Showing posts with label Project 2. Show all posts
Showing posts with label Project 2. Show all posts

Monday, 13 January 2014

Project 2, Final Attribution post


Jack:
  • Consent forms (scanning)
  • Default Vulnerability Exploit consent form
  • Data encryption (open source & closed source) (securing the data) (truecrypt)
  • Email encryption (encrypting plain-text emails) (encrypting attached files) (complete encryption)
  • Preparing for the attacks (armitage introduction) (armitage network scan) (armitage attack scan)
  • Exploit 1 - Permissions form
  • Exploit 1 - sort_mode information disclosure
  • Exploit 1 - mitigation
  • Exploit 2 - Permissions form
  • Exploit 2 - Tomcat webserver
  • Exploit 2 - mitigation
  • Exploit 3 - Permissions form
  • Exploit 3 - SQL injection on wordpress
  • Exploit 3 - Mitigation
  • Exploit 4 - Permissions form
  • Exploit 4 - VMC Server Password
  • Exploit 4 - Mitigation
  • Exploit 9 - Theoretical physical access exploit
  • Armitage (armitage introduction) (armitage network scan) (armitage attack scan)
  • System machine stats

Priten:
  • Setting up the pi (setting up the backdoor) (operating system used) (walkthrough) (encrypting the pi)
  • Exploit 5 - Permissions form
  • Exploit 5 - FTP
  • Exploit mitigation
  • Exploit 6 - Permissions form
  • Exploit 6 - Windows Server SMB
  • Exploit mitigation
  • Exploit 7 - Permissions form
  • Exploit 7 - Corpserver
  • Exploit mitigation 
  • Exploit 8 - Permissions form
  • Exploit 8 - Unreal Internet Relay Chat
  • Exploit mitigation 
  • NMAP tutorial

Kirran:
  • Legal
  • Ethics 
Abdul:
  • Research on various port scanners (NMAP) (OPENVAS) (Nessus) (Core impact) (Nexpose) (Metasploit) (Comparisons)

Hisham:
  • Introduction

Harry:
none due to no attendance for the duration of the second project
Posted by at No comments:
Labels: ,

Wednesday, 8 January 2014

Project 2, Session 14

Project 2, we have to essentially SSH into a Pi, scan the network and highlight all the vectors in which we can attack the network.

Group Leader - Priten
Compiling the report - Jack

Kirran [6]
Legal implications, Ethics & case studies  
Proof-read By: Jack Hall, Corrections to be made - Include laws: Data protection, Fraud act, RIPA 2000. OVERDUE - 11.12.2013
Tutorial on how to statically configure IP address on Kali Linux OVERDUE - 11.12.2013

Priten [2]
Setting up Pi as secure backdoor - Report
Proof Read: Corrections Confirmed, COMPLETE- Added to compiled report (with references)
Create the group presentation (all slides, based on what members have written)
Perform Nmap scans & explain screenshots
Teach Jack how to run armitage
Exploit regarding FTP on MAC:08:00:27:18:BC:29 - Paperwork & Permissions

Abdul [3]
Research how to use the Nmap, OpenVas and Nessus & (3 others) Plus comparisons
Proof Read: Corrections confirmed, more information to be added OVERDUE - 11.12.2013

Jack [1]
Method of encrypting stored information  
Proof Read: Corrections Confirmed, COMPLETE- Added to compiled report (with references)
Tutorial on how to email encrypted messages for communication
Proof Read: Corrections Confirmed, COMPLETE - Added to compiled report (with references)
Securing sensitive data 
Proof Read: Corrections Confirmed, COMPLETE - Added to compiled report (with references)
Creation of the vulnerability exploration consent form
Proof Read: Corrections Confirmed, COMPLETE - Added to compiled report (with references)
Creation of the scanning consent form
Proof Read: Corrections Confirmed, COMPLETE - Added to compiled report (with references)

Explore password recovery exploit
Explore payload to open the FTP port

Harry [4]
Creation of the consent forms - Moved to Jack's responsibility due to lack of attendance
Did Not Attend

Hisham [5]
Assigned to write report introduction
Proof Read: Corrections confirmed, COMPLETE - Added to compiled report


Posted by at No comments:
Labels: ,

Monday, 6 January 2014

Project 2, Session 13

Project 2, we have to essentially SSH into a Pi, scan the network and highlight all the vectors in which we can attack the network.

