University of Maryland Certified Ethical Hacking Penetration Test Proposal

Question Description

Please complete the following two sections as follows. Additional guidance can be found in the Template attchment.

Maintaining Access

As apart of a penetration test proposal for Haverbrook create a Maintaining Access section that describes the techniques and software you would use to maintain access to the target network and/or system after having gained access via methods outline in the Gaining Access Section. Two page minimum.

Scenario

As a penetration tester, you need to figure out how you will maintain control of the system. To have a clear execution plan, you need to think about the best techniques and procedures when pivoting to obtain main access and control of the targeted system.

Some of the command and control techniques you may use are methods of pivoting, such as elevation of privilege, password cracking, impersonation, DNS cache poisoning, and IP spoofing.

Covering Your Tracks

In the Covering Your Tracks section, you will provide a two-page description of the methods, software tools, and any other means of avoiding detection and how each of these techniques would be used to hide your activities within the target systems.

Scenario

You know there are tools available in the operating system to perform cleanup. For instance, you can hide any malicious files introduced during exploitation by using steganographic techniques or NTFS streams to maintain future access to the target.

Additionally, you will make sure all the point of entries are accounted for, and you will keep track of any modifications you made. You will remove any malware, tools, or other nonnative files you placed on the system. You know that you can delete these files throughout an intrusion, keeping your footprint low, or remove them as part of the post intrusion cleanup process.

