{"id":123,"date":"2025-05-28T00:59:22","date_gmt":"2025-05-28T00:59:22","guid":{"rendered":"https:\/\/sites.wp.odu.edu\/cyberimpact1\/?page_id=123"},"modified":"2026-05-03T23:16:30","modified_gmt":"2026-05-03T23:16:30","slug":"cyse-301","status":"publish","type":"page","link":"https:\/\/sites.wp.odu.edu\/williamjohnson\/cyse-301\/","title":{"rendered":"CYSE 301"},"content":{"rendered":"<h1 style=\"text-align: center\">Cybersecurity Techniques and Operations<\/h1>\n<p>This course introduces tools and techniques used to secure and analyze large computer networks and systems. Students will systematically learn C programming in the first part of the course, which forms a foundation for many cybersecurity operations, such as malware analysis, understanding network protocol stack, etc. In the second part, students will explore and map networks using a variety of diagnostic software tools, learn advanced packet analysis, configure firewalls, write intrusion detection rules, perform forensic investigation, and practice techniques for penetration testing. The objectives are:<\/p>\n<ul>\n<li>Understand the concepts and major constructs of the C programming language,<\/li>\n<li>Master the programming skills of the C programming language,<\/li>\n<li>Be able to analyze the C source code to infer the functionality of a given code segment, C function, C program etc,<\/li>\n<li>Grasp the needed techniques and skills to write a C program in cybersecurity operations such as a network protocol stack,<\/li>\n<li>Monitor and analyze network traffic. Identify and trace the traffic when intrusion is detected in the network,<\/li>\n<li>Identify and evaluate the vulnerabilities in the network and implement effective countermeasures to protect the network,<\/li>\n<li>Master the technologies to exploit the vulnerabilities in a remote system,<\/li>\n<li>Analyze the vulnerabilities in wireless communication network,<\/li>\n<li>Manage data and personal information in a secure manner.<\/li>\n<\/ul>\n<h1>Course Material<\/h1>\n<ol>\n<li>\n<h1 class=\"screenreader-only\"><span class=\"ViewerControls--page-number\" style=\"font-size: 16px\">\u00a0Page<\/span><span dir=\"ltr\" style=\"font-size: 16px\" role=\"presentation\">CYSE<\/span> <span dir=\"ltr\" style=\"font-size: 16px\" role=\"presentation\">3<\/span><span dir=\"ltr\" style=\"font-size: 16px\" role=\"presentation\">01: Cybersecurity Technique and Operations<\/span><\/h1>\n<div class=\"Pages\">\n<div class=\"Page-container\">\n<div id=\"page-0\" class=\"Page PageComponent\" data-pagenumber=\"0\" data-rotation=\"0\">\n<div class=\"Draw Draw--not-drawing Draw--selection\">\n<div class=\"TextLayer-container\">\n<div class=\"textLayer\" data-main-rotation=\"0\"><span dir=\"ltr\" role=\"presentation\">Assignment<\/span> <span dir=\"ltr\" role=\"presentation\">4<\/span><span dir=\"ltr\" role=\"presentation\">:<\/span> <span dir=\"ltr\" role=\"presentation\">E<\/span><span dir=\"ltr\" role=\"presentation\">thical<\/span> <span dir=\"ltr\" role=\"presentation\">Hacking<\/span><\/div>\n<\/div>\n<div class=\"PDFAnnotationLayer-container\">\n<div class=\"annotationLayer\" data-main-rotation=\"0\">At the end of this module, each student must submit a report indicating the completion of the following<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<div class=\"Page-container\">\n<div id=\"page-1\" class=\"Page PageComponent\" data-pagenumber=\"1\" data-rotation=\"0\">\n<div class=\"Draw Draw--not-drawing Draw--selection\">\n<div class=\"TextLayer-container\">\n<div class=\"textLayer\" data-main-rotation=\"0\"><span dir=\"ltr\" role=\"presentation\">tasks.<\/span> <span dir=\"ltr\" role=\"presentation\">Make sure you take screenshots as proof<\/span><span dir=\"ltr\" role=\"presentation\">.<\/span><br role=\"presentation\" \/><span dir=\"ltr\" role=\"presentation\">You need to power on the following VMs for this assignment.