SystemsSec 2016W Hacking Opportunities: Difference between revisions

From Soma-notes
Created page with "==Operating Systems Security== * Configure a jail for running a service. * Change an SELinux policy to use a custom directory (e.g., change the location of apache's files fro..."
 
No edit summary
 
Line 3: Line 3:
* Configure a jail for running a service.
* Configure a jail for running a service.
* Change an SELinux policy to use a custom directory (e.g., change the location of apache's files from /var/www).
* Change an SELinux policy to use a custom directory (e.g., change the location of apache's files from /var/www).


==Network Security==
==Network Security==


* Decrypt a captured SSL/TLS session using WireShark
* Decrypt a captured SSL/TLS session using WireShark


==Software Security==
==Software Security==

Latest revision as of 23:06, 9 January 2016

Operating Systems Security

  • Configure a jail for running a service.
  • Change an SELinux policy to use a custom directory (e.g., change the location of apache's files from /var/www).


Network Security

  • Decrypt a captured SSL/TLS session using WireShark


Software Security

  • Successfully run a buffer overflow/memory corruption attack against an application using a Metasploit exploit.


Web Security

  • Modify a web application to be vulnerable to a cross-site scripting attack and then successfully exploit the vulnerability.