CYSE 301

Cybersecurity Techniques and Operations

This course introduces tools and techniques used to secure and analyze large computer networks and systems. Students will systematically learn C programming in the first part of the course, which forms a foundation for many cybersecurity operations, such as malware analysis, understanding network protocol stack, etc. In the second part, students will explore and map networks using a variety of diagnostic software tools, learn advanced packet analysis, configure firewalls, write intrusion detection rules, perform forensic investigation, and practice techniques for penetration testing. The objectives are:

  • Understand the concepts and major constructs of the C programming language,
  • Master the programming skills of the C programming language,
  • Be able to analyze the C source code to infer the functionality of a given code segment, C function, C program etc,
  • Grasp the needed techniques and skills to write a C program in cybersecurity operations such as a network protocol stack,
  • Monitor and analyze network traffic. Identify and trace the traffic when intrusion is detected in the network,
  • Identify and evaluate the vulnerabilities in the network and implement effective countermeasures to protect the network,
  • Master the technologies to exploit the vulnerabilities in a remote system,
  • Analyze the vulnerabilities in wireless communication network,
  • Manage data and personal information in a secure manner.

Course Material

  1.  PageCYSE 301: Cybersecurity Technique and Operations

    Assignment 4: Ethical Hacking
    At the end of this module, each student must submit a report indicating the completion of the following
    tasks. Make sure you take screenshots as proof.
    You need to power on the following VMs for this assignment.
    Internal Kali (or Attacker Kali)
    pfSense VM (power on only)
    Windows XP, Windows Server 2022, or Windows 7 (depending on the subtasks).
    Task A. Exploit SMB on Windows XP with Metasploit (20 pt, 2pt each)
    Please activate Windows XP clock by following the document posted under Module3
    or demonstrated in class.
    In this task, you need to complete the following steps to exploit SMB vulnerability on Windows XP.
    1. Run a port scan against Windows XP using the nmap command to identify open ports, services,
    and vulnerabilities.
    2. Identify the SMB port number (default: 445) and confirm that it is open.
    3. Launch Metasploit Framework and search for the exploit module: ms08_067_netapi
    4. Use ms08_067_netapi as the exploit module and set meterpreter reverse_tcp as the payload.
    5. Use 5525 as the listening port number. Configure the rest of the parameters. Display your
    configurations and exploit the target.
    6. [Postexploitation] Execute the screenshot command to take a screenshot of the target machine
    if the exploit is successful.
    7. [Postexploitation] In the meterpreter shell, display the target system’s local date and time.
    8. [Postexploitation] In the meterpreter shell, get the SID of the user.
    9. [Postexploitation] In the meterpreter shell, get the current process identifier.
    10. [Postexploitation] In the meterpreter shell, get system information about the target.
    Task B. Exploit EternalBlue on Windows Server 2022 with Metasploit (10 pt)
    In this task, try to use the same steps as shown in the class / video (for online students) lecture to
    exploit the EternalBlue vulnerability on Windows Server 2022. You may or may not establish a reverse
    shell connection to the Windows Server 2022. Document your steps and show me your results.
    You wont lose points for a failed reverse shell connection. But you will lose points for incorrect
    configurations, such as putting the wrong IP address for LHOST/RHOST, etc.
    Task C. Exploit Windows 7 with a deliverable payload (70 pt).
    In this task, you need to create an executable payload with the required configurations below.
    1. Once your payload is ready, upload it to the web server running on Kali Linux. Then download the
    payload from Windows 7, and execute it on the target to make a reverse shell. Of course, don’t
    forget to configure options in your Metasploit framework on Kali Linux before the payload is
    triggered on the target VM. (10 pt).
    The requirements for your payload are :
    Payload Name: Use your MIDAS ID (for example, svatsa.exe) (5pt)
    Listening port: 5525 (5pt)
    [Postexploitation] Once you have established the reverse shell connection to the target Windows 7,
    complete the following tasks in your meterpreter shell:
    2. Execute the screenshot command to take a screenshot of the target machine if the exploit is
    successful. (10 pt)
    3. Create a text file on the attacker Kali named “YourMIDAS.txt” (replace YourMIDAS with your
    university MIDAS ID) and put the current timestamp in the file. Upload this file to the target’s
    desktop. Then, log in to Windows 7 VM and check if the file exists. You need to show me the
    command that uploads the file. (10 pt)
    4. Extra credit (5 points) Execute the hashdump command to view the password hashes and
    save those in a file named hash.txt
    [Privilege escalation]
    5. Background your current session, then gain administratorlevel privileges on the remote system
    (10 pt).
    6. After you escalate the privilege, complete the following tasks:
    a. Create a malicious account with your name and add this account to the administrator
    group. You need to complete this step on the Attacker Side. (10 pt)
    b. Remote access to the malicious account created in the previous step and browse the
    files belonging to the user, “Windows 7”, in RDP. (10 pt) You may follow the pdf for
    Pen testing
    Task D. Extra Credit
    Try to set up a reverse shell connection with Metasploit to Windows 10 (10 points). You can use the
    technique we introduced in this class, or other exploits not covered by this course.
    The hands-on labs are as follows:

