Platform Platform IndependentIndependent Not as Well Not as Well IntegratedIntegrated Not as Much Pre-Not as Much Pre-Written CodeWritten Code

Best Integration of Best Integration of Any PlatformAny Platform Most Extensive Most Extensive ToolsTools Large Amount of Large Amount of Pre-Written CodePre-Written Code Licensing IssuesLicensing Issues Not mature, limited Not mature, limited track recordtrack record


1616

Webpage Programming Webpage Programming LanguagesLanguages

PHPPHP ASP .NET 2005ASP .NET 2005 Current Version Current Version Well TestedWell Tested Many Online Many Online ExamplesExamples Cross PlatformCross Platform Not as Well Not as Well IntegratedIntegrated Can’t Drag and Can’t Drag and Drop InterfacesDrop Interfaces

Extremely Well Extremely Well Integrated with SQL Integrated with SQL Server 2005Server 2005 Large Amount of Large Amount of Built in ObjectsBuilt in Objects Best IDEBest IDE Licensing IssuesLicensing Issues Not matureNot mature


1717

Technology SelectionsTechnology Selections

MySQLMySQL PHPPHP ApacheApache


1818

Design ActivitiesDesign Activities

Design constraintsDesign constraints– Platform independentPlatform independent– Web-basedWeb-based– Powerful and extensible databasePowerful and extensible database– Administrator controlsAdministrator controls


1919

Basic Solution ArchitectureBasic Solution Architecture

User Machine

Database

Web ServerPHP Script

Windows Attacks

Macintosh Attacks

Linux AttacksTarget Machine


2020

Implementation ActivitiesImplementation Activities

Design website frameworkDesign website framework Develop a test database with fake Develop a test database with fake

exploitsexploits Created PHP code to run search Created PHP code to run search

queriesqueries Developed PHP code to launch attacksDeveloped PHP code to launch attacks Original designs remained unchangedOriginal designs remained unchanged


2121

Testing ActivitiesTesting Activities

User search criteria translated into User search criteria translated into proper SQL queryproper SQL query

Query results returned back properlyQuery results returned back properly Launching of attacks is actually Launching of attacks is actually

generating network trafficgenerating network traffic Evaluation by both the team and Evaluation by both the team and

ISEAGE graduate studentsISEAGE graduate students


2222

Testing PrioritiesTesting Priorities

High priority tests cover criticalHigh priority tests cover criticalproduct featuresproduct features

Medium priority tests cover Medium priority tests cover supplemental product featuressupplemental product features

Low priority tests cover non-essential Low priority tests cover non-essential product featuresproduct features


2323

Testing ResultsTesting Results

PriorityPriority TestsTests PassedPassed FixedFixed % % CompleteComplete

HighHigh 99 88 11 100%100%

MediuMediumm

44 44 00 100%100%

LowLow 33 00 11 33%33%

TotalTotal 1616 1212 22 88%88%


2424

Significant ActivitiesSignificant Activities

Component End ResultWebsite software Completed

User documentation Completed

Administrative guide Completed

Database structure and contents

Completed

Commented source code Completed

0

20

40

60

80

100

% C

om

ple

te

Completion of Project Components

Website Code

User Docs

Admin Guide

DatabaseStructure andcontents

CommentedSource Code


2525

Personnel Effort Personnel Effort RequirementsRequirements

Personnel Effort (Hours)

105

7289

70Jeremy BrothertonTim HilbyBrett MastbergenJasen Stoeker


2626

Other Resource Other Resource RequirementsRequirements

Other Resources Required ($)

6

6

625

Project Plan BindingDesign Report BindingFinal Report BindingProject Poster

Item CostsProject Plan Binding 6.00$ Design Report Binding 6.00$ Final Report Binding 6.00$ Project Poster Lamination and Board 25.00$ Total 43.00$

Other Resource Requirements


2727

Financial RequirementsFinancial Requirements

Item W/O labor With labor Donated costsProject poster printing 40.00$ Bound project documentation 18.00$ 18.00$ Poster lamination and board 25.00$ 25.00$ PHP book 40.00$ 2 Donated computers (ISEAGE) 800.00$ Labor at $11.00 per hour:

Jeremy Brotherton 1,155.00$ Tim Hilby 792.00$

Brett Mastbergen 979.00$ Jasen Stoeker 770.00$

Total costs 43.00$ 3,739.00$ 880.00$

Final project costs

43

3739

880

0

500

1000

1500

2000

2500

3000

3500

$

Total Costs

Financial Requirements ($)

W/ O LaborWith LaborDonated Costs


2828

Project ScheduleProject Schedule


2929

Closing MaterialClosing Material

Project evaluationProject evaluation CommercializationCommercialization Additional workAdditional work Lessons learnedLessons learned Risk and risk managementRisk and risk management Closing summaryClosing summary


3030

Project EvaluationProject Evaluation

Milestone evaluation criteriaCriteria Score

Greatly exceeded 110%

Exceeded 105%

Fully met 100%

Partially met 80%

Not met 30%

Not attempted 0%


3131

Project Evaluation Cont.Project Evaluation Cont.

