Each team member will pick one of the following exploits for the Penetration Test Report, and the exploit you select will also be featured in a video (due week 7) describing the steps you took to penetrate the system and exfiltrate data. Use the table below to claim an exploit category. No two team members should be using the same exploit.
Post your selection to the discussion thread. Categories will be selected on a first-come, first-serve basis. Any disputes over a category selection should be resolved with help from your instructor.
|Exploit Category and
|Remote Shell (514)|
Focus on the exploitation this week. Getting into the system is the most important task for a hacker. There are many exploits (listed above) that can be used to compromise a target system. After you establish a connection to the victim machine, work with red team members to help them break into the system they are targeting. A true red “team” will leave no one behind and will be ready to move to the next phase of the attack as a cohesive unit. The next phase will be postexploitation during week 6 and will include credential harvesting and data exfiltration.
Example Video (your full project 2 video is not due until week 7; you are welcome to post a video showing how you exploited the system this week, but a video is not required; screenshots can be very helpful for posts though)
This Exploit Hacking Demonstration Video shows an example of exploitation, credential dumping, and data exfiltration. This will help you see how to create your video demonstration. This will not be a professional-looking, polished video that would be presented to the client. Instead, it will be a video demonstrating the required steps to perform exploitation and postexploitation, and should include explanation from the presenter that details the use of tools and the results of their actions.