 

 

Old Dominion University

CYSE 301 Cybersecurity Techniques and Operations

Assignment #4 Ethical Hacking

Stevie Johnson

01242216

Task A. Exploit SMB on Windows XP with Metasploit (20 pt, 2pt each)

Please activate Windows XP clock by following the document posted under Module-3

or demonstrated in class.

In this task, you need to complete the following steps to exploit SMB vulnerability on Windows XP.

  1. Run a port scan against Windows XP using the nmap command to identify open ports, services, and vulnerabilities.

.

  1. Identify the SMB port number (default: 445) and confirm that it is open.

 

  1. Launch Metasploit Framework and search for the exploit module: ms08_067_netapi.

 

  1. Use ms08_067_netapi as the exploit module and set meterpreter reverse_tcp as the payload.
  2. Use 5525 as the listening port number. Configure the rest of the parameters. Display your

configurations and exploit the target.

  1. [Post-exploitation] Execute the screenshot command to take a screenshot of the target machine

if the exploit is successful.

 

 

 

 

 

  1. [Post-exploitation] In the meterpreter shell, display the target system’s local date and time.
  2. [Post-exploitation] In the meterpreter shell, get the SID of the user.
  3. [Post-exploitation] In the meterpreter shell, get the current process identifier.
  4. [Post-exploitation] In the meterpreter shell, get system information about the target.

 

Task B. Exploit EternalBlue on Windows Server 2022 with Metasploit (10 pt)

In this task, try to use the same steps as shown in the class / video (for online students) lecture to

exploit the EternalBlue vulnerability on Windows Server 2022. You may or may not establish a reverse

shell connection to the Windows Server 2022. Document your steps and show me your results.

You won’t lose points for a failed reverse shell connection. But you will lose points for incorrect

configurations, such as putting the wrong IP address for LHOST/RHOST, etc.

 

Task C. Exploit Windows 7 with a deliverable payload (70 pt).

In this task, you need to create an executable payload with the required configurations below.

  1. Once your payload is ready, upload it to the web server running on Kali Linux. Then download the

payload from Windows 7, and execute it on the target to make a reverse shell. Of course, don’t

forget to configure options in your Metasploit framework on Kali Linux before the payload is

triggered on the target VM. (10 pt).

 

 

The requirements for your payload are :

  • Payload Name: Use your MIDAS ID (for example, svatsa.exe) (5pt)
  • Listening port: 5525 (5pt)

[Post-exploitation] Once you have established the reverse shell connection to the target Windows 7,

complete the following tasks in your meterpreter shell:

 

 

  1. Execute the screenshot command to take a screenshot of the target machine if the exploit is

successful. (10 pt)

  1. Create a text file on the attacker Kali named “YourMIDAS.txt” (replace YourMIDAS with your

university MIDAS ID) and put the current timestamp in the file. Upload this file to the target’s

desktop. Then, log in to Windows 7 VM and check if the file exists. You need to show me the

command that uploads the file. (10 pt).

 

 

  1. Extra credit (5 points) Execute the “hashdump” command to view the password hashes and

save those in a file named “hash.txt”

[Privilege escalation]

  1. Background your current session, then gain administrator-level privileges on the remote system

(10 pt).

  1. After you escalate the privilege, complete the following tasks:
  2. Create a malicious account with your name and add this account to the administrator

group. You need to complete this step on the Attacker Side. (10 pt)

  1. Remote access to the malicious account created in the previous step and browse the

files belonging to the user, “Windows 7”, in RDP. (10 pt) You may follow the pdf for

Pen testing.

 

Task D. Extra Credit

Try to set up a reverse shell connection with Metasploit to Windows 10 (10 points). You can use the

technique we introduced in this class, or other exploits not covered by this course.