Black Box Penetration Testing

Description

This project demostrates Black Box Penetration Testing which assumes that there is no previous knowledge of the layout or machines. It is conducted within an isolated virtual environment that was not connected to the internet. The exploit that was used on this virtual machine is CVE-2017-0143 or eternalBlue which is a Microsoft Windows Server Message Block (SMBv1) Remote Code Execution Vulnerability. This project is intended to educate and shed light on the vulnerabilities within an unpatched computer system.

Testing Environment Used

• Kali Linux
• Windows Server 2008 R2

Discovering Kali Machine via Ifconfig

Discovering Windows Machine IP Address via Nmap

Discovering Windows Machine Vulnerability via Nmap

Configure Exploit Options via Metasploit

Exploit Vulnerability via Metasploit

Use Meterpreter to Print Working Directory

Use Meterpreter to Hashdump hashes of Accounts

Use Meterpreter to Confirm Windows Machine IP Address via Shell

Use Meterpreter to list all Net Users

Use Meterpreter to Confirm Windows Administrative Privilege via Getuid

Use Meterpreter to Add a Net LocalGroup Administrator via Shell

Use Meterpreter to Add a Net LocalGroup Administrator Password via Shell

Windows Login Screen with new Administrator Account

Inside Windows Machine with new Administrator Account

Confirmation of Windows IP Address via Powershell

Changed previous Administrator Password via Control Panel