Group Leader - Priten
Compiling the report - Jack

Kirran [6]
Legal implications, Ethics & case studies  
Proof-read By: Jack Hall, Corrections to be made - Include laws: Data protection, Fraud act, RIPA 2000. OVERDUE - 11.12.2013
Tutorial on how to statically configure IP address on Kali Linux OVERDUE - 11.12.2013

Priten [2]
Setting up Pi as secure backdoor - Report To Be Proof-read By: Jack Hall 
Create the group presentation (all slides, based on what members have written)
Perform Nmap scans & explain screenshots
Teach Jack how to run armitage

Abdul [3]
Research how to use the Nmap, OpenVas and Nessus & (3 others) Plus comparisons
Proof Read: Corrections confirmed, more information to be added OVERDUE - 11.12.2013

Jack [1]
Method of encrypting stored information  
Proof Read: Corrections Confirmed, COMPLETE- Added to compiled report (with references)
Tutorial on how to email encrypted messages for communication
Proof Read: Corrections Confirmed, COMPLETE - Added to compiled report (with references)
Securing sensitive data 
Proof Read: Corrections Confirmed, COMPLETE - Added to compiled report (with references)
Creation of the vulnerability exploration consent form
Proof Read: Corrections Confirmed, COMPLETE - Added to compiled report (with references)
Creation of the scanning consent form
Proof Read: Corrections Confirmed, COMPLETE - Added to compiled report (with references)

Explore password recovery exploit
Explore payload to open the FTP port

Harry [4]
Creation of the consent forms - Moved to Jack's responsibility due to lack of attendance
Did Not Attend

Hisham [5]
Assigned to write report introduction
Proof Read: Corrections confirmed, COMPLETE - Added to compiled report
Did not attend

Posted by at No comments:
Labels: ,

Wednesday, 11 December 2013

Project 2, Session 12

Project 2, we have to essentially SSH into a Pi, scan the network and highlight all the vectors in which we can attack the network.

Group Leader - Priten
Compiling the report - Jack

Kirran [6]
Legal implications, Ethics & case studies  
Proof-read By: Jack Hall, Corrections to be made - Include laws: Data protection, Fraud act, RIPA 2000. OVERDUE - 11.12.2013
Tutorial on how to statically configure IP address on Kali Linux OVERDUE - 11.12.2013

Priten [2]
Setting up Pi as secure backdoor - Report OVERDUE - 11.12.2013
Create the group presentation (all slides, based on what members have written)

Abdul [3]
Research how to use the Nmap, OpenVas and Nessus & (3 others) Plus comparisons
Proof Read: Corrections confirmed, more information to be added OVERDUE - 11.12.2013

Jack [1]
Method of encrypting stored information  
Proof Read: Corrections Confirmed, COMPLETE- Added to compiled report (with references)
Tutorial on how to email encrypted messages for communication
Proof Read: Corrections Confirmed, COMPLETE - Added to compiled report (with references)
Securing sensitive data 
Proof Read: Corrections Confirmed, COMPLETE - Added to compiled report (with references)
Creation of the vulnerability exploration consent form
Proof Read: Corrections Confirmed, COMPLETE - Added to compiled report (with references)
Creation of the scanning consent form
Proof Read: Corrections Confirmed, COMPLETE - Added to compiled report (with references)
Perform Nmap scans & explain screenshots
Perform OpenVAS scans & explain screenshots
Perform Nessus scans & explain screenshots
Explore metasploit auxillary modules & explain screenshots
Perform Core impact scans & explain screenshots
Perform Nexpose scans & explain screenshots
Compare the different scanning tools

Harry [4]
Creation of the consent forms - Moved to Jack's responsibility due to lack of attendance
Did Not Attend

Hisham [5]
Assigned to write report introduction
Proof Read: Corrections confirmed, COMPLETE - Added to compiled report
Did not attend

Posted by at No comments:
Labels: ,

Monday, 9 December 2013

Project 2, Session 11

Project 2, we have to essentially SSH into a Pi, scan the network and highlight all the vectors in which we can attack the network.

