Order from us for quality, customized work in due time of your choice.
Vulnerability Exploitation
The main activities that you will undertake are as fo
Vulnerability Exploitation
The main activities that you will undertake are as follows:
1. Build a test environment that allows to demonstrate the vulnerability. The test environment should be saved as one or more Virtual Box VM image(s) that are self-contained and need to be submitted. You are not allowed to reuse any of the provided lab VMs unless you have obtained permission from the unit coordinator to do so.
You should use the following credentials for your test environment:
Account Type
Username
Password
Administrator Account*
admin
admin
Regular user
user
user
*Under Unix the username/password can be root/root.
You may choose different credentials but, in this case, you must document the chosen credentials very explicitly in your report.
If you submit a VM that we cannot access, due to wrong credentials or any other reasons then you will get a penalty of 20% of the total marks for this report.
You are not permitted to demonstrate a vulnerability by simply running Metasploit (msfconsole), any tool based on Metasploit (msfconsole) or any similar tool that provides a range of vulnerabilities with an easy-to-use interface. However, you can use existing code (including code from Metasploit). For pretty much every existing vulnerability you will find code. There are no limits to programming languages, you can choose whatever you like. If you are in doubt, discuss it with your teacher first.
In the report you need to be able to explain the code (even if you haven’t written it). The idea is that you fully understand your vulnerability and how it works, something you will not learn from just running a tool like Metasploit. You are permitted to use msfvenom to build payloads.
2. Document the setup of the test environment. This does not need to include trivial steps, like the basic install of Windows/Linux, but any configuration/installation relevant for the vulnerability must be documented in detail.
3. Write a step-by-step explanation of the vulnerability demonstration. The level of detail must be such that the teacher can use your VM(s) and test the vulnerability and a reader of the report will understand what happens in each step. The outcome of the exploit must be described in detail as well.
4. Prepare and give a live demonstration of the exploitation and prepare to be asked questions after the demonstration. Demonstrations must be presented live either face-to-face (on-campus students) or via video conferencing tool (off-campus students). Screen capture videos of parts of the demo are permissible in extenuating circumstances, e.g. if the vulnerability needs a long time to pull it off, and only if approved by the unit coordinator.
Order from us for quality, customized work in due time of your choice.