<\/span><br role=\"presentation\" \/><span dir=\"ltr\" role=\"presentation\">\u2022<\/span> <span dir=\"ltr\" role=\"presentation\">Internal Kali (<\/span><span dir=\"ltr\" role=\"presentation\">or<\/span> <span dir=\"ltr\" role=\"presentation\">Attacker<\/span> <span dir=\"ltr\" role=\"presentation\">Kali<\/span><span dir=\"ltr\" role=\"presentation\">)<\/span><br role=\"presentation\" \/><span dir=\"ltr\" role=\"presentation\">\u2022<\/span> <span dir=\"ltr\" role=\"presentation\">pfSense VM (power on only)<\/span><br role=\"presentation\" \/><span dir=\"ltr\" role=\"presentation\">\u2022<\/span> <span dir=\"ltr\" role=\"presentation\">Windows XP<\/span><span dir=\"ltr\" role=\"presentation\">, Windows<\/span> <span dir=\"ltr\" role=\"presentation\">Server<\/span> <span dir=\"ltr\" role=\"presentation\">2022<\/span><span dir=\"ltr\" role=\"presentation\">,<\/span> <span dir=\"ltr\" role=\"presentation\">or Windows 7 (depending on the subtasks).<\/span><br role=\"presentation\" \/><span dir=\"ltr\" role=\"presentation\">Task A.<\/span> <span dir=\"ltr\" role=\"presentation\">Exploit SMB on Windows XP with Metasploit (20 pt, 2pt each)<\/span><br role=\"presentation\" \/><span dir=\"ltr\" role=\"presentation\">Please activate Windows XP clock by following<\/span> <span dir=\"ltr\" role=\"presentation\">the<\/span> <span dir=\"ltr\" role=\"presentation\">document<\/span> <span dir=\"ltr\" role=\"presentation\">posted<\/span> <span dir=\"ltr\" role=\"presentation\">under Module<\/span><span dir=\"ltr\" role=\"presentation\">&#8211;<\/span><span dir=\"ltr\" role=\"presentation\">3<\/span><br role=\"presentation\" \/><span dir=\"ltr\" role=\"presentation\">or demonstrated<\/span> <span dir=\"ltr\" role=\"presentation\">in<\/span> <span dir=\"ltr\" role=\"presentation\">class<\/span><span dir=\"ltr\" role=\"presentation\">.<\/span><br role=\"presentation\" \/><span dir=\"ltr\" role=\"presentation\">In this task, you need to complete the following steps to e<\/span><span dir=\"ltr\" role=\"presentation\">xploit SMB vulnerability<\/span> <span dir=\"ltr\" role=\"presentation\">on Windows XP<\/span><span dir=\"ltr\" role=\"presentation\">.<\/span><br role=\"presentation\" \/><span dir=\"ltr\" role=\"presentation\">1.<\/span> <span dir=\"ltr\" role=\"presentation\">Run a port scan against<\/span> <span dir=\"ltr\" role=\"presentation\">Windows<\/span> <span dir=\"ltr\" role=\"presentation\">XP using the nmap command to identify open ports<\/span><span dir=\"ltr\" role=\"presentation\">,<\/span> <span dir=\"ltr\" role=\"presentation\">services<\/span><span dir=\"ltr\" role=\"presentation\">,<\/span><br role=\"presentation\" \/><span dir=\"ltr\" role=\"presentation\">and vulnerabilities.<\/span><br role=\"presentation\" \/><span dir=\"ltr\" role=\"presentation\">2.<\/span> <span dir=\"ltr\" role=\"presentation\">Identify the SMB port number (default: 445) and confirm that it is open.<\/span><br role=\"presentation\" \/><span dir=\"ltr\" role=\"presentation\">3.<\/span> <span dir=\"ltr\" role=\"presentation\">Launch Metasploit Framework<\/span> <span dir=\"ltr\" role=\"presentation\">and search for the exploit module:<\/span> <span dir=\"ltr\" role=\"presentation\">ms08_067_netapi<\/span><br role=\"presentation\" \/><span dir=\"ltr\" role=\"presentation\">4.<\/span> <span dir=\"ltr\" role=\"presentation\">Use ms08_067_netapi as the exploit module and set meterpreter reverse_tcp<\/span> <span dir=\"ltr\" role=\"presentation\">as the payload.<\/span><br role=\"presentation\" \/><span dir=\"ltr\" role=\"presentation\">5.<\/span> <span dir=\"ltr\" role=\"presentation\">Use<\/span> <span dir=\"ltr\" role=\"presentation\">5525<\/span> <span dir=\"ltr\" role=\"presentation\">as the listening port number. Configure the rest of the parameters. Display your<\/span><br role=\"presentation\" \/><span dir=\"ltr\" role=\"presentation\">configurations and exploit the target.