Group Leader - Priten
Compiling the report - Jack

Kirran [6]
Legal implications, Ethics & case studies  
Proof-read By: Jack Hall, Corrections to be made - Include laws: Data protection, Fraud act, RIPA 2000.
Tutorial on how to statically configure IP address on Kali Linux

Priten [2]
Setting up Pi as secure backdoor - Report
Create the group presentation (all slides, based on what members have written)

Abdul [3]
Research how to use the Nmap, OpenVas and Nessus & (3 others) Plus comparisons
Proof Read: Corrections confirmed, more information to be added

Jack [1]
Method of encrypting stored information  
Proof Read: Corrections Confirmed, COMPLETE- Added to compiled report (with references)
Tutorial on how to email encrypted messages for communication
Proof Read: Corrections Confirmed, COMPLETE - Added to compiled report (with references)
Securing sensitive data 
Proof Read: Corrections Confirmed, COMPLETE - Added to compiled report (with references)
Creation of the consent forms
Created rough version of consent forms.  Checked, need to be amended to include laws
Perform Nmap scans & explain screenshots
Perform OpenVAS scans & explain screenshots
Perform Nessus scans & explain screenshots
Explore metasploit auxillary modules & explain screenshots
Perform Core impact scans & explain screenshots
Perform Nexpose scans & explain screenshots
Compare the different scanning tools

Harry [4]
Creation of the consent forms - Moved to Jack's responsibility due to lack of attendance
Did Not Attend

Hisham [5]
Assigned to write report introduction
Proof Read: Corrections confirmed, COMPLETE - Added to compiled report
Did not attend

All outstanding work to be complete by Wednesday 11th December to make way for the scanning and vulnerability workload.

Posted by at No comments:
Labels: ,

Friday, 6 December 2013

Project 2, Session 10

Project 2, we have to essentially SSH into a Pi, scan the network and highlight all the vectors in which we can attack the network.

Group Leader - Priten
Compiling the report - Jack

Kirran [6]
Legal implications, Ethics & case studies  
To Be Proof-read By: Jack Hall - Not yet recieved
Tutorial on how to statically configure IP address on Kali Linux
Learn to use NMAPS, OpenVas & Nessus
Did not attend

Priten [2]
Setting up Pi as secure backdoor - Report
Learn to use NMAPS, OpenVas & Nessus

Abdul [3]
Research how to use the Nmap, OpenVas and Nessus & (3 others) Plus comparisons
Proof Read: Corrections confirmed, more information to be added
Learn to use NMAPS, OpenVas & Nessus
Did not attend

Jack [1]
Method of encrypting stored information  
Proof Read: Corrections Confirmed, COMPLETE- Added to compiled report (with references)
Tutorial on how to email encrypted messages for communication
Proof Read: Corrections Confirmed, COMPLETE - Added to compiled report (with references)
Creation of the consent forms - Created rough version of consent forms.  Needs to be checked.
Learn to use NMAPS, OpenVas & Nessus

Harry [4]
Creation of the consent forms - Moved to Jack's responsibility due to lack of attendance
Learn to use NMAPS, OpenVas & Nessus
Did Not Attend

Hisham [5]
Assigned to write report introduction
Proof Read: Corrections to be confirmed
Learn to use NMAPS, OpenVas & Nessus
Did not attend 
Posted by at No comments:
Labels: ,

Wednesday, 4 December 2013

Project 2, Session 9

Project 2, we have to essentially SSH into a Pi, scan the network and highlight all the vectors in which we can attack the network.

