Title | UNIT 17 Homework Penetration Test Engagement |
---|---|
Author | J R |
Course | Cyberwarfare And Security |
Institution | University of Western Australia |
Pages | 5 |
File Size | 432.1 KB |
File Type | |
Total Downloads | 100 |
Total Views | 129 |
.............
GoodSecurity Penetration Test Report [email protected]
DAT1.0
High-Level Summary
GoodSecurity was tasked with performing an internal penetration test on GoodCorp’s CEO, Hans Gruber. An internal penetration test is a dedicated attack against internally connected systems. The focus of this test is to perform attacks, similar to those of a hacker and attempt to infiltrate Hans’ computer and determine if it is at risk. GoodSecurity’s overall objective was to exploit any vulnerable software and find the secret recipe file on Hans’ computer, while reporting the findings back to GoodCorp. When performing the internal penetration test, there were several alarming vulnerabilities that were identified on Hans’ desktop. When performing the attacks, GoodSecurity was able to gain access to his machine and find the secret recipe file by exploit two programs that had major vulnerabilities. The details of the attack can be found in the ‘Findings’ category.
2.0
Findings
Machine IP: 192.168.0.20 Machine’s IP address: 00:15:5D:00:04:01 Hostname: MSEDGEWIN10 Actual name of the machine: CPE:/o:microsoft:windows
Vulnerability Exploited: Metasploit: /exploit/http/icecast_header The name of the script or Metasploit module used: ICECAST HEADER OVERWRITE
Vulnerability Explanation:
The Icecast application running on 192.168. 0.20 allows for a buffer overflow exploit wherein an attacker can remotely gain control of the victim's system by overwriting the memory on the system utilizing the Icecast flaw, which writes past the end of a pointer array when receiving 32 HTTP headers.
Severity: In your expert opinion, how severe is this vulnerability? In my professional opinion I would rate the severity of this exploit to be extremely high, this exploit has demonstrated the method in which sensitive company data can be accessed by an unauthorized attacker, additionally this exploit allows for the escalation of privileges which would make way for potentially further more serious exploitations to occur.
Proof of Concept: Location of sensitive data seen in the below screenshot:
Downloading of sensitive of data seen in the below screenshot:
Further exploitation of highly sensitive data seen below:
Password hashes compromised seen below:
Weak passwords for both Administrator and IEUSER are shown to be cracked:
3.0
Recommendations
What recommendations would you give to GoodCorp? Enforce stronger more secure passwords alongside 2 factor authentication....