Automated computer system security compromise

US 7,757,293 B2
Filed: 04/16/2007
Issued: 07/13/2010
Est. Priority Date: 07/10/2001
Status: Expired due to Term

First Claim

Patent Images

1. A system for performing penetration testing of a target computer network by installing a remote agent in the target computer network, the system comprising:

a local agent provided in a console and configured to receive and execute commands, wherein the local agent further comprises a system-calls proxy server, wherein the local agent functions as a client when connected to a remote agent and wherein the local agent functions as a server when connected to the console, wherein the local agent is configured to receive and execute system calls, and a virtual machine configured to execute scripting language;

a user interface provided in the console and configured to send commands to and receive information from the local agent, process the information, and present the processed information;

a database configured to store the information received from the local agent;

a network interface connected to the local agent and configured to communicate via a network with the remote agent installed in the target computer network; and

security vulnerability exploitation modules for execution by the local agent and/or the remote agent.

View all claims

13 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system is provided for performing penetration testing of a target computer network by installing a remote agent in the target computer network. The system includes a local agent provided in a computer console and configured to receive and execute commands. A user interface is provided in the console and configured to send commands to and receive information from the local agent, process the information, and present the processed information. A database is configured to store the information received from the local agent. A network interface is connected to the local agent and configured to communicate with the remote agent installed in the target computer network via a network. Security vulnerability exploitation modules are provided for execution by the local agent and/or the remote agent.

70 Citations

View as Search Results

15 Claims

1. A system for performing penetration testing of a target computer network by installing a remote agent in the target computer network, the system comprising:
- a local agent provided in a console and configured to receive and execute commands, wherein the local agent further comprises a system-calls proxy server, wherein the local agent functions as a client when connected to a remote agent and wherein the local agent functions as a server when connected to the console, wherein the local agent is configured to receive and execute system calls, and a virtual machine configured to execute scripting language;
  
  a user interface provided in the console and configured to send commands to and receive information from the local agent, process the information, and present the processed information;
  
  a database configured to store the information received from the local agent;
  
  a network interface connected to the local agent and configured to communicate via a network with the remote agent installed in the target computer network; and
  
  security vulnerability exploitation modules for execution by the local agent and/or the remote agent.
- View Dependent Claims (2, 3)
- - 2. The system of claim 1, wherein the user interface enables a user to select one of the modules and initiate execution of the selected module on either the local agent or the remote agent.
  - 3. The system of claim 1, wherein the user interface provides a graphical representation of the target computer network.

4. A method for performing penetration testing of a target computer network, comprising:
- installing a remote agent in the target computer network;
  
  executing a command using a local agent provided in a console, wherein the local agent further comprises a system-calls proxy server, wherein the local agent functions as a client when connected to a remote agent and wherein the local agent functions as a server when connected to the console, wherein the local agent is configured to receive and execute system calls, and a virtual machine configured to execute scripting language;
  
  receiving information from the local agent in a user interface provided in the console;
  
  presenting the information received from the local agent to a user;
  
  storing the information received from the local agent in a database;
  
  communicating via a network with the remote agent installed in the target computer network; and
  
  providing security vulnerability exploitation modules for execution by the local agent and/or the remote agent.
- View Dependent Claims (5, 6)
- - 5. The method of claim 4, further comprising:
    - selecting, using the user interface, one of the modules; and
      
      initiating execution of the selected module on either the local agent or the remote agent.
  - 6. The method of claim 4, further comprising providing a graphical representation of the target computer network using the user interface.