Group Leader - Priten
Compiling the report - Jack

Kirran [6]
Legal implications, Ethics & case studies  
To Be Proof-read By: Jack Hall - Not yet recieved
Tutorial on how to statically configure IP address on Kali Linux
Learn to use NMAPS, OpenVas & Nessus

Priten [2]
Setting up Pi as secure backdoor -
Setup Wifi Adapter
Learn to use NMAPS, OpenVas & Nessus

Abdul [3]
Research how to use the Nmap, OpenVas and Nessus & (3 others) Plus comparisons
Proof Read: Corrections confirmed, more information to be added
Learn to use NMAPS, OpenVas & Nessus
Did not attend

Jack [1]
Method of encrypting stored information  
Proof Read: Corrections Confirmed, COMPLETE- Added to compiled report (with references)
Tutorial on how to email encrypted messages for communication
Proof Read: Corrections Confirmed, COMPLETE - Added to compiled report (with references)
Creation of the consent forms - Created rough version of consent forms.  Needs to be checked.
Learn to use NMAPS, OpenVas & Nessus

Harry [4]
Creation of the consent forms - Moved to Jack's responsibility due to lack of attendance
Learn to use NMAPS, OpenVas & Nessus
Did Not Attend

Hisham [5]
Assigned to write report introduction
Proof Read: Corrections to be confirmed
Learn to use NMAPS, OpenVas & Nessus
Did not attend 
Posted by at No comments:
Labels: ,

Friday, 29 November 2013

Project 2, Session 7

Project 2, we have to essentially SSH into a Pi, scan the network and highlight all the vectors in which we can attack the network.

Group Leader - Priten
Compiling the report - Jack

Kirran [6]
Legal implications, Ethics & case studies  
To Be Proof-read By: Jack Hall - Not yet recieved

Tutorial on how to statically configure IP address on Kali Linux
Learn to use NMAPS, OpenVas & Nessus

Priten [2]
Setting up Pi as secure backdoor -
Setup Wifi Adapter
Learn to use NMAPS, OpenVas & Nessus

Abdul [3]
Research how to use the Nmap, OpenVas and Nessus & (3 others) Plus comparisons
Proof Read: Corrections confirmed, more information to be added

Learn to use NMAPS, OpenVas & Nessus

Jack [1]
Method of encrypting stored information  
Proof Read: Corrections Confirmed, COMPLETE

Tutorial on how to email encrypted messages for communication
Proof Read: Corrections Confirmed, COMPLETE

 Creation of the consent forms
Learn to use NMAPS, OpenVas & Nessus

Harry [4]
Creation of the consent forms - Moved to Jack's responsibility due to lack of attendance
Learn to use NMAPS, OpenVas & Nessus
Did Not Attend

Hisham [5]
Assigned to write report introduction
Proof Read: Corrections to be confirmed
Learn to use NMAPS, OpenVas & Nessus
Did Not Attend
Posted by at No comments:
Labels: ,

Wednesday, 27 November 2013

Project 2, Session 6

Project 2, we have to essentially SSH into a Pi, scan the network and highlight all the vectors in which we can attack the network.

Group Leader - Priten
Compiling the report - Jack

Kirran [6]
Legal implications, Ethics & case studies  
To Be Proof-read By: Jack Hall - Not yet recieved

Tutorial on how to statically configure IP address on Kali Linux
Learn to use NMAPS, OpenVas & Nessus

Priten [2]
Setting up Pi as secure backdoor -
Setup Wifi Adapter
Learn to use NMAPS, OpenVas & Nessus

Abdul [3]
Research how to use the Nmap, OpenVas and Nessus & (3 others) Plus comparisons
Proof Read: Corrections to be confirmed 

Learn to use NMAPS, OpenVas & Nessus

Jack [1]
Method of encrypting stored information  
To Be Proof-read By: Priten Patel

Tutorial on how to email encrypted messages for communication
To be Proof-read By: Priten Patel
Learn to use NMAPS, OpenVas & Nessus

Harry [4]
Creation of the consent forms
Learn to use NMAPS, OpenVas & Nessus
Did Not Attend

Hisham [5]
Assigned to write report introduction
Proof Read: Corrections to be confirmed

Learn to use NMAPS, OpenVas & Nessus
Did Not Attend

Posted by at No comments:
Labels: ,

Friday, 22 November 2013

Project 2, Session 5

Project 2, we have to essentially SSH into a Pi, scan the network and highlight all the vectors in which we can attack the network.

