CSI_6_SCS: In this assignment, you have been contracted to do a penetration test on a server run by ” Honshu Consulting Enterprises Ltd.,” a small consulting enterprise primarily focusing on Business Intelligence: Systems and Cyber Security Coursework, LSBU, UK

Learning outcome 

• Appraise the fundamental issues related to cyber security, the exploits that can undermine security and the preventative measures that are possible
• have a solid understanding of the information security technologies
• have a solid understanding of the modern network protocols at a level sufficient to develop next-generation network security tools
• build risk management knowledge to manage and mitigate cyber security threats

Background

In this assignment, you have been contracted to do a penetration test on a server run by ” Honshu Consulting Enterprises Ltd.,” a small consulting enterprise primarily focusing on Business Intelligence. Recently, the consulting firm has become concerned about the status of its computer systems due to the advent of ransomware. To make matters worse, their full-time system administrator quit his job six months ago and has been replaced by a volatile pool of temporary employees and interns handling “computer and network security” merely to tick the box. Your primary task is to assist them in identifying their security flaws and advising them on any corrective steps they can take.

You have been given one virtual machine for this assignment: “Target System”. Your contact at Honshu Consulting Enterprises Ltd. has granted you formal authorization to scan and attempt to actively exploit this system for penetration testing, but they were unable to offer much technical information.

Tasks

For the purposes of this CW, you can consider your penetration test to be complete if you achieve the following goals:

•  Run port/version scans using Nmap and vulnerability scans using OpenVAS and/or Nessus
• Discover and document at least two exploits providing remote command-line access.
  o At least one method, either directly, or through privilege escalation must allow you to gain full control over the machine, equivalent to the root, Administrator, or SYSTEM user.
• Discover at least two existing user accounts (usernames and passwords) that provide remote command-line access to the system. The existing passwords must be provided in plain text.