CSI3208/CSI5208 Ethical Hacking and Defence Assignment Report

This report details an ethical hacking exercise conducted to infiltrate a target system and obtain root-level privileges. The methodology involved reconnaissance, vulnerability scanning, and exploitation of identified weaknesses. The report outlines the attacks performed, including web server exploitation, web shell deployment, password cracking using tools like Hashcat, and TCP port scanning with Nmap. It documents the discovery of five flags representing successful system compromises. The report covers techniques such as SQL injection, directory traversal, and privilege escalation, providing a comprehensive overview of the ethical hacking process and the importance of securing systems against various attack vectors. The report concludes with a discussion of the findings and recommendations for improving system security.