Homework 1

VM Setup (Host and Guests), Network Traffic, and Exploit

For this homework assignment, you will be expected to build and run an 'attack lab' similar to that demonstrated during the Week 2 lecture sets. As your assignment submission, you will draft a report that outlines the steps taken and, where necessary, the findings that were discovered, and the network capture for all parts. Suggestion, Open a word document and as you are completing each step of this assignment write down each action you do. Also, it would help to add screen shots of significant config settings or results. This can be used as the report.

Part 1: Establish communicating VMs

Configure both of your VMs to run on the same network. You will either need to configure the DHCP server for VirtualBox’s Host-Only networking, or alternately you may use static IP addresses.

Document the process and settings used to setup the Windows OVA and the Kali Linux. Both inside the VirtualBox application as well as the Guest OS’s.
On Kali listen for incoming connections using Netcat (nc) -- nc -l -p 2048
On Kali, capture the network traffic using tcpdump or wireshark. Keep capture running for Part 1, 2, and 3.
On Windows, create a socket connection to the Kali VM. (Enable telnet.exe,, install netcat.exe, or use a scripting language ie python)
Send from the Windows VM to the Kali VM. Your name, M number, current date and time and the message "connection complete successfully". Should look like "Scott Nusbaum, M8675309, 2019-01-24 23:24:07, connection complete successfully"

Part 2: Unsecuring your VMs

You will need to render your Windows VMs and the applications within them insecure. Show work screen shots to prove each are disabled.

Disable Windows Defender
Disable Windows Firewall
Disable Windows Update

Part 3: Launch attack using a malicous executable

Kali: Using Metasploit (preinstalled on Kali) create a malicous executable, with a meterpreter reverse shell payload.
Kali: Move Executable to the target system. (A simple way would be, from Kali, to use "python -m SimpleHTTPServer 8080") and use the browser to download the file to Windows.
Kali: Open a meterpreter, listening for a meterpreter reverse shell( exploit/multi/handler ), in metasploit
Windows: Launch Executable on target system.
Kali: Perform the following actions:
- Retrieve the sysinfo
- Start a keystroke capture
- On Windows: Open Notepad and type in the same information as in Part 1
- Dump the keystroke information in meterpreter (screenshot the results)
- Shutdown the windows VM through meterpreter

Submit Homework

Homework should be submitted to Blackboard by 23:59:59 on 2019-02-7. Report and Pcap from the wireshark capture should be in a zip file with the password "infected". No homework submited after the deadline will be accepted.