Unformatted Attachment Preview

Maintaining Access The Maintaining Access section will describe the techniques and software you would use to maintain access to the target network and/or system in two pages. Scenario Now that you have come up with a plan to gain access to Haverbrook’s target systems, it’s time to start planning how you will maintain that access once you get it. You know that attempt will be useless unless you can not only extract the information you were looking for but stay unnoticed, and you also need to able to get back inside as needed. A big part of managing a network is to secure it; therefore, you should take nothing for granted. You have to have a well-defined plan to get back into the target environment at will; second chances are much harder since they will be expecting you at that point. As a penetration tester, you need to figure out how you will maintain control of the system. To have a clear execution plan, you need to think about the best techniques and procedures when pivoting to obtain main access and control of the targeted system. Some of the command and control techniques you may use are methods of pivoting, such as elevation of privilege, password cracking, impersonation, DNS cache poisoning, and IP spoofing. Covering Your Tracks In the Covering Your Tracks section, you will provide a two-page description of the methods, software tools, and any other means of avoiding detection and how each of these techniques would be used to hide your activities within the target systems. Scenario Your penetration test into Haverbrook’s systems is nearly complete. After planning how you would exploit the target’s network, now you have to consider how you would cover your tracks within those systems. Your training and experience provides you with options to do so. You know there are tools available in the operating system to perform cleanup. For instance, you can hide any malicious files introduced during exploitation by using steganographic techniques or NTFS streams to maintain future access to the target. Additionally, you will make sure all the point of entries are accounted for, and you will keep track of any modifications you made. You will remove any malware, tools, or other nonnative files you placed on the system. You know that you can delete these files throughout an intrusion, keeping your footprint low, or remove them as part of the post intrusion cleanup process. Maintaining Access Plan Overview Provide a summary of the Maintaining Access phase. Techniques and Software Identify the techniques used to maintain network and/or system access. Provide a brief summary of each technique. Include any software, applications, or scripts that may be needed to maintain access in the network or system(s). Refer to Chapter 6 in the textbook for additional information. Covering Your Tracks Plan Overview Provide a summary of the Cover Your Tracks phase. Techniques and Software Identify the methods, software, applications, scripts and any other means of covering your tracks. Provide a brief description of how each of these will be used to hide from the system administrator. Refer to Chapter 6 in the textbook for additional information. References Penetration Test Proposal Deliverable 4: Final Penetration Test Proposal Name: Course Number and Section: Instructor: Date: Maintaining Access Plan Overview Provide a summary of the Maintaining Access phase. Techniques and Software Identify the techniques used to maintain network and/or system access. Provide a brief summary of each technique. Include any software, applications, or scripts that may be needed to maintain access in the network or system(s). Refer to Chapter 6 in the textbook for additional information. Covering Your Tracks Plan Overview Provide a summary of the Cover Your Tracks phase. Techniques and Software Identify the methods, software, applications, scripts and any other means of covering your tracks. Provide a brief description of how each of these will be used to hide from the system administrator. Refer to Chapter 6 in the textbook for additional information. References Running head: PENETRATION TEST PROPOSAL Penetration Test Proposal Deliverable 3: Gaining Access Plan Edward Freeman UMGC CMIT 321 7987 Ethical Hacking 11/23/2019 PENETRATION TEST PROPOSAL 2 Gaining Access Overview The gaining access phase can be described as the phase where attackers break into a network or system by utilizing various methods or tools. Once the hackers enter the system or network, they must boost their privileges to the level of an administrator. Increasing such privileges to the level of the system or network administrator provides a sure foundation to install any application, modify data, or even hide data depending on the primary motive of the attack or intrusion. In the case of Haverbrook systems, the primary objective of gaining access is gathering adequate information that could lead to successful gained access to the systems. During this phase, the hacker or intruder is able to carry out much of the possible damage (Grey Campus, 2019). The phase is crucial in the sense that all vulnerabilities identified in the first two phases, which include the reconnaissance phase and scanning phase, tend to be fully exploited for a successful access. Vulnerable Resources Vulnerabilities can be found in various resources in the organization. One of the main resources where vulnerabilities can be found is the human resource, specifically the employees, with NVD reference CVE-2019-16133 (National Vulnerability Database, 2019). Employees can facilitate system vulnerability through insider malice, weak access policies, poor password practices, phishing, unsafe downloads, and unprotected emails or data. Insider malice would be possible when an insider, especially an employee, leaks critical information and credentials that could give potential hackers an easy way to gaining access to the system or network. Through PENETRATION TEST PROPOSAL 3 unsafe downloads and poor security practices like weak data or email protection. Hackers may target any of these vulnerability loopholes posed the company’s human resources. The other source of vulnerability can be the organization’s technical resources such as the wireless networks referenced as CVE-2018-10251 (National Vulnerability Database, 2019). The organization uses a wireless network with a unique mailing system, which can be targeted. Hackers may only need to hack the email of one employee to gain access to his or her account, which could then give way to accessing and dominating the entire system. Techniques and Software The techniques used to gain access to systems will specifically target the use of poor passwords and password security in the Haverbrook company. It has been noted that several employees are sharing login information with other employees on post-it notes. To attack this identified weakness several techniques will be used to gain access to the Haverbrook systems. To gain access to user accounts we will first need to obtain the username and password for network administrators in the Haverbrook Organization. Techniques such as shoulder surfing, Hash retrieval, and password cracking will be used to obtain access to user accounts. Shoulder surfing will be used to observe usernames and gain insight into potential passwords by watching keystrokes. We will also look to see if users are referencing notebooks, sticky notes, or hidden objects to retrieve login information. After gather information on usernames we will collect password hashes using pwdump7. Once we have obtained the password hashes, we can then use a password cracking tool such as Hashcat to decipher the hashed passwords. Hashcat utilizes numerous types of password attacks. Two of the most effective forms of password cracking attacks are dictionary attacks and hybrid PENETRATION TEST PROPOSAL 4 attacks. These techniques have been proven to be successful, a reason for its wide application in gaining access to systems, social media platforms, and networks. In a dictionary attack, a dictionary file is loaded into Hashcat and runs against the targeted hash. This dictionary is the text file that contains several dictionary words that are commonly used as passwords. The program uses every word present in the dictionary to find the password. (EC-Council, 2019). A hybrid attack, which would involve a combination of brute force attack and dictionary attack. A dictionary would be used and then a program would brute force additional characters onto the dictionary to guess the password. This is effective because people commonly add on a few characters to a dictionary word to make it harder to guess. After using these techniques and tools we will have collected the usernames and passwords of the network administrators. This will give use full access to tap into almost any resource on the Haverbrook network with little effort. References EC-Council. Certified Ethical Hacker (CEH) Version 10 eBook (Volumes 1 through 4). [eVantage]. Retrieved from https://evantage.gilmoreglobal.com/#/books/9781635671919/ Grey Campus. (2019). Ethical Hacking_Phases of Hacking. Retrieved from greycampus.com/: https://www.greycampus.com/opencampus/ethical-hacking/phases-of-hacking National Vulnerability Database. (2019). CVE-2018-10251 Detail_Current Description. Retrieved from nvd.nist.gov: https://nvd.nist.gov/vuln/detail/CVE-2018-10251 PENETRATION TEST PROPOSAL National Vulnerability Database. (2019). CVE-2019-16133 Detail_Current Description. Retrieved from nvd.nist.gov: https://nvd.nist.gov/vuln/detail/CVE-2019-16133 5 …
Purchase answer to see full attachment