I attached the book that the labs are coming out of, they come from following the chapters. I also attached 3 labs that I need done as soon as possible, preferably by tomorrow. There is also an example report attached to follow how it should be done. If the person who does these wants to keep up with me I am going to have 3 more labs coming up. I will have better notice for the next 3 labs these are last minute because I finally gave up and now I am scrambling.
Your name Book report CYB438 - System Vulnerability AssessmentsLab 1 Setting Up Your Virtual Machine Toolkit and Your OWASP Virtual Machine Introduction In this first lab, you will want to follow the steps outlined in the book in configuring your Virtual Machine Toolkit. BackTrack has been deprecated in favor of Kali Linux. So any reference you see to BackTrack should be actually Kali Linux. Tools Needed DVWA is included in OWASP at https://www.owasp.org/index.php/OWASP_Broken_Web_Applications_Project#tab=Main Download Kali Linux 1.1.0 VMWare 32 bit at https://www.offensive-security.com/kali-linux-vmware-arm-image-download/ Additional Tools Nmap Nmap Scripting Engine Nessus Nikto Metasploit ZED Attack Proxy Burp Scanner Assignment Follow the steps outlined in the first three chapters to configure up each of the tools that we will need for the coming labs. This toolkit once built can be kept for future use outside of the course. Deliverable A short 500-750 word document describing the setup and configuration process. Make sure to include a few screenshots to show your toolset. This is an easy lab if you follow the book. Page 1 Page 2 Your name Book report CRJ438 - System Vulnerability Assessments Lab 2 SQL and OS Injection Introduction In this lab, you will want to follow the steps outlined in the book that is used in their example exercises. Tools Needed DVWA Burp Additional Tools Hash-ID Or Other hash id engine John The Ripper Sqlmap PHPWebShell http://sourceforge.net/projects/ajaxshell/ Assignment Follow the steps outlined in the chapter 4 to carry out the various activities/walkthroughs the book provides. Deliverable A short 500-750 word document describing the threats that these attack vectors present to an organization. Make sure to include a few screenshots to show your activity. Page 1 Page 2 Your name Book report CRJ438 - System Vulnerability Assessments Lab 3 Authentication and Traversal Introduction In this lab, you will want to follow the steps outlined in the book that is used in their example exercises. Tools Needed DVWA Burp Additional Tools Nikto ZED Attack Proxy John The Ripper Assignment Follow the steps outlined in the chapter 5 to carry out the various activities/walkthroughs the book provides. Deliverable A short 500-750 word document describing the threats that these attack vectors present to an organization. Make sure to include a few screenshots to show your activity. Page 1 Page 2 Full Title of Your Paper Here LAB 1 8 LAB 1 Lab 1 John Doe Class College Lab 1 Introduction Web applications are “any web-based software that performs actions based on user input and usually interacts with backend systems” (Pauli, 2014, p.2). These are markedly different from websites of old, where static information was presented with the only purpose of displaying information. The software that makes these web applications available globally is called a web server, and it essentially shares access to the company’s specific web application, so that people don’t have to physically be in headquarters to use it. That being said, these servers provide a direct link to incredibly sensitive information that is retained by prominent companies. Inherently, then, they are a pathway for malicious users to steal proprietary information or user data. Objective The objective of this lab is to follow along with the course textbook to install and configure the essential security tools that we will use throughout the remainder of this course. Those tools are: Nmap, Nessus, Metasploit, Burp Scanner, Nikto, and ZAP. As some instructions or tools may be out of date, some level of interpretation and problem solving will be employed by the examiner to explore different methods of achieving the configurations set out in the book. Lab Setup Specifications of the host computer are as follows: · Brand – Custom Build · Processor – Intel® Core™ i5-3470 CUP @ 3.20GHz · Memory – 16.0 GB · Graphics – AMD Radeon HD 6570 · OS – Windows 10 Results and Analysis Chapter 1 Installing the Target Web Application – Procedure 1. Downloaded VirtualBox and configured Kali Linux operating system. 2. Per personal configuration, logged into machine with ‘root’ user and ‘toor’ password. 3. Launched Terminal, as seen in figure 1. Figure 1 4. Opened Firefox window and navigated to ‘https://www.google.com’ to ensure internet access. Figure 2 confirms that the connection is ready. Figure 2 5. Navigated to ‘http://theunl33t.blogspot.com/2011/08/script-to-download-configure-and-launch.html’ and copied code to clipboard (figure 3). Figure 3 6. Opened Leafpad and pasted DVWA script. Saved file in root folder with name ‘DVWA_install.sh’ (see figure 4). Figure 4 7. Opened terminal and entered ‘ls’ to ensure that file correctly saved to root folder (figure 5). Figure 5 8. Ran file in terminal. While seemingly successful within the terminal window (figure 6), the web interface (figure 7) indicated otherwise. Figure 6 Figure 7 9. Upon inspection, this website is 8 years out of date. Used ‘https://medium.com/datadriveninvestor/setup-install-dvwa-into-your-linux-distribution-d76dc3b80357’ tutorial to try install again. One of the first steps on that site directed to install Apache, so Apache was installed in Terminal via ‘sudo apt install apache2’ (see figure 8) and confirmed successful by navigating to 127.0.0.1 in browser (see figure 9). Figure 8 Figure 9 10. Entered ‘sudo apt-get install git’ to install GitHub. Changed to apache2 folder by changing directories: ‘cd /var/www/html’. Cloned DVWA from Github, via ‘sudo git clone https://github.com/ethicalhack3r/DVWA.git’. Entire step shown in figure 10. Figure 10 11. Started Apache server via ‘service apache2 start’ (figure 11). Figure 11 12. Navigated to ‘127.0.0.1/DVWA/’ in browser. Results are shown in figure 12. Figure 12 13. Per the above directions, copied config/config.inc.php.dist file to config/config.inc.php (figure 13). Figure 13 14. Again navigated to ‘127.0.0.1/DVWA’ and was redirected to setup file (figure 14). Figure 14 15. Per tutorial changed permissions for DVWA in terminal: ‘sudo chmod -$ 777 /var/www/html/DVWA/’. 