Assignment 4: Ethical Hacking
At the end of this module, each student must submit a report indicating the completion of the following
tasks. Make sure you take screenshots as proof.
You need to power on the following VMs for this assignment.
• Internal Kali (Attacker)
• pfSense VM (power on only)
• Windows XP, Windows Server 2022, or Windows 7 (depending on the subtasks).
Task A. Exploit SMB on Windows XP with Metasploit (20 pt, 2pt each)
In this task, you need to complete the following steps to exploit SMB vulnerability on Windows XP.
1. Run a port scan against the Windows XP using the nmap command to identify open ports and
services.setset
2. Identify the SMB port number (default: 445) and confirm that it is open.
3. Launch Metasploit Framework and search for the exploit module: ms08_067_netapi
4. Use ms08_067_netapi as the exploit module and set meterpreter reverse_tcp as the payload.
5. Use 5525 as the listening port number. Configure the rest of the parameters. Display your
configurations and exploit the target.
6. [Post-exploitation] Execute the screenshot command to take a screenshot of the target machine
if the exploit is successful.
7. [Post-exploitation] In the meterpreter shell, display the target system’s local date and time.
8. [Post-exploitation] In the meterpreter shell, get the SID of the user.
9. [Post-exploitation] In the meterpreter shell, get the current process identifier.
10. [Post-exploitation] In the meterpreter shell, get system information about the target.
*7-10 are all in one screenshot
Task B. Exploit EternalBlue on Windows Server 2022 with Metasploit (10 pt)
In this task, try to use the same steps as shown in the video lecture to exploit the EternalBlue
vulnerability on Windows Server 2022. You may or may not establish a reverse shell connection to the
Windows Server 2022 using the same method as hacking Windows Server 2008. Document your steps and
show me your results.
You won’t lose points for a failed reverse shell connection. But you will lose points for incorrect
configurations, such as putting the wrong IP address for LHOST/RHOST, etc.
Task C. Exploit Windows 7 with a deliverable payload (70 pt).
In this task, you need to create an executable payload with the required configurations below.
1. Once your payload is ready, you should upload it to the web server running on Kali Linux and,
download the payload from Windows 7, then execute it on the target to make a reverse shell. Of
course, don’t forget to configure your Metasploit on Kali Linux before the payload is triggered on
the target VM. (10 pt).
The requirements for your payload are :
• Payload Name: Use your MIDAS ID (for example, svatsa.exe) (5pt)
• Listening port: 5525 (5pt)
[Post-exploitation] Once you have established the reverse shell connection to the target Windows 7, complete the following tasks in your meterpreter shell:
2. Execute the screenshot command to take a screenshot of the target machine if the exploit is
successful. (10 pt)
3. Create a text file on the attacker Kali named “YourMIDAS.txt” (replace YourMIDAS with your university MIDAS ID) and put the current timestamp in the file. Upload this file to the target’s desktop. Then, log in to Windows 7 VM and check if the file exists. You need to show me the command that uploads the file. (10 pt)
