Vážené kolegyne a kolegovia,
Pozývame Vás na SEMINÁR Ústavu informatiky SAV, v. v. i., Jeana Rosemonda Doru, PhD. (odd. L.Hluchý), ktorý bude v pondelok 9. 6. 2025 o 10. 30 hod. v zasadačke č. 102.
Program:
Ing. Mgr. Jean Rosemond Dora, PhD. (odd. L.Hluchý)
Metodika útokov (10 – 15 min)
Živé útoky v reálnom čase (NIE simulácia) proti webovým stránkam hostovaným na operačnom systéme Ubuntu 20+, Windows 10+ atď. (50 – 65 min)
ABSTRAKT
Nowadays, the Internet is considered the highway of information and communication. That implies that thousands of activities are being conducted over the Internet. We can generally subdivide them into two (2) categories: genuine activities and malicious activities. To achieve their goals, internet users often rely on other technologies, such as computers, tablets, and mobile phones. Each tool uses software (Web browsers, desktop applications, web applications, etc.) that serves as a client to interact with a web application. From an offensive perspective, numerous attacks can be deployed to grant attackers unauthorized access to a target device. Client-side attacks, such as Remote Code Execution (RCE), Command Injection (CI), Local and Remote File Inclusion (LFI, RFI), are among them. For this seminar, we will exploit everything possible. Our goal is to obtain access to the backend device that hosts the web application. With such access, we can perform post-exploitation techniques, including privilege escalation, encrypting files and folders, deleting web server files, deleting users, and performing lateral movement to obtain access to other devices within the compromised environment.
Tešíme sa na stretnutie s Vami pri šálke kávy alebo čaju.
Ing. Mgr. Robert Andok, PhD.,riaditeľ