7. A system for performing penetration testing of a target computer network, the system comprising:
- a memory; and
  
  a processor configured by the memory to perform the steps of;
  
  installing a remote agent in the target computer network;
  
  executing a command using a local agent provided in a console, wherein the local agent further comprises a system-calls proxy server, wherein the local agent functions as a client when connected to a remote agent and wherein the local agent functions as a server when connected to the console, wherein the local agent is configured to receive and execute system calls, and a virtual machine configured to execute scripting language;
  
  receiving information from the local agent in a user interface provided in the console;
  
  presenting the information received from the local agent to a user;
  
  storing the information received from the local agent in a database;
  
  communicating via a network with the remote agent installed in the target computer network; and
  
  providing security vulnerability exploitation modules for execution by the local agent and/or the remote agent.
- View Dependent Claims (8, 9)
- - 8. The system of claim 7, wherein the processor is further configured by the memory to perform the steps of:
    - selecting, using the user interface, one of the modules; and
      
      initiating execution of the selected module on either the local agent or the remote agent.
  - 9. The system of claim 7, wherein the processor is further configured by the memory to perform the step of providing a graphical representation of the target computer network using the user interface.

10. A method for performing penetration testing of a target network, comprising the steps of:
- executing a first module in a console having a user interface, the first module being configured to exploit a security vulnerability in a first target host of the target network;
  
  installing a first remote agent in the first target host, the first remote agent being configured to communicate with the console and a second remote agent; and
  
  executing a second module in the first remote agent, the second module being configured to exploit a security vulnerability in a second target host of the target network, wherein the console further comprises a local agent wherein the local agent further comprises a system-calls proxy server, wherein the local agent functions as a client when connected to a remote agent and wherein the local agent functions as a server when connected to the console, wherein the local agent is configured to receive and execute system calls, and a virtual machine configured to execute scripting language.
- View Dependent Claims (11)
- - 11. The method of claim 10, further comprising installing a second remote agent in the second target host of the target network, the second remote agent being configured to communicate with the first remote agent.

12. A system for performing penetration testing of a target network, comprising:
- a console having a user interface;
  
  a first module configured to execute in the console to exploit a security vulnerability in a first target host of the target network;
  
  a first remote agent installed in the first target host, the first remote agent being configured to communicate with the console and a second remote agent; and
  
  a second module configured to execute in the first remote agent to exploit a security vulnerability in a second target host of the target network, wherein the local agent functions as a client when connected to a remote agent and wherein the local agent functions as a server when connected to the console, wherein the local agent is configured to receive and execute system calls, and a virtual machine configured to execute scripting language.
- View Dependent Claims (13)
- - 13. The system of claim 12, further comprising a second remote agent installed in the second target host of the target network, the second remote agent being configured to communicate with the first remote agent.

14. A system for performing penetration testing of a target network, the system comprising:
- a memory; and
  
  a processor configured by the memory to perform the steps of;
  
  executing a first module in a console having a user interface, the first module being configured to exploit a security vulnerability in a first target host of the target network;
  
  installing a first remote agent in the first target host, the first remote agent being configured to communicate with the console and a second remote agent; and
  
  executing a second module in the first remote agent, the second module being configured to exploit a security vulnerability in a second target host of the target network, wherein the local agent functions as a client when connected to a remote agent and wherein the local agent functions as a server when connected to the console, wherein the local agent is configured to receive and execute system calls, and a virtual machine configured to execute scripting language.
- View Dependent Claims (15)
- - 15. The system of claim 14, wherein the processor is further configured by the memory to install a second remote agent in the second target host of the target network, the second remote agent being configured to communicate with the first remote agent.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Ecrime Management Strategies, Inc.
Original Assignee
Core SDI, Inc.
Inventors
Caceres, Maximiliano Gerardo, Leidl, Bruce, Quesada, Ricardo, Friedman, Agustin Azubel, Becedillas, Gabriel, Ajzenman, Gustavo, Burroni, Javier, Notarfrancesco, Luciano, Friederichs, Oliver, Richarte, Gerardo Gabriel
Primary Examiner(s)
Orgad; Edan
Assistant Examiner(s)
Baum; Ronald

Application Number

US11/735,491
Publication Number

US 20070204347A1
Time in Patent Office

1,184 Days
Field of Search

726/25
US Class Current

726/25
CPC Class Codes

H04L 63/1433 Vulnerability analysis

Automated computer system security compromise

First Claim

13 Assignments

0 Petitions

Accused Products

Abstract

70 Citations

15 Claims

Specification

Solutions

Use Cases

Quick Links

Automated computer system security compromise

First Claim

13 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

70 Citations

15 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links