<\/span><br role=\"presentation\" \/><span dir=\"ltr\" role=\"presentation\">6.<\/span> <span dir=\"ltr\" role=\"presentation\">[<\/span><span dir=\"ltr\" role=\"presentation\">Post<\/span><span dir=\"ltr\" role=\"presentation\">&#8211;<\/span><span dir=\"ltr\" role=\"presentation\">exploitation<\/span><span dir=\"ltr\" role=\"presentation\">] Execute the screenshot command to take a screenshot of the target machine<\/span><br role=\"presentation\" \/><span dir=\"ltr\" role=\"presentation\">if the exploit is successful.<\/span><br role=\"presentation\" \/><span dir=\"ltr\" role=\"presentation\">7.<\/span> <span dir=\"ltr\" role=\"presentation\">[<\/span><span dir=\"ltr\" role=\"presentation\">Post<\/span><span dir=\"ltr\" role=\"presentation\">&#8211;<\/span><span dir=\"ltr\" role=\"presentation\">exploitation<\/span><span dir=\"ltr\" role=\"presentation\">]<\/span> <span dir=\"ltr\" role=\"presentation\">In<\/span> <span dir=\"ltr\" role=\"presentation\">the<\/span> <span dir=\"ltr\" role=\"presentation\">meterpreter shell, display the target system\u2019s local date and time.<\/span><br role=\"presentation\" \/><span dir=\"ltr\" role=\"presentation\">8.<\/span> <span dir=\"ltr\" role=\"presentation\">[<\/span><span dir=\"ltr\" role=\"presentation\">Post<\/span><span dir=\"ltr\" role=\"presentation\">&#8211;<\/span><span dir=\"ltr\" role=\"presentation\">exploitation<\/span><span dir=\"ltr\" role=\"presentation\">]<\/span> <span dir=\"ltr\" role=\"presentation\">In<\/span> <span dir=\"ltr\" role=\"presentation\">the<\/span> <span dir=\"ltr\" role=\"presentation\">meterpreter shell<\/span><span dir=\"ltr\" role=\"presentation\">, get the SID of the user.<\/span><br role=\"presentation\" \/><span dir=\"ltr\" role=\"presentation\">9.<\/span> <span dir=\"ltr\" role=\"presentation\">[<\/span><span dir=\"ltr\" role=\"presentation\">Post<\/span><span dir=\"ltr\" role=\"presentation\">&#8211;<\/span><span dir=\"ltr\" role=\"presentation\">exploitation<\/span><span dir=\"ltr\" role=\"presentation\">]<\/span> <span dir=\"ltr\" role=\"presentation\">In<\/span> <span dir=\"ltr\" role=\"presentation\">the<\/span> <span dir=\"ltr\" role=\"presentation\">meterpreter shell<\/span><span dir=\"ltr\" role=\"presentation\">, get the current process identifier.<\/span><br role=\"presentation\" \/><span dir=\"ltr\" role=\"presentation\">10.<\/span> <span dir=\"ltr\" role=\"presentation\">[<\/span><span dir=\"ltr\" role=\"presentation\">Post<\/span><span dir=\"ltr\" role=\"presentation\">&#8211;<\/span><span dir=\"ltr\" role=\"presentation\">exploitation<\/span><span dir=\"ltr\" role=\"presentation\">]<\/span> <span dir=\"ltr\" role=\"presentation\">In<\/span> <span dir=\"ltr\" role=\"presentation\">the<\/span> <span dir=\"ltr\" role=\"presentation\">meterpreter shell<\/span><span dir=\"ltr\" role=\"presentation\">, get<\/span> <span dir=\"ltr\" role=\"presentation\">system<\/span> <span dir=\"ltr\" role=\"presentation\">information about the<\/span> <span dir=\"ltr\" role=\"presentation\">target.<\/span><br role=\"presentation\" \/><span dir=\"ltr\" role=\"presentation\">Task B.<\/span> <span dir=\"ltr\" role=\"presentation\">Exploit EternalBlue on Windows Server<\/span> <span dir=\"ltr\" role=\"presentation\">2022<\/span> <span dir=\"ltr\" role=\"presentation\">with Metasploit (<\/span><span dir=\"ltr\" role=\"presentation\">10<\/span> <span dir=\"ltr\" role=\"presentation\">pt)<\/span><br role=\"presentation\" \/><span dir=\"ltr\" role=\"presentation\">In this task, try to use the same steps as shown in the<\/span> <span dir=\"ltr\" role=\"presentation\">class \/<\/span> <span dir=\"ltr\" role=\"presentation\">video<\/span> <span dir=\"ltr\" role=\"presentation\">(for online students)<\/span> <span dir=\"ltr\" role=\"presentation\">lecture to<\/span><br role=\"presentation\" \/><span dir=\"ltr\" role=\"presentation\">exploit the<\/span> <span dir=\"ltr\" role=\"presentation\">EternalBlue<\/span> <span dir=\"ltr\" role=\"presentation\">vulnerability on Windows Server 2022. You<\/span> <span dir=\"ltr\" role=\"presentation\">may or may not<\/span> <span dir=\"ltr\" role=\"presentation\">establish a reverse<\/span><br role=\"presentation\" \/><span dir=\"ltr\" role=\"presentation\">shell connection to the Windows Server 2022. Document your steps and show me your results.