User Account

All Pages

List and explain every command used in the metasploit demo

Assignment Help Other Subject
Reference no: EM132347962 , Length: word count:2000

Technical Report Assignment -

Learning Outcomes - This assessment assesses the following Unit Learning Outcomes -

1: Apply knowledge of security on Windows network domain and follow standard procedure to investigate different types of cyber-crime.

2: Investigate the usefulness of various forensic techniques and apply relevant methods to gain access and recover computer crime data.

Purpose - Students should demonstrate their ability to review literature on shellcode and develop knowledge in technical exploits and their impacts on the Windows network domain. Students will be required to compare different techniques and generate their own shellcode based on the requirements provided and implement a fully functional shellcode. Students will be assessed on their ability to perform the required tasks of synthesising knowledge from research papers, video demonstrations, and technical tutorials and present a technical report.

Instructions - Students are required to put together a technical report of approximately 2000 words as well as exhibits to support findings and a bibliography. This report should consist of:

  • an overview of shellcode.
  • comparison of different methods used to generate shellcode.
  • analysis and reflection on the technical exploitations and their impact to the Windows network domain.
  • implementation of a shellcode.

Problem Statement -

Part A - Shellcode In Literature

Students are required to answer research questions based on three academic papers:

"The Shellcode Generation"

"Evasion Techniques"

"English Shellcode"

"Automatic Shellcode Transplant"

There should be at least four additional references from recent academic (IEEE or ACM) research papers or white papers from IT companies. Students must perform their own research for additional references.

1. In the paper "The Shellcode Generation", what is the development bottom-line for an exploit? List and give detailed explanations to the three components for a usable exploit.

2. Read the paper "Evasion Techniques", and explain how a piece of shellcode can bypass an intrusion detection system. more information about the shellcode issues related to computer forensic investigations

3. Read the paper "English Shellcode", explain the concept of program counter and its importance to an attacker who uses shellcodes.

4. In the paper "Automatic Shellcode Transplant", what are the two challenges of the transplanted shellcode?

Part B - Shellcode in Practice

Suppose you are working for an IT security company which is subcontracted by Deakin University to test the system security of the campus network. Your manager wants you to attempt to write shellcode which takes a user's account name and his/her password and stores the information as plain text in a text file called user.dat in the user's current directory.

Requirements -

1. You should implement a C program to ask a user to type his username and password one a command line input (i.e., from the standard input channel).

2. Your program should demand at least two user attempts of inputting the passwords. That is, your program should only terminate when the user has entered two identical passwords.

3. Your program should store the username and password pair into a text file called "user.dat" in the current directory.

4. You should package your C code into a shellcode by using ShellMe (A tutorial of using ShellMe is presented in the second week's practical class).

Identify the following two pieces of shellcode by describing their designed actions.

Part C - Shellcode in Application

You need to write a short report to demonstrate your level of understanding about shellcode and its application on hacking platforms, operating systems vulnerability, penetration testing and exploitation. Your report should consist of the following parts:

1. List and explain every command used in the metasploit demo.

2. Identify the name of the shellcode used in the demo, reproduce its contents in hex and provide a screen capture of it in your report, and explain what this shellcode is capable of doing.

3. Find and list at least five different shellcode-generating approaches. Then compare the advantages and disadvantages from the viewpoint of attackers.

4. Describe the concept of polymorphic shellcode. And discuss the impact of misusing penetration toolkits such as Metasploit for malicious purposes.

General Requirements: Your answers towards the above three Parts will form an essay for submission. Your essay should include an introduction section, a body section addressing the four parts listed above, a conclusion section and a reference section. Your essay should have at least 2,000 words.

Attachment:- Technical Report Assignment File.rar

Reference no: EM132347962

Questions Cloud

How is your role as a future educator going to be different : Gone are the days when students sat quietly in rows while the teacher lectured at the front of the classroom. As our world becomes increasingly globalized.
What is the weighted average cost of capital : What is the weighted average cost of capital (WACC) for Easy Car Corp. if the corporate tax rate is 20%?
What is the standard deviation of returns : A stock had returns of 10 percent, -2 percent, 6 percent, and 18 percent over the past four years. What is the standard deviation of these returns?
Can school boards exercise meaningful influence : Can school boards exercise meaningful influence on student outcomes? Why or why not? Support your position with relevant theories or research.
List and explain every command used in the metasploit demo : Deakin University Australia - Technical Report Assignment, List and explain every command used in the metasploit demo
What is the risk-free rate of return : The beta of JK stock is 1.4. What is the risk-free rate of return?
What is your total dollar return on this investment : You have received dividend payments equal to $.62 a share. Today, you sold all of your shares for $20.08 a share.
Why you consider each of the given factors significant : For this question, examine curriculum change as presented by Harada (1994) and determine what you believe are the key internal and external factors that have.
What is the new market value of the company : Sheary, Inc., is proposing a rights offering. Presently, there are 500,000 shares outstanding at $56 each. There will be 100,000 new shares offered at $48 each.