16. Tried to install MySQL with ‘sudo apt install mysql-server’. Results were unsuccessful (figure 15). Figure 15 17. Per ‘https://superuser.com/questions/1202978/installing-mysql-server-in-kali-linux’, MySQL does not need to be installed as it is a default Kali service. Started the service in a similar fashion to starting apache 2: ‘service mysql start’. Confirmed service start through terminal (figure 16). Figure 16 18. Returned to book tutorial and opened DVWA in browser. Clicked ‘Create/Setup Database’ button. Results indicate an error (figure 17). Figure 17 19. Navigated to README.md file. (See figure 18). Followed instructions in terminal as directed. Figure 18 20. After following the instructions in figure 18, the database setup was confirmed successful, and browser was redirected to login page. Entered ‘admin’ as username and ‘password’ as password. Browser redirected to /index.php (figure 19). Figure 19 21. From index page, navigated to security page. Set security level to ‘low’ in drop down menu (figure 20). Figure 20 Chapter 2 Robots.txt 22. Navigated to ‘https://www.utica.edu/robots.txt’ (figure 21). Figure 21 Nmap 23. In Kali terminal, checked nmap version by entering ‘nmap -V’. Version running on machine is 7.7 (figure 22). Figure 22 24. In terminal, explored nmap command ‘nmap -sV -O -p- 127.0.0.1’. See results in figure 23. Figure 23 Nessus 25. Registered for Nessus activation code and received in email (figure 24). Figure 24 26. Saved Nessus installer in the root directory. Confirmed via terminal as shown in figure 25. Figure 25 27. Entered ‘dpkg -i Nessus-8.5.1-debian6_amd64.deb.part’ in terminal to install Nessus (figure 26). Started Nessus service (figure 27). Figure 26 Figure 27 28. In Firefox window, navigated to ‘https://127.0.0.1:8834/’. Ran through Nessus configuration, creating administrator account with username ‘root’ and password ‘toor’. Download began in browser (figure 28). Figure 28 29. In main menu, clicked the icon for new scan. Selected basic network scan (since internal network scans require a subscription) and named it ‘localhost check’. Entered target ‘127.0.0.1’ as shown in figure 29. Launched scan. Results in figure 30. Figure 29 Figure 30 Nikto 30. In terminal, entered ‘nikto’. Reviewed command list for proper update verbiage. Entered ‘nikto -update’ in terminal. No updates required as seen in figure 31. Figure 31 31. ‘nikto -h 127.0.0.1 -p 1-500’ entered in terminal. No web servers found (figure 32). Figure 32 Metasploit 32. The textbook mentions a vulnerability that examiner did not find in their Nessus scan. Reran scan. 33. In terminal, launched Metasploit. Searched for vulnerabilities found in examiner’s scan. None yield anything within the Metasploit database. One theory of the examiner is that the version of mySQL/MariaDB running on virtual machine was too recent. Removed current version of MariaDB using instructions on https://askubuntu.com/questions/806107/remove-mariadb-mysql-databases. Tried many ways to install older version of MariaDB but was unsuccessful. Re-installed version 10.3. Upgraded Metasploit. Searched web for information but there doesn’t seem to be any Metasploit modules for the vulnerabilities of the examiner’s Nessus scan. It is possible that these sql problems were not inherent to the original code for installing DVWA. However, that code was obsolete and examiner had to find work arounds. Somewhere along the way, the sql version must not be according to the original script. Searched within DVWA folder for clues. Examiner has attached selections of two previous labs to this assignment to demonstrate understanding of Metasploit and hacking vulnerable machines, since this experiment failed. Chapter 3 Burpsuite 34. Opened the preferences menu in Firefox. Navigated to network settings. Set up manual proxy configuration by entering ‘127.0.0.1’ in HTTP proxy field. Entered ‘8080’ in port field. Cleared out no proxy for input box. Set up as in figure 33. Figure 33 35. Opened Burpsuite in Kali (figure 34). Figure 34 36. In Firefox, logged in to DVWA. Had to add security exception (figure 35). Figure 35 37. Even after adding security exceptions, could not navigate to DVWA login page with proxy configured. In burpsuite, turned intercept off as suggested in text. Resulted in error page (figure 36). However, ‘example.com’ loads (figure 37). Figure 36 Figure 37 38. The most scientific way to explain the examiner’s next step is to say that they fiddled for a couple hours, which inexplicably solved the problem. 39. In Burpsuite, added item to scope under target tab (figure 38). Figure 38 40. Checked site map to see if traffic was successfully logged. Results show that subpages navigated to on DVWA server were being logged (figure 39). Figure 39 ZED Attack Proxy 41. Closed out of burpsuite to free up port 8080. Opened ZAP graphical user interface (figure 40) and accepted license agreement. Figure 40 42. Right clicked