<\/span><br role=\"presentation\" \/><span dir=\"ltr\" role=\"presentation\">You won<\/span><span dir=\"ltr\" role=\"presentation\">\u2019<\/span><span dir=\"ltr\" role=\"presentation\">t lose points for a failed reverse shell connection. But you will<\/span> <span dir=\"ltr\" role=\"presentation\">lose points for incorrect<\/span><br role=\"presentation\" \/><span dir=\"ltr\" role=\"presentation\">configurations, such as putting<\/span> <span dir=\"ltr\" role=\"presentation\">the wrong IP address for LHOST\/RHOST, etc.<\/span><br role=\"presentation\" \/><span dir=\"ltr\" role=\"presentation\">Task C.<\/span> <span dir=\"ltr\" role=\"presentation\">Exploit Windows<\/span> <span dir=\"ltr\" role=\"presentation\">7<\/span> <span dir=\"ltr\" role=\"presentation\">with a<\/span> <span dir=\"ltr\" role=\"presentation\">deliverable<\/span> <span dir=\"ltr\" role=\"presentation\">payload<\/span> <span dir=\"ltr\" role=\"presentation\">(<\/span><span dir=\"ltr\" role=\"presentation\">70<\/span> <span dir=\"ltr\" role=\"presentation\">pt).<\/span><br role=\"presentation\" \/><span dir=\"ltr\" role=\"presentation\">In this task, you need to create an executable payload with the required configurations below.<\/span><br role=\"presentation\" \/><span dir=\"ltr\" role=\"presentation\">1.<\/span> <span dir=\"ltr\" role=\"presentation\">Once your payload is ready, upload it to the web server running on Kali Linu<\/span><span dir=\"ltr\" role=\"presentation\">x. Then<\/span> <span dir=\"ltr\" role=\"presentation\">download the<\/span><br role=\"presentation\" \/><span dir=\"ltr\" role=\"presentation\">payload from Windows<\/span> <span dir=\"ltr\" role=\"presentation\">7<\/span><span dir=\"ltr\" role=\"presentation\">,<\/span> <span dir=\"ltr\" role=\"presentation\">and<\/span> <span dir=\"ltr\" role=\"presentation\">execute it on the target to make a reverse shell. Of course, don&#8217;t<\/span><br role=\"presentation\" \/><span dir=\"ltr\" role=\"presentation\">forget to configure<\/span> <span dir=\"ltr\" role=\"presentation\">options in<\/span> <span dir=\"ltr\" role=\"presentation\">your Metasploit<\/span> <span dir=\"ltr\" role=\"presentation\">framework<\/span> <span dir=\"ltr\" role=\"presentation\">on Kali Linux before the payload is<\/span><br role=\"presentation\" \/><span dir=\"ltr\" role=\"presentation\">triggered on the target VM.<\/span> <span dir=\"ltr\" role=\"presentation\">(10 pt)<\/span><span dir=\"ltr\" role=\"presentation\">.<\/span><br role=\"presentation\" \/><span dir=\"ltr\" role=\"presentation\">The requirements for your payload are<\/span> <span dir=\"ltr\" role=\"presentation\">:<\/span><br role=\"presentation\" \/><span dir=\"ltr\" role=\"presentation\">\u2022<\/span> <span dir=\"ltr\" role=\"presentation\">Payload Name: Use your MIDAS ID (for example,<\/span> <span dir=\"ltr\" role=\"presentation\">svatsa<\/span><span dir=\"ltr\" role=\"presentation\">.exe<\/span><span dir=\"ltr\" role=\"presentation\">)<\/span> <span dir=\"ltr\" role=\"presentation\">(<\/span><span dir=\"ltr\" role=\"presentation\">5pt<\/span><span dir=\"ltr\" role=\"presentation\">)<\/span><br role=\"presentation\" \/><span dir=\"ltr\" role=\"presentation\">\u2022<\/span> <span dir=\"ltr\" role=\"presentation\">Listening port:<\/span> <span dir=\"ltr\" role=\"presentation\">5525<\/span> <span dir=\"ltr\" role=\"presentation\">(<\/span><span dir=\"ltr\" role=\"presentation\">5pt<\/span><span