Group Leader - Priten
Compiling the report - Jack

Kirran [6]
Legal implications, Ethics & case studies  
To Be Proof-read By: Jack Hall - Not yet recieved

Tutorial on how to statically configure IP address on Kali Linux
Learn to use NMAPS, OpenVas & Nessus

Priten [2]
Setting up Pi as secure backdoor -
Setup Wifi Adapter
Learn to use NMAPS, OpenVas & Nessus

Abdul [3]
Research how to use the Nmap, OpenVas and Nessus & (3 others) Plus comparisons
Learn to use NMAPS, OpenVas & Nessus
Did Not Attend

Jack [1]
Method of encrypting stored information  
To Be Proof-read By: Priten Patel

Tutorial on how to email encrypted messages for communication
Learn to use NMAPS, OpenVas & Nessus

Harry [4]
Creation of the consent forms
Learn to use NMAPS, OpenVas & Nessus
Did Not Attend

Hisham [5]
Assigned to write report introduction
Proof Read: Corrections to be confirmed

Learn to use NMAPS, OpenVas & Nessus
Did Not Attend

Posted by at No comments:
Labels: ,

Friday, 15 November 2013

Project 2, Session 3

Project 2, we have to essentially SSH into a Pi, scan the network and highlight all the vectors in which we can attack the network.

Group Leader - Priten
Compiling the report - Jack

Kirran [6]
Legal implications, Ethics & case studies To Be Proof-read By: Jack Hall
Tutorial on how to statically configure IP address on Kali Linux
Learn to use NMAPS, OpenVas & Nessus

Priten [2]
Setting up Pi as secure backdoor -
Setup Wifi Adapter
Learn to use NMAPS, OpenVas & Nessus

Abdul [3]
Research how to use the Nmap, OpenVas and Nessus & (3 others) Plus comparisons
Learn to use NMAPS, OpenVas & Nessus

Jack [1]
Method of encrypting stored information To Be Proof-read By: Priten Patel
Tutorial on how to email encrypted messages for communication
Learn to use NMAPS, OpenVas & Nessus

Harry [4]
Creation of the consent forms
Learn to use NMAPS, OpenVas & Nessus
Did Not Attend

Hisham [5]
Assigned to write report introduction To Be Proof-read By: Jack Hall
Learn to use NMAPS, OpenVas & Nessus



Posted by at No comments:
Labels: ,

Wednesday, 13 November 2013

Project 2, Session 2

Project 2, we have to essentially SSH into a Pi, scan the network and highlight all the vectors in which we can attack the network.

Group Leader - Priten
Compiling the report - Jack

Kirran [6]
Legal implications, Ethics & case studies

Priten [2]
Setting up Pi as secure backdoor

Abdul [3]
Research how to use the Nmap, OpenVas and Nessus & (3 others) Plus comparisons

Jack [1]
Method of encrypting stored information
Tutorial on how to email encrypted messages for communication
Tutorial on how to statically configure IP address on Kali Linux

Harry [4]
Creation of the consent forms

Hisham [5]
Did not attend
Assigned to write report introduction


Posted by at No comments:
Labels: ,

Monday, 11 November 2013

Project 2, Session 1

Project 2, we have to essentially SSH into a Pi, scan the network and highlight all the vectors in which we can attack the network.

Group Leader - Priten
Compiling the report - Jack

Kirran [6]
Legal implications, Ethics & case studies

Priten [2]
Setting up Pi as secure backdoor

Abdul [3]
Research how to use the Nmap, OpenVas and Nessus & (3 others) Plus comparisons

Jack [1]
Method of encrypting stored information
Tutorial on how to email encrypted messages for communication
Tutorial on how to statically configure IP address on Kali Linux

Harry [4]
Did not attend

Hisham [5]
Did not attend


Note: Be sure to reference all information that has been researched
Posted by at No comments:
Labels: ,
Subscribe to: Posts (Atom)