Training

Pentesting Linux systems

Objectifs

Intrusion in Linux environments is a complete course for Linux infrastructures pentesting. It is a realistic training including practical use cases of low-profile intrusions in corporate environments, through system exploitation and privilege escalation. Over the 4 modules, students will learn the methodology and techniques used by our experts during an intrusion, starting from anonymous access to the most privileged ones on the information system. The training includes 2 complete corporate-like environments for the students to apply these skills.

 

Technologies: Docker, LXC, SELinux, AppArmor, LDAP, ...

 

Intrusion in Linux environments is an advanced training designed for security teams, system administrators and developers.

 

5 days / 11 hours of theory / 24 hours of practice.

Contenu

  • Operation of a Linux environment

     

    Reminder of general information on Linux systems and associated services. Introduction of intrusion concepts specific to this type of environment.

     

    • Intrusion process

    • Linux's administration mechanisms

    • Operation of a Linux environment

    • Authentication

    • Accounts hierarchy

    • Safety mechanisms

 

  • Intrusion in anonymous mode

     

    Reconnaissance and intrusion techniques when no prior access is acquired.

     

    • Reconnaissance and network mapping methodology

    • Exploitation

      • Application vulnerabilities

      • Network interceptions

      • Case of physical access to a workstation

 

  • Intrusion in authenticated mode

     

    Reconnaissance and intrusion techniques after obtaining a more or less privileged user account

     

    • Local reconnaissance on a system

    • Privilege escalation

      • Replay of authentication information

      • Exploitation of configurations (sudo, scheduled tasks, permissions, etc)

      • Exploitation of public vulnerabilities

    • Bypassing software restrictions

      • Sandboxing

      • Linux Security Module (AppArmor, SELinux)

    • User-level persistence techniques

    • Managing footprint on the system

 

  • Exploitation of local administrator rights

     

    Reconnaissance and intrusion techniques from local administrator access on a system.

     

    • Manipulation of local resources

    • Extraction of authentication secrets

      • Dissecting Linux memory

      • Operation of live system elements (DBUS Secret Service API)

    • In-depth compromise

      • Poisoning of system services

      • Binaries poisoning

    • Implementation of advanced persistence mechanisms

      • User rootkits

      • Kernel rootkits

      • Backdoors

    • Managing footprint on the system

    • Network bouncing methodology

 

  • Exercise in autonomy

     

    Deployment of a second infrastructure on which a trophy must be obtained after the overall compromise of the environment. Students must independently apply the different methods discussed during the training.