dir=\"ltr\" role=\"presentation\">)<\/span><\/div>\n<\/div>\n<div class=\"PDFAnnotationLayer-container\">\n<div data-main-rotation=\"0\"><\/div>\n<div class=\"annotationLayer\" data-main-rotation=\"0\"><span dir=\"ltr\" role=\"presentation\">[Post<\/span><span dir=\"ltr\" role=\"presentation\">&#8211;<\/span><span dir=\"ltr\" role=\"presentation\">exploitation]<\/span> <span dir=\"ltr\" role=\"presentation\">Once you<\/span> <span dir=\"ltr\" role=\"presentation\">have<\/span> <span dir=\"ltr\" role=\"presentation\">established the reverse shell connection to the target Windows<\/span> <span dir=\"ltr\" role=\"presentation\">7<\/span><span dir=\"ltr\" role=\"presentation\">,<\/span><\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<div class=\"Page-container\">\n<div id=\"page-2\" class=\"Page PageComponent\" data-pagenumber=\"2\" data-rotation=\"0\">\n<div class=\"Draw Draw--not-drawing Draw--selection\">\n<div class=\"TextLayer-container\">\n<div class=\"textLayer\" data-main-rotation=\"0\"><span dir=\"ltr\" role=\"presentation\">complete the following tasks in your<\/span> <span dir=\"ltr\" role=\"presentation\">meterpreter shell<\/span><span dir=\"ltr\" role=\"presentation\">:<\/span><br role=\"presentation\" \/><span dir=\"ltr\" role=\"presentation\">2.<\/span> <span dir=\"ltr\" role=\"presentation\">Execute the screenshot command to take a screenshot of the target machine if the exploit is<\/span><br role=\"presentation\" \/><span dir=\"ltr\" role=\"presentation\">successful.<\/span> <span dir=\"ltr\" role=\"presentation\">(10 pt)<\/span><br role=\"presentation\" \/><span dir=\"ltr\" role=\"presentation\">3.<\/span> <span dir=\"ltr\" role=\"presentation\">Create a text file on the attacker Kali named &#8220;<\/span><span dir=\"ltr\" role=\"presentation\">YourMIDAS<\/span><span dir=\"ltr\" role=\"presentation\">.txt<\/span><span dir=\"ltr\" role=\"presentation\">&#8221; (replace<\/span> <span dir=\"ltr\" role=\"presentation\">YourMIDAS<\/span> <span dir=\"ltr\" role=\"presentation\">with your<\/span><br role=\"presentation\" \/><span dir=\"ltr\" role=\"presentation\">university MIDAS ID) and put the current timestamp<\/span> <span dir=\"ltr\" role=\"presentation\">in<\/span> <span dir=\"ltr\" role=\"presentation\">the file. Upload this file to the<\/span> <span dir=\"ltr\" role=\"presentation\">target&#8217;s<\/span><br role=\"presentation\" \/><span dir=\"ltr\" role=\"presentation\">desktop<\/span><span dir=\"ltr\" role=\"presentation\">. Then, log in to Windows 7 VM and check if the file exists. You need to show me the<\/span><br role=\"presentation\" \/><span dir=\"ltr\" role=\"presentation\">command that uploads the file.<\/span> <span dir=\"ltr\" role=\"presentation\">(<\/span><span dir=\"ltr\" role=\"presentation\">10<\/span> <span dir=\"ltr\" role=\"presentation\">pt<\/span><span dir=\"ltr\" role=\"presentation\">)<\/span><br role=\"presentation\" \/><span dir=\"ltr\" role=\"presentation\">4.<\/span> <span dir=\"ltr\" role=\"presentation\">E<\/span><span dir=\"ltr\" role=\"presentation\">xtra<\/span> <span dir=\"ltr\" role=\"presentation\">credit<\/span> <span dir=\"ltr\" role=\"presentation\">(5 points)<\/span> <span dir=\"ltr\" role=\"presentation\">Execute<\/span> <span dir=\"ltr\" role=\"presentation\">the<\/span> <span dir=\"ltr\" role=\"presentation\">\u201c<\/span><span dir=\"ltr\" role=\"presentation\">has<\/span><span dir=\"ltr\" role=\"presentation\">h<\/span><span dir=\"ltr\" role=\"presentation\">dump<\/span><span dir=\"ltr\" role=\"presentation\">\u201d<\/span> <span dir=\"ltr\" role=\"presentation\">command<\/span> <span dir=\"ltr\" role=\"presentation\">to<\/span> <span dir=\"ltr\" role=\"presentation\">view<\/span> <span dir=\"ltr\" role=\"presentation\">the<\/span> <span dir=\"ltr\" role=\"presentation\">password<\/span> <span dir=\"ltr\" role=\"presentation\">hashes<\/span> <span dir=\"ltr\" role=\"presentation\">and<\/span><br role=\"presentation\" \/><span dir=\"ltr\" role=\"presentation\">save th<\/span><span dir=\"ltr\" role=\"presentation\">ose in a file name<\/span><span dir=\"ltr\" role=\"presentation\">d<\/span> <span dir=\"ltr\" role=\"presentation\">\u201c<\/span><span dir=\"ltr\" role=\"presentation\">hash.txt<\/span><span dir=\"ltr\" role=\"presentation\">\u201d<\/span><br role=\"presentation\" \/><span dir=\"ltr\" role=\"presentation\">[Privilege escalation]<\/span><br role=\"presentation\" \/><span dir=\"ltr\" role=\"presentation\">5.