GuidelinesDraft

Differences between revisions 1 and 9 (spanning 8 versions)
Revision 1 as of 2008-02-18 05:43:44
Size: 473
Editor: client-200
Comment:
Revision 9 as of 2008-08-06 16:18:30
Size: 1404
Editor: localhost
Comment: converted to 1.6 markup
Deletions are marked like this. Additions are marked like this.
Line 1: Line 1:
= Brainstorm = Ubuntu White Hat - Modus operandi '''DRAFT'''
Line 3: Line 3:
keescook:
keep vulns private until fixed
people can be team members if they agree to abide by those guidelines
Line 7: Line 4:
nxvl:
not to use dangerous tests, which tools to use
not to touch anything if you gain access
not to break anything
'''STEP 1'''
Line 12: Line 6:
mra:
gpg sign something (guidelines)
register that you agreed to it (guidelines)
0. portscan IP address (with the help of nmap, nessus, etc..)
Line 16: Line 8:
jdstrand:
gpg signed the contents of an email message
it's important from a mindset point of view, as well as potentially legal
1. investigate active services and daemons

2. investigate webapps in use


'''STEP 2'''

0. Run a search through CVE Archives with the found services and active daemons running on the computer

1. Run a search through CVE Archives with the webapps used


'''STEP 3'''

0. Penetration test with active services and daemons found to be vulnerable through CVE, only non-desctructive ones (no Denial-of-Service tests)

1. Penetration test with used webapps found to be vulnerable through CVE, only non-desctructive ones (no Denial-of-Service tests)


'''STEP 4'''

0. Auditing of used daemons and webapps


'''STEP 5'''

0. In case a 0day will be found, mail the Ubuntu pentest private mailing list to organize and help writing the bugfix and eventual Advisory

1. Write definitive report with "UWHA" (Ubuntu White Hat Anteater) and send it to Launchpad, in case of vulnerability attach screenshot and POC.

2. Automatically subscribe to launchpad bug the team that handles that specific infrastructure and in case the package is in Ubuntu mirrors and it's still not fixed, then subscribe Security Team (main) or MOTU Swat (universe)


'''STEP 6'''

0. Get in touch with the team responsible for the infrastructure for eventual DoS tests.

Ubuntu White Hat - Modus operandi DRAFT

STEP 1

0. portscan IP address (with the help of nmap, nessus, etc..)

1. investigate active services and daemons

2. investigate webapps in use

STEP 2

0. Run a search through CVE Archives with the found services and active daemons running on the computer

1. Run a search through CVE Archives with the webapps used

STEP 3

0. Penetration test with active services and daemons found to be vulnerable through CVE, only non-desctructive ones (no Denial-of-Service tests)

1. Penetration test with used webapps found to be vulnerable through CVE, only non-desctructive ones (no Denial-of-Service tests)

STEP 4

0. Auditing of used daemons and webapps

STEP 5

0. In case a 0day will be found, mail the Ubuntu pentest private mailing list to organize and help writing the bugfix and eventual Advisory

1. Write definitive report with "UWHA" (Ubuntu White Hat Anteater) and send it to Launchpad, in case of vulnerability attach screenshot and POC.

2. Automatically subscribe to launchpad bug the team that handles that specific infrastructure and in case the package is in Ubuntu mirrors and it's still not fixed, then subscribe Security Team (main) or MOTU Swat (universe)

STEP 6

0. Get in touch with the team responsible for the infrastructure for eventual DoS tests.

UbuntuPentest/GuidelinesDraft (last edited 2008-08-06 16:18:30 by localhost)