Download - MIS 5212.001 Week 9 Site:
ADVANCED PENETRATION TESTING
MIS 5212.001Week 9
Site: http://community.mis.temple.edu/mis5212sec001s15/
MIS 5212.001 2
Tonight's Plan
In the news More Walk Through of WebGoat Next Week
MIS 5212.001 3
In The News
Submitted http://www.cnet.com/news/fridge-caught-send
ing-spam-emails-in-botnet-attack/
http://arstechnica.com/security/2015/03/bogus-ssl-certificate-for-windows-live-could-allow-man-in-the-middle-hacks/
http://www.wired.com/2015/03/nsa_domains/?mbid=social_twitter
http://www.scmagazine.com/premera-blue-cross-attack-may-have-exposed-data-on-11m-customers/article/404052/
http://www.darkreading.com/the-7-best-social-engineering-attacks-ever/d/d-id/1319411
MIS 5212.001 4
In The News
Submitted http://
thehackernews.com/2015/03/cardless-atm-smartphone.html
http://thehackernews.com/2015/03/google-play-store-app-review.html
http://www.newsy.com/videos/yahoo-s-password-free-login-has-its-own-set-of-problems/
http://www.csoonline.com/article/2898735/data-protection/corporate-culture-hinders-cyber-insurance-buy-in.html
MIS 5212.001 5
In The News
What I noted http://www.dailydot.com/politics/federal-websi
tes-https-secure-proposal/
http://www.itworld.com/article/2897775/researchers-find-same-rsa-encryption-key-used-28000-times.html
http://www.forbes.com/sites/thomasbrewster/2015/03/17/apple-mac-gatekeeper-bypass-exacerbated-by-unencrypted-av-downloads/
http://krebsonsecurity.com/2015/03/dark-webs-evolution-market-vanishes/
MIS 5212.001 6
WebGoat
Injection Flaws: Command Injection: " & netstat -ant &
ifconfig“ Numerical SQL Injection: or 1=1 Log Spoofing XPATH Injection String SQL Injection Modifying Data with SQL Injection Adding Data with SQL Injection Blind Numeric SQL Injection Blind String SQL Injection
MIS 5212.001 7
Next Week
Test 2 Intro to Wireless
MIS 5212.001 8
Questions
?