<\/span> <span dir=\"ltr\" role=\"presentation\">Background your current session, then g<\/span><span dir=\"ltr\" role=\"presentation\">ain administrator<\/span><span dir=\"ltr\" role=\"presentation\">&#8211;<\/span><span dir=\"ltr\" role=\"presentation\">level privileges on the remote system<\/span><br role=\"presentation\" \/><span dir=\"ltr\" role=\"presentation\">(<\/span><span dir=\"ltr\" role=\"presentation\">10 pt<\/span><span dir=\"ltr\" role=\"presentation\">)<\/span><span dir=\"ltr\" role=\"presentation\">.<\/span><br role=\"presentation\" \/><span dir=\"ltr\" role=\"presentation\">6.<\/span> <span dir=\"ltr\" role=\"presentation\">After you escalate the privilege,<\/span> <span dir=\"ltr\" role=\"presentation\">complete the following tasks:<\/span><br role=\"presentation\" \/><span dir=\"ltr\" role=\"presentation\">a.<\/span> <span dir=\"ltr\" role=\"presentation\">C<\/span><span dir=\"ltr\" role=\"presentation\">reate a malicious account with your name and add this account to the administrator<\/span><br role=\"presentation\" \/><span dir=\"ltr\" role=\"presentation\">group.<\/span> <span dir=\"ltr\" role=\"presentation\">You need to complete this step on the Attacker Side<\/span><span dir=\"ltr\" role=\"presentation\">.<\/span> <span dir=\"ltr\" role=\"presentation\">(<\/span><span dir=\"ltr\" role=\"presentation\">10<\/span> <span dir=\"ltr\" role=\"presentation\">pt)<\/span><br role=\"presentation\" \/><span dir=\"ltr\" role=\"presentation\">b.<\/span> <span dir=\"ltr\" role=\"presentation\">Remote<\/span> <span dir=\"ltr\" role=\"presentation\">access<\/span> <span dir=\"ltr\" role=\"presentation\">to<\/span> <span dir=\"ltr\" role=\"presentation\">the malicious account created<\/span> <span dir=\"ltr\" role=\"presentation\">in the previous step and browse the<\/span><br role=\"presentation\" \/><span dir=\"ltr\" role=\"presentation\">files belonging to the user, &#8220;Windows 7&#8221;, in RDP.<\/span> <span dir=\"ltr\" role=\"presentation\">(<\/span><span dir=\"ltr\" role=\"presentation\">10<\/span> <span dir=\"ltr\" role=\"presentation\">pt<\/span><span dir=\"ltr\" role=\"presentation\">)<\/span> <span dir=\"ltr\" role=\"presentation\">You may follow the pdf for<\/span><br role=\"presentation\" \/><span dir=\"ltr\" role=\"presentation\">Pen testing<\/span><br role=\"presentation\" \/><span dir=\"ltr\" role=\"presentation\">Task D.<\/span> <span dir=\"ltr\" role=\"presentation\">Extra Credit<\/span><br role=\"presentation\" \/><span dir=\"ltr\" role=\"presentation\">Try to set up a reverse shell connection with<\/span> <span dir=\"ltr\" role=\"presentation\">Metasploit<\/span> <span dir=\"ltr\" role=\"presentation\">to Windows 10<\/span> <span dir=\"ltr\" role=\"presentation\">(10 points<\/span><span dir=\"ltr\" role=\"presentation\">)<\/span><span dir=\"ltr\" role=\"presentation\">.<\/span> <span dir=\"ltr\" role=\"presentation\">You can use the<\/span><br role=\"presentation\" \/><span dir=\"ltr\" role=\"presentation\">technique we introduced in this<\/span> <span dir=\"ltr\" role=\"presentation\">class, or other exploits<\/span> <span dir=\"ltr\" role=\"presentation\">not covered by this course.