Metasploit assignment – Arkadiy Kantor – Mis-5212

Slides:

Advertisements

Similar presentations

By Bruce Ellis Western Governors University. Demonstrate the need for updating information systems Build security awareness Inform management of the risk.

Advertisements

Offensive Security Part 1 Basics of Penetration Testing

CSCI 530L Vulnerability Assessment. Process of identifying vulnerabilities that exist in a computer system Has many similarities to risk assessment Four.

Assessing Vulnerabilities ISA 4220 Server Systems Security James A. Edge Jr., CISSP, CISM, CISA, CPTE, MCSE Sr. Security Analyst Cincinnati Bell Technology.

Information Networking Security and Assurance Lab National Chung Cheng University 2004/03/031 A Real World Attack: wu-ftp Cao er kai ( 曹爾凱 )

Computer Security and Penetration Testing

DiscussionCS-502 Fall Class Discussion Peterson’s Solution for n > 2.

To run the program: To run the program: You need the OS: You need the OS:

Nikto LUCA ALEXANDRA ADELA. Nikto  Web server assessment tool  Written by Chris Solo and David Lodge  Released on December 27, 2001  Stable release:

Performing a Penetration Test.  Penetration Tester  Attempts to reveal potential consequences of a real attack  Security Audit / Vulnerability Assessment.

BackTrack Penetration Testing Workshop Michael Holcomb, CISSP Upstate ISSA Chapter.

Mohan Kumar Puttasiddaiah

EECS 354 Network Security Metasploit Features. Hacking on the Internet Vulnerabilities are always being discovered 0day vulnerabilities Every server or.

Penetration Testing Training Day Penetration Testing Tools and Techniques – pt 1 Mike Westmacott, IRM plc Supported by.

Chapter 13 ©2011 Eoghan Casey. Published by Elsevier Inc. All rights reserved.. Investigating Computer Intrusions.

1 Security Penetration Testing Angela Davis Mrinmoy Ghosh ECE4112 – Internetwork Security Georgia Institute of Technology.

Cracking Techniques Onno W. Purbo

Module 5 – Vulnerability Identification  Phase II  Controls Assessment  Scheduling ○ Information Gathering ○ Network Mapping ○ Vulnerability Identification.

IT 463 – Scanning Assignment Shane Knisley Erik Bennett.

JMU GenCyber Boot Camp Summer, “Canned” Exploits For many known vulnerabilities attackers do not have to write their own exploit code Many repositories.

Enumeration March 2, 2010 MIS 4600 – MBA © Abdou Illia.

NESSUS. Nessus Vulnerability Scanner Features: Ease of use Deep Vulnerability Analysis Discover network based and local vulnerabilities Perform configuration.

Alison Buben Jay Pataky COSC 316.  Main purpose: Penetration Testing ◦ Evaluating the security of a computer by simulating an attack ◦ Showing where.

Unit 2: Cyber Security Part 3 Monitoring Tools & other Security Products.

Penetration Testing Exploiting 2: Compromising Target by Metasploit tool CIS 6395, Incident Response Technologies Fall 2016, Dr. Cliff Zou

Virtual Machine and VirtualBox

Penetration Testing Scanning

Nessus Vulnerability Scan

Nessus Scan exercise Arkadiy Kantor MIS5211.

Penetration Testing Armitage: Metasploit GUI and Machine-Gun Style Attack CIS 6395, Incident Response Technologies Fall 2016, Dr. Cliff Zou

MySQL Exploit with Metasploit

Calvin Wilson Craig Delzangle

Penetration Test Debrief

Nessus Vulnerability Scan

Advanced Penetration Testing

Penetration Testing Karen Miller.

Network Exploitation Tool

Exploiting Metasploitable 2 with Metasploit in Kali-Linux 2016

Onno W. Purbo Cracking Techniques Onno W. Purbo

Technology Envioronment

Module 22 (Metasploit Introduction)

Common Operating System Exploits

Metasploit Project For this exploit I will be using the following strategy Create backdoor exe file Upload file to website Have victim computer download.

Homework & Class review

33 Port Scanners (w/out major risk factor)

Metasploit assignment

Exploiting Metasploitable

Everything You Need To Know About Penetration Testing.

Mobile Pen Testing w/ drozer

Intro to Ethical Hacking

Analysis Report Kali Linux Metasploit

Homework & Class review

Nessus Vulnerability Assessment

Metasploit Assignment

Nessus Vulnerability Scan

Metasploit Analysis Report Overview

Analyzing OS Sample Windows 7 image provided by different class

I PRO' -.._ r.. f FOLLOW I 0.

Virtual Machine and VirtualBox

Cyber Operation and Penetration Testing Armitage: Metasploit GUI and Machine-Gun Style Attack Cliff Zou University of Central Florida.

Ашық сабақ 7 сынып Файлдар мен қапшықтар Сабақтың тақырыбы:

Windows басқару элементтері

Virtual Machine and VirtualBox

CULLEN ACHESON Samuel Garcia Zachary Blum

Virtual Machine and VirtualBox

Қош келдіңіздер!.

Using a Nessus Scanner on a

Hacking Windows Damian Gordon.

Penetration Testing & Network Defense

Информатика пән мұғалімі : Аитова Карима.

Presentation transcript:

Metasploit assignment – Arkadiy Kantor – Mis-5212 Tools used: Windows 10 Host – Vmware Pro Nessus Scanner - Running in a Windows 10 VM Metasploitable Linux VM Critical vulnerabilities discovered:

Vulnerability of interest - After finding a vulnerability I was interested in: Exported Nessus scan Imported into Metaexploit Performed exploit using Metaexploit Vulnerability of interest - I was able to exploit it with:

After executing the exploit was able to confirm that I had gained access to the shell with ROOT!