Assignment 2

docx

School

New Jersey Institute Of Technology *

*We aren’t endorsed by this school

Course

351

Subject

Computer Science

Date

Feb 20, 2024

Type

docx

Pages

2

Uploaded by hemaj18

Report
Name Surname CS 351 Introduction to Cybersecurity Assignment 2 1. Assume you receive an e-mail, which appears to come from a senior manager in your company, with a subject indicating that it concerns a project that you are currently working on. When you view the e-mail, you see that it asks you to review the attached revised press release, supplied as a PDF document. Since you don’t expect such an email, you want to do an investigation and to decide which kind of threats are there in the message (40 pts) . A) Write explicitly the investigation steps that can be done for this situation. In each step, if you are using any tool (open source or any) give the names of the tools. What kind of possible malwares this PDF can be? B) You found that the hash value of the PDF file is: 25a906877af7aed44c21b4c947a34666c3480629a929a227b67b273 245ee3708 By using this information, decide whether the PDF is malicious, clean or spam. If it is malicious please give the exact name of the malware and proofs (screenshots, references, etc.) 2. In this problem you are expected to have Kali and Metasploitable2 virtual machines in your computer. Metasploitable2 is an intentionally vulnerable Linux virtual machine. This VM can be used to conduct security training, test security tools, and practice common penetration testing techniques. Install Metasploitable2 virtual machine to your VM environment (you can use VirtualBox, VMware or any similar). Then by using NMAP tool and some other tools (in Kali) attack to the Metasploitable2 to do the following operations. Please submit your answers with proofs (screenshots, etc.) (60 pts) A) Find all open ports running on the host ( Information Gathering ) B) Find all running services on these ports ( Scanning ) C) Find the version of these services ( Scanning and Enumeration ) D) By checking versions of services comment whether there exists any vulnerability or not. If exists, show one of them that has a public exploit. E) Write the name of the one of the Vulnerabilities in the machine which has CVSS v3 score greater than 9 F) Exploit one of the vulnerabilities and use this vulnerability to create a user (with your name) in this machine that has a root privilege (After creating a user you should show that this user has a root privilege) ( Exploitation and Privilege Escalation ) G) Enumerate all the users in this machine and their corresponding hashed passwords (Disclosure) Reference: https://docs.rapid7.com/metasploit/metasploitable-2/
https://www.kali.org/get-kali/#kali-virtual-machines
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help

Related Documents

Assignment 1 (1).pdf
CYB_210_Network_Configuration_Scavenger_Hunt_Chris_Braccili.docx
CYB_230_Module_Five_Lab_Worksheet_Chris_Braccili.docx
CYB_210_Module_Five_Packet_Tracer_Activity_Chris_Braccili.docx
A20_2022F_Exam.pdf
Assignment 4.docx
Java-Questions.docx
Assignment 1.pdf
Wk 8 Ch 4B - Loops Practice.docx
Wk 10 Ch 5B - Functions Practice with Simple Game.docx
R-CheatSheet.pdf
Lab-03-introtostrings.docx
Recommended textbooks for you
Text book image
Enhanced Discovering Computers 2017 (Shelly Cashm...
Computer Science
ISBN:9781305657458
Author:Misty E. Vermaat, Susan L. Sebok, Steven M. Freund, Mark Frydenberg, Jennifer T. Campbell
Publisher:Cengage Learning
Text book image
Np Ms Office 365/Excel 2016 I Ntermed
Computer Science
ISBN:9781337508841
Author:Carey
Publisher:Cengage
Text book image
Management Of Information Security
Computer Science
ISBN:9781337405713
Author:WHITMAN, Michael.
Publisher:Cengage Learning,
Text book image
Fundamentals of Information Systems
Computer Science
ISBN:9781337097536
Author:Ralph Stair, George Reynolds
Publisher:Cengage Learning
Text book image
Principles of Information Systems (MindTap Course...
Computer Science
ISBN:9781285867168
Author:Ralph Stair, George Reynolds
Publisher:Cengage Learning
Text book image
CMPTR
Computer Science
ISBN:9781337681872
Author:PINARD
Publisher:Cengage
SEE MORE TEXTBOOKS
Recommended textbooks for you
Text book image
Enhanced Discovering Computers 2017 (Shelly Cashm...
Computer Science
ISBN:9781305657458
Author:Misty E. Vermaat, Susan L. Sebok, Steven M. Freund, Mark Frydenberg, Jennifer T. Campbell
Publisher:Cengage Learning
Text book image
Np Ms Office 365/Excel 2016 I Ntermed
Computer Science
ISBN:9781337508841
Author:Carey
Publisher:Cengage
Text book image
Management Of Information Security
Computer Science
ISBN:9781337405713
Author:WHITMAN, Michael.
Publisher:Cengage Learning,
Text book image
Fundamentals of Information Systems
Computer Science
ISBN:9781337097536
Author:Ralph Stair, George Reynolds
Publisher:Cengage Learning
Text book image
Principles of Information Systems (MindTap Course...
Computer Science
ISBN:9781285867168
Author:Ralph Stair, George Reynolds
Publisher:Cengage Learning
Text book image
CMPTR
Computer Science
ISBN:9781337681872
Author:PINARD
Publisher:Cengage
SEE MORE TEXTBOOKS