本論文主要是提出一個新的滲透測試方法論,分成WEB、SYSTEM、NETWORK三個不同的流程,第一個WEB的滲透測試流程主要有用WEB開發框架或模組版本的已知弱點進行攻擊測試,和以Google Hacker的搜尋技術來尋找站台的注入點。第二個SYSTEM的滲透測試流程主要是利用系統服務版本的已知弱點,和以掃描方式所尋找到的主機弱點進行滲透攻擊。第三個NETWORK滲透測試流程是利用各種Port Scan軟體查看各種服務介面開放情況,和針對防火牆或路由器進行封包傳送來觀察設備運作模式來進行滲透攻擊。最後針對以上的弱點入侵成功後進行提升權限進行更高一層的攻擊,以及在經過各種測試流程後產出滲透測試報告書,提供給受測方進行弱點修改,最後再針對受測方已修改好之弱點在進行複測,以達到完整的滲透測試。
本論文之方法論可依照不同專案大小而將滲透測試方法分為各種流程組合,以滿足各種企業需求,並提高滲透測試的作業效率。
本論文最後請五位滲透測試專家針對本研究進行評估,各專家都認為本架構能提高作業效率、滲透測試完整性、以及管理方式等,都對於現今滲透測試事非常有大的幫助。
This thesis proposes on a new methodology of penetration test, There are three processes in this methodology of the penetration test of this thesis are web, system and network. First, web process focus on using the web development framework or the know vulnerabilities of the module version to do the attack test, and using the Google hacker’s search technology to find the site of the injection point. Second system process is focus on the know vulnerabilities of the system service version and using the vulnerability scan to attack the server’s vulnerability. Third network process is focus on using the port scan tools to check the port status of the service, and using the send and get network package technology to analysis the firewall and router to do the attack test. Then attack using elevated privileges that after using those find vulnerabilities information to success attack, and prepare the penetration test report after finish all of the test process to tested party to do the fix the vulnerabilities. The final process is to do the re-test after tested party finish to fix the vulnerabilities.
The process of this thesis can be separate or combination that by different type of project that meet a variety of business needs, and improve the operating efficiency of penetration testing.
For the result of methodology of this thesis, we invited five experts of penetration test to evaluate it, considers that the framework can improve operational efficiency, penetration testing integrity, and is very helpful to do the penetration testing today.
