System Hacking Lab Guide: Skills and Tasks Overview

ECPI University School of Technology: Department of Computer Information Science- Learning Activity Instructions Student Name Kirtan Patel Activity Type Guided Practice / Computer Lab Instructions Perform the Guided Practice per the instructions in your course. As you complete each lab, insert a screenshot of your results. Perform all the tasks shown below. Note: Some tasks in the labs are not completed in this class, instead they are completed in the associated lab class. Only provide screenshots for the tasks that specify a screenshot. There should be a total of 4 screenshots for this lab. Complete the following lab tasks in the System Hacking ILab Module: 1. Lab 1 - Gain access to the system o Task 1 - Perform active online attack to crack the system’s password using Responder o Task 2 - Audit system passwords using L0phtCrack o Task 4 - Exploit client-side vulnerabilities and establish a VNC session o Task 5 - Gain access to a remote system using Armitage 1. Screenshot step 40 Lab Version: 12.13.2016

ECPI University School of Technology: Department of Computer Information Science- Learning Activity Instructions o Task 7 - Perform buffer overflow attack to gain access to a remote system (Optional) 2. Lab 2 - Perform privilege escalation to gain higher privileges. o Task 4 - Escalate privileges in Linux machine by exploiting misconfigured NFS o Task 6 - Escalate privileges to gather hashdump using Mimikatz 1. Screenshot step 45 3. Lab 3 - Maintain remote access and hide malicious activities. o Task 1 - User system monitoring and surveillance using Power Spy o Task 2 - User system monitoring and surveillance using Spytech SpyAgent o Task 5 - Image steganography using OpenStego and StegOnline o Task 8 - Privilege escalation and maintain persistence using WMI Lab Version: 12.13.2016

ECPI University School of Technology: Department of Computer Information Science- Learning Activity Instructions 1. Screenshot step 40 4. Lab 4 - Clear logs to hide the evidence of compromise. o Task 4 - Hiding artifacts in windows and Linux machines o Task 5 - Clear Windows machine logs using CCleaner Lab Version: 12.13.2016

Your preview ends here

Eager to read complete document? Join bartleby learn and gain access to the full version

Access to all documents
Unlimited textbook solutions
24/7 expert homework help

ECPI University School of Technology: Department of Computer Information Science- Learning Activity Instructions 1. Screenshot step 8 Summary: As a result of this lab, I have learned:  Include a few paragraphs summarizing the key skills you have acquired during this guided practice. L0phtCrack is a robust password auditing application that allows users to evaluate the strength of system passwords based on their complexity and vulnerability to brute-force attacks. Password auditing exercises with L0phtCrack can help practitioners learn how to discover weak passwords, understand common password vulnerabilities, and adopt password security measures. This hands-on training not only enhances proficiency in utilizing L0phtCrack but also encourages a deeper understanding of password cracking techniques, cryptographic hashing algorithms, and password policy enforcement. Mimikatz, a sophisticated post-exploitation tool, focuses on privilege escalation and credential harvesting on Windows platforms. Individuals can learn how to utilize Mimikatz in privilege escalation exercises to collect hash dumps, retrieve plaintext passwords from memory, and manipulate Windows authentication systems. This skill set is essential for understanding the complexities of Windows security systems, exploiting privilege escalation vulnerabilities, and efficiently performing sophisticated penetration testing and red teaming activities. Lab Version: 12.13.2016

ECPI University School of Technology: Department of Computer Information Science- Learning Activity Instructions CCleaner, while generally renowned as a system optimization application, may also be used to manipulate log files and cover tracks on Windows machines. Individuals can learn how to remove traces of their activity from system logs, event logs, and other forensic artifacts by completing log clearing exercises with CCleaner. This competence is essential for maintaining stealth and anonymity while conducting penetration tests, forensic investigations, and other security assessments, as well as knowing the limitations of log-based detection and response systems. Lab Version: 12.13.2016

3.3 System Hacking Lab Report

Related Documents