Professional Documents
Culture Documents
Internet
Gim c
Client XP SP3
M t s mng: - Cu hnh Window Server 2003 lm cc chc nng sau cho o DHCP Server o DNS Server o Acitve Directory Server
o
Mt my client s dng window xp sp3 . Trn my XP SP 3 c cc user : client 1, client 2, client 3, v user admin , c quyn qun l ton b h thng. Trong 3 user client trn, c 2 user t password t hn 7 k t (4 k t) v 1 client t passowrd nhiu hn 7 k t
Yu cu :
Cu 1: Sinh vin thc hin 1.1 Ci t chng trnh scan xc nh IP ca my Client SP3, Server 2003, Gim c ( 2 im) 1.2 1.3 1.4 Ci t Nmap trn my ng vai tr attacker ( 1 im) Ci t Nessus trn my ng vai tr attacker (1 im) Ci t metasploit trn my attacker ( 1 im)
Xc nh phin bn h iu hnh cc my trong mng. ( 1im) Xc nh cc port ang m trn my tnh. ( 1im) Xc nh cc dch v tng ng vi cc port ( 2im)
2.3
Cu 3 :S dng Nmap v Nessus scan cc vulnerability (l hng) trn my client xp sp3. 3.1 3.2
3.3
S dng Script Engine ca Nmap scan li h iu hnh (1 im) S dng Nessus scan li ( 1im) Xc nh li cho php t xa truy cp v thc thi tri php vo my XP SP3 ( 5 im)
4.1
S dng chng trnh Cain Abel hoc Ettercap thc hin thu thp file SAM cha username v hash ca password trn my XP SP3 ( 1 im) Da trn file SAM xc nh 2 user c chiu di password nh hn 7 (4 k t) k t trn my XP SP 3 ( 2 im). Thc hin qu trnh crack password bng cng c Cain Abel hoc Ophcrack, ca 2 user client trn. ( 2 im) Xc nh cc li MS10-065 v dng Denial of Service IIS Server. ( 3 im) Kim tra li WebDav Auth By Pass exploit trn IIS 6.0 ( 3 im) Thc thi qu trnh attacker c th da vo my XP SP3 chim quyn iu khin my Server ( 3 im)
4.2
4.3
4.4
4.5
4.6
Cu 1: Sinh vin a ra gii php khc phc li cho php truy cp v thc thi t xa my XP SP 3 (20 im) Cu 2 : Sinh vin a ra gii php khc phc li WebDav by Pass Exploit trn Server ( 10 im)
Lu : Sinh vin c th s dng cc cng c Nmap, Wireshark, GFI , Metasploit, Firefox, Ophcrack, Hasmter
Sinh vin nn tm kim thng tin cc li trn trang Microsoft, Inj3ct0r.com, exploit-db.com.