<\/span><\/div>\n<\/div>\n<div class=\"PDFAnnotationLayer-container\">\n<div class=\"annotationLayer\" data-main-rotation=\"0\"><\/div>\n<\/div>\n<div class=\"PageAnnotations\"><\/div>\n<\/div>\n<\/div>\n<div>\n<div><\/div>\n<div class=\"Page-comment-line-top-margin\">The hands-on labs are as follows:<\/div>\n<div><\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/li>\n<\/ol>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n<p>Old Dominion University<\/p>\n<p>CYSE 301 Cybersecurity Techniques and Operations<\/p>\n<p>Assignment #4 Ethical Hacking<\/p>\n<p>Stevie Johnson<\/p>\n<p>01242216<\/p>\n<p><strong>Task A. Exploit SMB on Windows XP with Metasploit (20 pt, 2pt each)<\/strong><\/p>\n<p><strong>Please activate Windows XP clock by following the document posted under Module-3<\/strong><\/p>\n<p><strong>or demonstrated in class.<\/strong><\/p>\n<p>In this task, you need to complete the following steps to exploit SMB vulnerability on Windows XP.<\/p>\n<ol>\n<li>Run a port scan against Windows XP using the nmap command to identify open ports, services, and vulnerabilities.<\/li>\n<\/ol>\n<p>.<img loading=\"lazy\" decoding=\"async\" class=\"alignnone  wp-image-311\" src=\"http:\/\/sites.wp.odu.edu\/williamjohnson\/wp-content\/uploads\/sites\/39123\/2026\/05\/Picture1-300x108.png\" alt=\"\" width=\"336\" height=\"121\" srcset=\"https:\/\/sites.wp.odu.edu\/williamjohnson\/wp-content\/uploads\/sites\/39123\/2026\/05\/Picture1-300x108.png 300w, https:\/\/sites.wp.odu.edu\/williamjohnson\/wp-content\/uploads\/sites\/39123\/2026\/05\/Picture1-600x216.png 600w, https:\/\/sites.wp.odu.edu\/williamjohnson\/wp-content\/uploads\/sites\/39123\/2026\/05\/Picture1.png 624w\" sizes=\"(max-width: 336px) 100vw, 336px\" \/><\/p>\n<ol start=\"2\">\n<li>Identify the SMB port number (default: 445) and confirm that it is open.<\/li>\n<\/ol>\n<p>&nbsp;<\/p>\n<ol start=\"3\">\n<li>Launch Metasploit Framework and search for the exploit module: ms08_067_netapi.<\/li>\n<\/ol>\n<p>&nbsp;<\/p>\n<ol start=\"4\">\n<li>Use ms08_067_netapi as the exploit module and set meterpreter reverse_tcp as the payload.<\/li>\n<li>Use 5525 as the listening port number. Configure the rest of the parameters. Display your<\/li>\n<\/ol>\n<p>configurations and exploit the target.<\/p>\n<ol start=\"6\">\n<li>[Post-exploitation] Execute the screenshot command to take a screenshot of the target machine<\/li>\n<\/ol>\n<p>if the exploit is successful.<\/p>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n<ol start=\"7\">\n<li>[Post-exploitation] In the meterpreter shell, display the target system\u2019s local date and time.<\/li>\n<li>[Post-exploitation] In the meterpreter shell, get the SID of the user.<\/li>\n<li>[Post-exploitation] In the meterpreter shell, get the current process identifier.<\/li>\n<li>[Post-exploitation] In the meterpreter shell, get system information about the target.<\/li>\n<\/ol>\n<p>&nbsp;<\/p>\n<p><strong>Task B. Exploit EternalBlue on Windows Server 2022 with Metasploit (10 pt)<\/strong><\/p>\n<p>In this task, try to use the same steps as shown in the class \/ video (for online students) lecture to<\/p>\n<p>exploit the EternalBlue vulnerability on Windows Server 2022. You may or may not establish a reverse<\/p>\n<p>shell connection to the Windows Server 2022. Document your steps and show me your results.<\/p>\n<p>You won\u2019t lose points for a failed reverse shell connection. But you will lose points for incorrect<\/p>\n<p>configurations, such as putting the wrong IP address for LHOST\/RHOST, etc.<\/p>\n<p>&nbsp;<\/p>\n<p><strong>Task C. Exploit Windows 7 with a deliverable payload (70 pt).<\/strong><\/p>\n<p>In this task, you need to create an executable payload with the required configurations below.<\/p>\n<ol>\n<li>Once your payload is ready, upload it to the web server running on Kali Linux. Then download the<\/li>\n<\/ol>\n<p>payload from Windows 7, and execute it on the target to make a reverse shell. Of course, don&#8217;t<\/p>\n<p>forget to configure options in your Metasploit framework on Kali Linux before the payload is<\/p>\n<p>triggered on the target VM. (10 pt).