Pwkv1 Report

Ofensive Security Penetration Test Report or Internal Lab and Exam v.1.

student!youremailaddress.com

OSI"# $$$$

© %ll ri&'ts reserved to Ofensive Security( )1* +o part o t'is publication( in ,'ole or in part( may be reproduced( copied( transerred or any ot'er ri&'t reserved to its copyri&'t o,ner( includin& p'otocopyin& and all ot'er copyin&( any transer or transmission usin& any net,or- or ot'er means o communication( any broadcast or distant learnin&( in any orm or by any means suc' as

1Pa&e

any inormation stora&e( transmission or retrieval system( ,it'out prior ,ritten permission rom Ofensive Security.

Table of Contents 1.0 Oensive Security Lab and Exam Penetration Test e!ort

"

1.1 Introduction / 1.) Ob0ective

/

1./ Reuirements

/

#.0 Sam!le e!ort $ %i&'(Level Summary

).1 Sample Report 2 Recommendations ".0 Sam!le e!ort $ *et'odolo&ies

)

* +

/.1 Sample Report 3 Inormation 4at'erin& 5 /.) Sample Report 3 Service Enumeration /./ Sample Report 3 Penetration

6

7

/.* Sample Report 3 8aintainin& %ccess

1)

/.5 Sample Report 3 9ouse :leanin& 1/ ).0 ,dditional -tems ot *entioned in t'e e!ort

1)

)Pa&e

1.0 Oensive Security Lab and Exam Penetration Test e!ort 1.1 -ntroduction  T'e Ofensive Security Lab and Exam penetration test report contains all eforts t'at ,ere conducted in order to pass t'e Ofensive Security course. T'is report s'ould contain all lab data in t'e report template ormat as ,ell as all items t'at ,ere used to pass t'e overall exam. T'is report ,ill be &raded rom a standpoint o correctness and ullness to all aspects o t'e lab and exam. T'e purpose o t'is report is to ensure

t'at t'e

student

'as a

ull understandin&

o penetration

testin&

met'odolo&ies as ,ell as t'e tec'nical -no,led&e to pass t'e uali;cations or t'e Ofensive Security :erti;ed Proessional.

1.# Ob/ective  T'e ob0ective o t'is assessment is to perorm an internal penetration test a&ainst t'e Ofensive Security Lab and Exam net,or-. T'e student is tas-ed ,it' ollo,in& met'odical approac' in obtainin& access to t'e ob0ective &oals. T'is test s'ould simulate an actual penetration test and 'o, you ,ould start rom be&innin& to end( includin& t'e overall report. %n example pa&e 'as already been created or you at t'e latter portions o t'is document t'at s'ould &ive you ample inormation on ,'at is expected to pass t'is course. en fro$ Ser8io Alvare?@ ;in32 Stac> Buffer Overflow Tutorial; c  ;'d9'ee'd9'*4'24'f4'5b'3!'c9'b!'5e':!'*3'!*'e"'66; c C ;'!c'c2':3'eb'fc'e2'f4'!c':e'4a'c2'e"'66'4f'9*'b6; c C ;'!a'3:'d6'95':*'9*'9:'c4'6*'f*'a4'6b'6a'5*'49'ba; c C ;'*a'!d'29'6b'62'9*'c3'":':d'!e'f3'2"'39'42'9f'bb; c C ;'a4'!4'c2'be'"c'2c'9b':4'ed'"5'49'bb'6a'9*'99'fc; c C ;'ed'"*'49'bb'6e'4f'aa'6e'2:'!2'2e'!f'b"'95'"5'6!; c C ;':a'!c'c3'e"'66'4b'94'b3'ef'f9'2a'c*'66'!c'c2'*"; c C ;'6*'!c'c2'56'*f'"4'25'44'*f'6c'2b'"5'2f'9a':b'44; c C ;'*c'6c'"5'44'cb'32'2b'39'6f'e9'6f'2b':b'e"'f9'b*; c C ;'35'2e'9d'd3'54'!c'99'6d'2d'3c'93'!f'b!'95'!d'69; c C ;'a5'9!'b*'f4'"c'!b'9b'b!'35'e3'f6'6f'99'49'c6'b9; c C ;'ef'!:'4c'"2'94'3*'e5'b4'99'2b'3d'b5'56'2d'"2'b"; c C ;'36'4c'92'a"'36'5c'92'!f'33'3"'4b'2*'5*'c*'9!'b3; c C ;'"e'!e'c2'f!'3a'95'22':a'*6'4c'95'!f'33'3:'9!'b*; c C ;'99'49'ea'b3'32'4b'3d'b5'46'95'"5'::'25'5!':6'e"; c C ;'ef'ff'45'!a'5*'dc'4f'9c'42'b"'a:'f5'3f'ef'69'6*; c C ;'9c'9f'2e'b4'a"'5:'e6'f"'22'*a'"5'a4'42'2"'c3'e!; c C ;'ef'6"'e6'a:'ef'6"'e6'ac'ef'6"'e6'b"'eb'5:'e6'f"; c C ;'32'4c'93'b!'3*'5d'93'a9'3*'4d'9!'b!'99'69'c2'::; c C ;'!4'e2'*!'f6'99'49'c6'!f'b6'95'24'!f'!3'!c'aa'4d; c C ;'bf'!9'"c'!f'33'!:'4b'23'"c'e3'3d'd6'99'cf'3d'95; c C ;'66'*4'32'6a'62'43'3d'b5'62'2d'!9'b3'99'cc'c2; # 7+an8e R( ,e 'ave administrative access over t'e system a&ain. 8any exploits may only be exploitable once and ,e may never be able to &et bac- into a system ater ,e 'ave already perormed t'e exploit.  ?o'n added administrator and root level accounts on all systems compromised. In addition to t'e administrativeGroot access( a 8etasploit meterpreter service ,as installed on t'e mac'ine to ensure t'at additional access could be establis'ed.

".+ Sam!le e!ort $ %ouse Cleanin&  T'e 'ouse cleanin& portions o t'e assessment ensures t'at remnants o t'e penetration test are removed. Oten ra&ments o tools or user accounts are let on an or&aniCations computer ,'ic' can cause security issues do,n t'e road. Ensurin& t'at ,e are meticulous and no remnants o our penetration test are let over is important. %ter t'e trop'ies on bot' t'e lab net,or- and exam net,or- ,ere completed( ?o'n removed all user accounts and pass,ords as ,ell as t'e 8eterpreter services installed on t'e system. Ofensive Security s'ould not 'ave to remove any user accounts or services rom t'e system.

).0 ,dditional -tems ot *entioned in t'e e!ort  T'is section is placed or any additional items t'at ,ere not mentioned in t'e overall report. 11  P a & e

1)  P a & e