Penetration Testing
Content
Penetration Testing
Alan Totten
SRA 221
Table of Contents
Section I: Introduction Page 3
Section II: Commands & Applications Page 3
Section III: Tasks Page(s) 3-6
Section IV: Experiment Log Page 6
Section V: References Page 6
Section I: Introduction
The goal and motivation of this project is to utilize the Backtrack 4 program to
successfully penetrate vulnerable ports. My expectation as the attacker is to successfully
identify vulnerable ports through a port scan and successfully obtain information from
their specific IP address and network. As mentioned earlier I will use the Backtrack 4
program to complete this objective. I also, hope to gain an understanding of the
differences between the Backtrack 4 and Backtrack 5 Hydra program since my group’s
project is on the Backtrack 5 Hydra program.
Section II: Commands & Applications
The use of the Autopwn commands is it’s a command that automatically exploits
the vulnerabilities of a target system for an attacker.. The purpose of Nmap is that it’s a
network mapper. This means that it creates a map of a specified network identifying the
network’s hosts and services. Meterpreter is used to give users an easy interface to write
commands that can be used against targets after the specified target is exploited.
Section III: Tasks
1.) In Task 1 I used the Backtrack 4 program to open up the Metasploit console on
the Virtual Lab of the attacker. Once, the Msfconsole was loaded up I was
prepared to move on to Task 2.
2.) In Task 2 I utilized the “db_autopwn” command to have the program
automatically show me what ports of the victim’s network are vulnerable. I then,
opened up the victim’s Virtual Lab and got their IP address, which I used, in my
next command in my attacker console to show which hosts are vulnerable. The
“db_nmap [IP address]” command showed me the vulnerable host’s services. The
picture below shows the open ports.
3.) Task 3 had me exploit the vulnerabilities found during the Nmap scan using the
autopwn command as shown below are the results of this command. Then, I
attempted to decrypt the passwords of the hashes through the Ophcrack GUI
program. I ran into problems at this point because the program kept on closing out
on me and going haywire. As shown in the picture under the picture with the
“hashdump” command. I moved onto covering my tracks using the “timestomp”
command. This command allows for deletion or modification of “time” related
information on files. This altered what the victim will be able to see if anyone
attacked his or her system or not.
Section IV: Experiment Log
I worked on the lab by myself for all of it. I worked on it on Monday, March
24, 2014 and Wednesday, March 26, 2014.
Section V: References
1.) http://www.forensicswiki.org/wiki/Timestomp
2.) http://www.ethicalhack3r.co.uk/metaspoits-meterpreter/
