SystemsSec 2016W Hacking Opportunities

From Soma-notes
Revision as of 23:06, 9 January 2016 by Soma (talk | contribs)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)

Operating Systems Security

  • Configure a jail for running a service.
  • Change an SELinux policy to use a custom directory (e.g., change the location of apache's files from /var/www).


Network Security

  • Decrypt a captured SSL/TLS session using WireShark


Software Security

  • Successfully run a buffer overflow/memory corruption attack against an application using a Metasploit exploit.


Web Security

  • Modify a web application to be vulnerable to a cross-site scripting attack and then successfully exploit the vulnerability.