100%(1)1 out of 1 people found this document helpful
This preview shows page 1 - 4 out of 8 pages.
Running Head: Assignment #5.1 – Hacking Methodology 1Assignment #5.1CBSC 630 – Hacking Methodology University of PotomacSubmitted byGurpreet SinghStudent ID: 340455
Assignment #5.1 – Hacking Methodology 2IntroductionIn the moral programmer class on our site, the course starts by recapping the five periods ofentrance testing. Basically, the five periods of pen testing is a module that compresses whatwhatever remains of the moral programmer class will resemble. The five stages allude to everyessential advance during the time spent working an infiltration test, and the idea is basic foranother contestant into the field. Here is a concise review of the five periods of infiltrationtesting: Stage 3 | Gaining Access Stage 3 obtaining entrance requires taking control of at least one system gadgets to eitherextricate information from the objective, or to utilize that gadget to then dispatch assaults ondifferent targets. For instance, say programmer picks Phishing Attack:The programmer chooses to avoid anyrisk and utilize a straightforward phishing assault to obtain entrance. The programmer chooses toinvade from the IT division. They see that there have been some current contracts and they arelikely not up to speed on the techniques yet. A phishing email will be sent utilizing the CTO'sreal email address utilizing a program and conveyed to the specialists. The email contains aphishing site that will gather their login and passwords. Utilizing any number of choices(telephone application, site email mocking, Zmail, and so forth) the programmer sends an emailasking the clients to login to another Google entryway with their accreditations. They as of now
Assignment #5.1 – Hacking Methodology 3have the Social Engineering Toolkit running and have sent an email with the server deliver to theclients covering it with a bitly or tinyurl. Different choices incorporate making a turnaround TCP/IP shell in a PDF utilizing Metasploit( might be gotten by spam channel). Taking a gander at the occasion schedule they can set up anEvil Twin switch and attempt to Man in the Middle assault clients to obtain entrance. A variationof Denial of Service assault, stack based cushion floods, and session commandeering maylikewise end up being extraordinary.Stage Three—Attack Phase In this stage, the interloper starts to endeavor getting to networkand framework assets on the system. Utilizing data accumulated amid the observation stage, theprogrammer definitely knows the host IP addresses, open ports, and OSs being used. A fewprogrammers may venture to fabricate a proving ground, impersonating the objectiveframeworks. With this proving ground, the programmer can work on assaulting the framework