<\/p>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n<p>The requirements for your payload are :<\/p>\n<ul>\n<li>Payload Name: Use your MIDAS ID (for example, svatsa.exe) (5pt)<\/li>\n<li>Listening port: 5525 (5pt)<\/li>\n<\/ul>\n<p>[Post-exploitation] Once you have established the reverse shell connection to the target Windows 7,<\/p>\n<p>complete the following tasks in your meterpreter shell:<\/p>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n<ol start=\"2\">\n<li>Execute the screenshot command to take a screenshot of the target machine if the exploit is<\/li>\n<\/ol>\n<p>successful. (10 pt)<\/p>\n<ol start=\"3\">\n<li>Create a text file on the attacker Kali named &#8220;YourMIDAS.txt&#8221; (replace YourMIDAS with your<\/li>\n<\/ol>\n<p>university MIDAS ID) and put the current timestamp in the file. Upload this file to the target&#8217;s<\/p>\n<p>desktop. Then, log in to Windows 7 VM and check if the file exists. You need to show me the<\/p>\n<p>command that uploads the file. (10 pt).<\/p>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n<ol start=\"4\">\n<li>Extra credit (5 points) Execute the \u201chashdump\u201d command to view the password hashes and<\/li>\n<\/ol>\n<p>save those in a file named \u201chash.txt\u201d<\/p>\n<p>[Privilege escalation]<\/p>\n<ol start=\"5\">\n<li>Background your current session, then gain administrator-level privileges on the remote system<\/li>\n<\/ol>\n<p>(10 pt).<\/p>\n<ol start=\"6\">\n<li>After you escalate the privilege, complete the following tasks:<\/li>\n<li>Create a malicious account with your name and add this account to the administrator<\/li>\n<\/ol>\n<p>group. You need to complete this step on the Attacker Side. (10 pt)<\/p>\n<ol>\n<li>Remote access to the malicious account created in the previous step and browse the<\/li>\n<\/ol>\n<p>files belonging to the user, &#8220;Windows 7&#8221;, in RDP. (10 pt) You may follow the pdf for<\/p>\n<p>Pen testing.<\/p>\n<p>&nbsp;<\/p>\n<p>Task D. Extra Credit<\/p>\n<p>Try to set up a reverse shell connection with Metasploit to Windows 10 (10 points). You can use the<\/p>\n<p>technique we introduced in this class, or other exploits not covered by this course.<\/p>\n<p>&nbsp;<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Cybersecurity Techniques and Operations This course introduces tools and techniques used to secure and analyze large computer networks and systems. Students will systematically learn C programming in the first part of the course, which forms a foundation for many cybersecurity operations, such as malware analysis, understanding network protocol stack, etc. In the second part, students&#8230; <\/p>\n<div class=\"link-more\"><a href=\"https:\/\/sites.wp.odu.edu\/williamjohnson\/cyse-301\/\">Read More<\/a><\/div>\n","protected":false},"author":30948,"featured_media":0,"parent":0,"menu_order":0,"comment_status":"closed","ping_status":"closed","template":"","meta":{"footnotes":""},"_links":{"self":[{"href":"https:\/\/sites.wp.odu.edu\/williamjohnson\/wp-json\/wp\/v2\/pages\/123"}],"collection":[{"href":"https:\/\/sites.wp.odu.edu\/williamjohnson\/wp-json\/wp\/v2\/pages"}],"about":[{"href":"https:\/\/sites.wp.odu.edu\/williamjohnson\/wp-json\/wp\/v2\/types\/page"}],"author":[{"embeddable":true,"href":"https:\/\/sites.wp.odu.edu\/williamjohnson\/wp-json\/wp\/v2\/users\/30948"}],"replies":[{"embeddable":true,"href":"https:\/\/sites.wp.odu.edu\/williamjohnson\/wp-json\/wp\/v2\/comments?post=123"}],"version-history":[{"count":5,"href":"https:\/\/sites.wp.odu.edu\/williamjohnson\/wp-json\/wp\/v2\/pages\/123\/revisions"}],"predecessor-version":[{"id":312,"href":"https:\/\/sites.wp.odu.edu\/williamjohnson\/wp-json\/wp\/v2\/pages\/123\/revisions\/312"}],"wp:attachment":[{"href":"https:\/\/sites.wp.odu.edu\/williamjohnson\/wp-json\/wp\/v2\/media?parent=123"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}