Reviews

len2347962

7/29/2019 4:51:17 AM

Word count: 2000 words. Your answers towards the above three Parts will form an essay for submission. Your essay should include an introduction section, a body section addressing the four parts listed above, a conclusion section and a reference section. Your essay should have at least 2,000 words. Your references must come from the following sources: The metasploit demo recording, Academic (IEEE or ACM) research papers in the last 10 years, Published textbooks and No references to online blogs, videos, wiki pages, white papers are allowed. 2 marks are given to the quality of the essay.

len2347962

7/29/2019 4:51:08 AM

Report rubric - Criteria 1: Students embark on inquiry and so determine a need for knowledge/ understanding (A1, A2, A3, A4 – 4 marks) Respond to questions / tasks generated from a closed inquiry. Criteria 2: Students find/generate needed information/data using appropriate methodology (B1, B2, B3 – 3 marks) Collect and record required information / data from self-selected sources using one of several prescribed methodologies. Criteria 3: Students critically evaluate information/data and the process to find/generate that information/data (C1, C3 – 4 marks) Evaluate information / data and inquiry process using criteria related to the aims of the inquiry.

len2347962

7/29/2019 4:51:01 AM

Criteria 4: Students organize information collected/generated (C2, C5 – 4 marks) Organize information / data using recommended structures and self- determined processes. Criteria 5: Students synthesise and analyse and apply new knowledge (B4, B5, B6 – 3 marks) Synthesise and analyse information / data to construct emergent knowledge. Ask rigorous, researchable questions based on new understandings. Criteria 6: Students communicate knowledge, understanding and the process used to generate it, with an awareness of ethical, social and cultural issues (C4 – 2 marks) Use mostly discipline- specific language and appropriate genre to demonstrate knowledge and understanding within a field from a scholarly perspective for a specified audience. Note: Students are encouraged to compare the received marks against this matrix to identify which aspect need improvements.

Write a Review

Other Subject Questions & Answers

  Cross-cultural opportunities and conflicts in canada

Short Paper on Cross-cultural Opportunities and Conflicts in Canada.

  Sociology theory questions

Sociology are very fundamental in nature. Role strain and role constraint speak about the duties and responsibilities of the roles of people in society or in a group. A short theory about Darwin and Moths is also answered.

  A book review on unfaithful angels

This review will help the reader understand the social work profession through different concepts giving the glimpse of why the social work profession might have drifted away from its original purpose of serving the poor.

  Disorder paper: schizophrenia

Schizophrenia does not really have just one single cause. It is a possibility that this disorder could be inherited but not all doctors are sure.

  Individual assignment: two models handout and rubric

Individual Assignment : Two Models Handout and Rubric,    This paper will allow you to understand and evaluate two vastly different organizational models and to effectively communicate their differences.

  Developing strategic intent for toyota

The following report includes the description about the organization, its strategies, industry analysis in which it operates and its position in the industry.

  Gasoline powered passenger vehicles

In this study, we examine how gasoline price volatility and income of the consumers impacts consumer's demand for gasoline.

  An aspect of poverty in canada

Economics thesis undergrad 4th year paper to write. it should be about 22 pages in length, literature review, economic analysis and then data or cost benefit analysis.

  Ngn customer satisfaction qos indicator for 3g services

The paper aims to highlight the global trends in countries and regions where 3G has already been introduced and propose an implementation plan to the telecom operators of developing countries.

  Prepare a power point presentation

Prepare the power point presentation for the case: Santa Fe Independent School District

  Information literacy is important in this environment

Information literacy is critically important in this contemporary environment

  Associative property of multiplication

Write a definition for associative property of multiplication.

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

Submit Assignment

Academics

Major Subjects

Majors

Get In Touch

whatsapp: +1-415-670-9521

Phone: +1-415-670-9521

Email: [email protected]

TERMS & POLICIES

HELP & SUPPORT

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd