首页 » 网络安全辅导 » 网络安全代写 | FIT3031 Penetration Testing Week11 Lab

网络安全代写 | FIT3031 Penetration Testing Week11 Lab

本次美国代写是网络安全相关的一个Lab

The exercises are designed for students to finish in an individual capacity. The exercises are not designed
to be completed in tutorial sessions but rather to give you some tasks and a starting point to continue and
complete on your own.

Lab Setup

In this lab we will perform a penetration test on Internal-Server. The target container is created by
Rapid7 (https://docs.rapid7.com/metasploit/metasploitable-2/) for practicing penetration testing.
The purpose is to introduce basic penetration testing tools: NMAP and Metasploit.

We will use the Week11 lab setup (DNS server doesn’t have to be in Corporate LAN). Open SecureCorp
network configuration in GNS3 (do not start the nodes yet).

• Attacker-2

We will add another attacker in the network, this is just to work efficiently in this lab. Right-click on
Internal-Server and click on duplicate. Change the hostname of the newly created container to
Attacker-2, and connect it to Switch3. Your Corporate LAN configuration should look like below:

Start the all nodes. Open terminal on Attacker-2 and install smbclient which is used to browse files
on Samba shares, execute the following command and when prompted for configuration files, select
“Keep current”:

apt-get install smbclient

• Internal-Attacker

We will be using this container for Metasploit. Install Metasploit using the following command
(single line), use apt install curl if curl is not installed. This installation may take some time,
you can move to the next section.

curl https://raw.githubusercontent.com/rapid7/metasploit-omnibus/master/config/templates/metasploit-
framework-wrappers/msfupdate.erb > msfinstall && chmod 755 msfinstall && ./msfinstall

Lab Tasks

• Service Enumeration

We can use NMAP, a port scanner, for service enumeration. This is the first step of enumeration; we
want to find out the services running on the target machine. We will use -p- ag, which is used to
scan all TCP ports (0-65535), without this ag NMAP will only scan commonly used ports. You can
also try NMAP with -A ag, which is used for OS detection, version detection, script scanning, and
traceroute. Please read nmap manual (type man nmap on terminal) for more information about nmap
options/ ags. Assuming the target IP is 10.10.10.189, use Attacker-2 to run NMAP:


程序辅导定制C/C++/JAVA/安卓/PYTHON/留学生/PHP/APP开发/MATLAB


本网站支持 Alipay WeChatPay PayPal等支付方式

E-mail: vipdue@outlook.com  微信号:vipnxx


如果您使用手机请先保存二维码,微信识别。如果用电脑,直接掏出手机果断扫描。