After collecting enough information about the target during Deliverable 2 (Reconnaissance and Scanning Plan), you will describe how to use that information to gain access to Haverbrook’s systems. Your one- to two-page plan on gaining access should include:
- details of the gaining access process in regards to the techniques commonly used to exploit low-privileged user accounts by cracking passwords through techniques such as brute-forcing, password guessing, and social engineering, and then escalate the account privileges to administrative levels, to perform a protected operation.
As you are developing the Gaining Access Plan, keep these questions in mind:
- How would you escalate your privileges?
- How would you establish a command and control communication channel?
Refer to Chapter 6 in the textbook for the different techniques that can be used to gain access to the system.Â
Use the Gaining Access TemplateÂ to record your work. Please submit your workÂ to the LEO submission box below.Â
Penetration Test Proposal
Deliverable 3: Gaining Access Plan
Course Number and Section:
Provide a summary of the Gaining Access phase.
Identify the resources where vulnerabilities can be located and include a brief description of those resources. Be sure to include a reference to the vulnerability, i.e., NVD.
Techniques and Software
Provide the techniques and any software, applications, or scripts that will be used in gaining access to the network(s) or system(s) along with a description of each technique. Refer to Chapter 6 in the textbook for additional information.