Ethical Hacking – Gaining Access Plan

After collecting enough information about the target during Deliverable 2 (Attached; EH-Reconnaissance And Scanning Plans), you will describe how to use that information to gain access to Haverbrook’s systems. Your one- to two-page plan on gaining access should include:

details of the gaining access process in regards to the techniques commonly used to exploit low-privileged user accounts by cracking passwords through techniques such as brute-forcing, password guessing, and social engineering, and then escalate the account privileges to administrative levels, to perform a protected operation.
an implementation outline of any software that will be used in gaining access to the network(s) or system(s) You may include open source and commercial tools available to execute the actual exploit: Burp Suite, Cain and Abel, Core Impact, John the Ripper, Metasploit, and others. You can also use some programming languages, such as Javascript, Perl, Python, Ruby, or C++, if you choose to develop custom exploits.
As you are developing the Gaining Access Plan, keep these questions in mind:

How would you escalate your privileges?
How would you establish a command and control communication channel?
Refer to Chapter 6 in the textbook for the different techniques that can be used to gain access to the system.

Use the Gaining Access Plan template (Gaining Access Plan Template) to record your work. Please submit your work to the LEO submission box below.

Also, attached are:
Project 3 scenario
RUBRIC
project 1 (Proj1_Rules_of_Engagement) and  project 2 (EH-Reconnaissance And Scanning Plans)  incase they are needed for project 3(this assignment)
Haverbrook Investment – for background info on the Company

You can leave a response, or trackback from your own site.

Leave a Reply

Powered by WordPress | Designed by: Premium WordPress Themes | Thanks to Themes Gallery, Bromoney and Wordpress Themes