User Account

All Pages

Gaining access & exploitation frameworks

Assignment Help Computer Engineering
Reference no: EM134018278

Penetration Testing & Cloud Security

Instructions

For all exercises in this unit, you are required to use your provisioned Edulab Kali Linux Environment. Please ensure you have logged in using your Student ID and temporary password. Students working with Linux environments should ensure all required services are properly configured before beginning the lab.

Portfolio Exercise 3 (Session 3)

Title: Gaining Access & Exploitation Frameworks

Purpose & Scope

This lab transitions from reconnaissance to active exploitation and authentication auditing. You will initialize backend databases for tracking exploit data, explore modular architectures, configure specific payloads, and utilize custom wordlists to identify weak credentials via automated scanning scripts.

Required Infrastructure & Materials

Run the following virtual environments in an isolated network:

Attacker Machine: Kali Linux VM.
Target Machine 1: Metasploitable2 or vulnerable Linux host (MySQL/SSH active).
Target Machine 2: Windows VM in EduLab with exposed protocols. Understanding Data Communication And Networking concepts can help when analyzing connectivity between attacker and target systems.

Step-by-Step Lab Execution

Step 1: Initializing the Backend Infrastructure Database

Open your terminal in Kali Linux.
Start the PostgreSQL service: sudo service postgresql start
Enable the service to persist: sudo systemctl enable postgresql
Initialize the framework database schema: sudo msfdb init

Deliverable 1: Provide a screenshot confirming successful initialization. This task relates to principles of Database Management Dbms used for storing and managing framework data.

Step 2: Interface and Architecture Discovery

Start the Metasploit Framework Console in terminal: msfconsole
Check the database connectivity: db_status
Investigate the modular structure: show exploits, show payloads, show auxiliary

Deliverable 2: Record the total number of modules displayed at the bottom of the console.

Step 3: Vulnerability Search and Configuration

Access filtering syntax documentation: help search
Search for Windows exploits (published 2015): search cve:2015 type:exploit platform:windows
Load the privilege escalation module: use exploit/windows/local/ntapphelpcachecontrol
Examine configuration options: show options
Review technical documentation: show info
Set the target IP address: set RHOST <Your_Target_VM_IP>
Return to global console: back

Deliverable 3: Provide a screenshot of the show options output confirming your target host configuration.

Step 4: Custom Dictionaries and Automated Auditing

In a new terminal tab (directory: ~/Downloads), create users.txt: nano users.txt (Add in each line: root, admin, administrator, user)
Create passwords.txt: nano passwords.txt (Add in each line: password, 123456, admin, password123)

In msfconsole, load the MySQL auxiliary module: use auxiliary/scanner/mysql/mysql_login
Configure the scanner: set user_file /home/kali/Downloads/users.txt, set pass_file /home/kali/Downloads/passwords.txt, set RHOSTS <Target_Vulnerable_VM_IP>
Execute: run

Deliverable 4: Capture the output and indicate if credentials were recovered. If you automate related scripts or custom tooling, knowledge of Python can assist in extending security testing workflows.

Reference no: EM134018278

Questions Cloud

Examples of restorative sphere of care activities : What are some specific examples of regenerative/restorative sphere of care activities that a dialysis RN does for her patient?
Personalized medicine will change landscape of healthcare : How do you envision that genomics and personalized medicine will change the landscape of healthcare?
What is your primary coping strategy : what is your primary coping strategy? Do you agree with your results? What is the value of being conscious about one's coping strategies?
Examine strategies that support struggling learners : Examine strategies that support struggling learners. If you were the nurse educator in this situation, which strategies would you most likely employ?
Gaining access & exploitation frameworks : MBIS5007 Penetration Testing & Cloud Security, Australian Institute of Higher Education - reconnaissance to active exploitation and authentication auditing
Describe one or two goals for addressing the larger problem : Describe one or two goals for addressing the larger problem. Identify a policy that exists to address the social issue/problem.
What strategies have i implemented to achieve this objective : What strategies have I implemented to achieve this objective or what strategies will I implement to achieve this objective?
Anyone who knowingly engages in high-risk behaviors : Anyone who knowingly engages in high-risk behaviors is asking for trouble and should be denied treatment of HIV if they subsequently become infected.
How might eddies perspective differ from your own : Re-tell the scenario from the perspective of Eddie. How might Eddie's perspective differ from your own?

Reviews

len4018278

6/10/2026 8:01:45 AM

Please find the attached link of a quick demonstration for today's lab as follows: As I have already suggested in the class, please ignore the RHOST datastore message and continue with the rest of the portfolio and please make sure that you take the required screenshots as advised in the portfolio.

Write a Review

Computer Engineering Questions & Answers

  Mathematics in computing

Binary search tree, and postorder and preorder traversal Determine the shortest path in Graph

  Ict governance

ICT is defined as the term of Information and communication technologies, it is diverse set of technical tools and resources used by the government agencies to communicate and produce, circulate, store, and manage all information.

  Implementation of memory management

Assignment covers the following eight topics and explore the implementation of memory management, processes and threads.

  Realize business and organizational data storage

Realize business and organizational data storage and fast access times are much more important than they have ever been. Compare and contrast magnetic tapes, magnetic disks, optical discs

  What is the protocol overhead

What are the advantages of using a compiled language over an interpreted one? Under what circumstances would you select to use an interpreted language?

  Implementation of memory management

Paper describes about memory management. How memory is used in executing programs and its critical support for applications.

  Define open and closed loop control systems

Define open and closed loop cotrol systems.Explain difference between time varying and time invariant control system wth suitable example.

  Prepare a proposal to deploy windows server

Prepare a proposal to deploy Windows Server onto an existing network based on the provided scenario.

  Security policy document project

Analyze security requirements and develop a security policy

  Write a procedure that produces independent stack objects

Write a procedure (make-stack) that produces independent stack objects, using a message-passing style, e.g.

  Define a suitable functional unit

Define a suitable functional unit for a comparative study between two different types of paint.

  Calculate yield to maturity and bond prices

Calculate yield to maturity (YTM) and bond prices

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

Submit Assignment

Academics

Major Subjects

Majors

Get In Touch

whatsapp: +91-977-207-8620

Phone: +91-977-207-8620

Email: [email protected]

TERMS & POLICIES

HELP & SUPPORT

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd