Performing Vulnerability Tests Lab: Hacking a Compromised Host

Outcomes addressed in this activity:

• Describe common port scanning tools and techniques.
• Explain the enumeration step of security testing.
• Use scanning and enumeration to identify potential vulnerabilities for exploitation.
• Use appropriate tools to capture network traffic in order to perform a threat analysis.

Course Outcome:

Perform vulnerability tests using computer and network tools and utilities.

Purpose

The purpose of this lab is to hack a compromised host. You use Zenmap and OpenVAS to scan for vulnerabilities in a host and then use Metasploit to attack the target host. In the process you learn how to search for exploits and modules in Metasploit and how to configure various options.

In the last part of the lab you learn how to escalate privileges to the root.

Lab Instructions

Part 1:

Complete the lab “Remote and local Exploitation.” In the lab environment, you will find step-by-step instructions. As you work through the lab, there will be capture-the-flag challenges. To provide proof you captured the flags, you will need to take screenshots of the flags you capture.

Part 2:

After completing the lab answer the following questions. Conduct research and cite supporting sources in APA format where appropriate.

1. Why do you need to start Postgresql before starting Metasploit?

1. What is the difference between an auxiliary module and an exploit module in Metasploit? Give an example of a Metasploit post exploitation module along with syntax and description.

1. Research and find a Metasploit exploit for Android^® Describe the exploit and its various options. Discuss what a user can do to protect themselves from the exploit.

1. What is the difference between an /etc/shadow and an /etc/password file in Linux?

1. Here is a hypothetical entry from the /etc/shadow file. Answer the following questions based on this entry:

naina:$1$nfqpGleOffcp0i:13000:0:30:7:1::

1. Which algorithm was used to hash the password?
2. What is the maximum number of days the password is valid?
3. What is the date that this account will expire?

Lab Requirements

Place your work from Part 1 and Part 2 into a Microsoft Word document. Support any assertions made with credible sources using APA style formatting.

For more information on APA style formatting, go to Academic Writer in the Academic Tools area of this course.

Also review the university policy on plagiarism. If you have any questions, please contact your professor.

Plagiarism

Plagiarism is an act of academic dishonesty. It violates the University Honor Code, and the offense is subject to disciplinary action. You are expected to be the sole author of your work. Use of another person's work or ideas must be accompanied by specific citations and references. Whether the action is intentional or not, it still constitutes plagiarism.

For more information on University’s Plagiarism policy, refer to the current University Catalog.

Directions for Submitting Your Lab

Name your Microsoft Word document according to this convention: IT542_Unit4_FirstNameInitialLastName. Submit your completed work to the Unit 4 Dropbox by the deadline. Also, download your performance report from infosec learning and upload the pdf as an additional document according to this convention: IT542_Unit4_FirstNameInitialLastName_Report.

Review Rubric under Course Resources, Grading Rubrics before beginning this activity.