Project ResultsMilestone Evaluation Resultant Percentage

Project plan development Fully Met 20%*100 = 20%

Design research Fully Met 5%*100 = 5%

Technology selection Fully Met 5%*100 = 5%

Initial product design Fully Met 20%*100 = 20%

Framework implemented Fully Met 10%*100 = 10%

End-product testing Partially Met 15%*80 = 12%

End-product documentation Fully Met 15%* 100 = 15%

End-product demonstration Fully Met 10% * 100 = 10%

Total 97%


3232

CommercializationCommercialization

Not planned, developed strictly for Not planned, developed strictly for use with ISEAGEuse with ISEAGE


3333

Future WorkFuture Work

Continuing to add to the database of Continuing to add to the database of exploitsexploits

Adding additional functionality such Adding additional functionality such as allowing users to interact with the as allowing users to interact with the remote machine via the web remote machine via the web interfaceinterface

Allow users to select target machines Allow users to select target machines from a network diagramfrom a network diagram


3434

Lessons LearnedLessons Learned

What went wellWhat went well– Implementation, cImplementation, client demonstration, team worklient demonstration, team work

What did not go wellWhat did not go well– Equipment setup, project planEquipment setup, project plan

Technical knowledge gainedTechnical knowledge gained– PHP, MySQL, XAMPPPHP, MySQL, XAMPP

Non-technical knowledge gainedNon-technical knowledge gained– Communications skills, long term planningCommunications skills, long term planning

What would be done differentlyWhat would be done differently– Implementation, hardware setupImplementation, hardware setup


3535

Risks and Risk ManagementRisks and Risk Management Anticipated risksAnticipated risks

– Loss of a team member due to sickness Loss of a team member due to sickness or other unexpected circumstancesor other unexpected circumstances

– Missed deadlinesMissed deadlines– Faulty productFaulty product– Poor communications among team Poor communications among team

members may halt the projectmembers may halt the project– Data lossData loss


3636

Risks and Risk Management Risks and Risk Management cont.cont.

Risk managementRisk management– Continually informed team of individual progress Continually informed team of individual progress

and shared all essential project knowledgeand shared all essential project knowledge– Team leader kept close track of all upcoming Team leader kept close track of all upcoming

deadlines and always tried to be one week aheaddeadlines and always tried to be one week ahead– Continually met with Dr. Jacobson to ensure project Continually met with Dr. Jacobson to ensure project

was progressing in the intended directionwas progressing in the intended direction– Regularly scheduled meetings and team email Regularly scheduled meetings and team email

communication ensured all team members were communication ensured all team members were always informedalways informed

– All implementation code was placed in a backed up All implementation code was placed in a backed up CVS repository and all project documents were CVS repository and all project documents were regularly distributed to all team membersregularly distributed to all team members


3737

Risks and Risk Management Risks and Risk Management cont.cont.

Anticipated risks encounteredAnticipated risks encountered– Loss of a team member due to sicknessLoss of a team member due to sickness– Work load was divided among remaining team Work load was divided among remaining team

membersmembers Unanticipated risks encounteredUnanticipated risks encountered

– Dead on arrival hardwareDead on arrival hardware– Implementation and testing were carried out Implementation and testing were carried out

on a single machineon a single machine Changes in risk management due to Changes in risk management due to

unanticipated risksunanticipated risks– Changed deadlinesChanged deadlines– Assumed each task would have unexpected Assumed each task would have unexpected

problemsproblems


3838

Closing SummaryClosing Summary

ProblemProblem– Need to locate and launch exploits from Need to locate and launch exploits from

one locationone location– Users need a simple interface to this type Users need a simple interface to this type

of toolof tool Solution Solution

– Developed a MySQL database of attacksDeveloped a MySQL database of attacks– Created PHP based website to interface Created PHP based website to interface

with a database and it has the ability to with a database and it has the ability to launch specific exploits from any web launch specific exploits from any web browserbrowser


3939

Any questions or comments?Any questions or comments?

Date post:	02-Jan-2016
Category:	Documents
Upload:	abigail-flowers
View:	213 times
Download:	1 times

Attack Tool Repository and Player for ISEAGE May 06-11 Team:Jeremy Brotherton Timothy Hilby Brett...

Documents