Your instructor will assign each team member a number so that each student has a unique set of credentials to recover and a different data set to steal. (Mine is team 1 student 3)
For example, if you are on Red Team #2 and are assigned Student #1, get the password hash for redteam2student1, and crack it using John the Ripper or other tool.
If you are on Red Team #2 and are assigned Student #1, go into the redteam1 folder on the root directory on the victim machine. In that folder, you will find a folder called student1. There is a file called mypass.txt in that folder. Get the contents of the file from the victim out of the network and display it for the client to see.
Video Requirements
In your video, you will do a walk-though of the attack on the Linux system with your Kali box and explain how you were able to exploit the vulnerability as well as exfiltrate data. The video demonstration will be a powerful example of what occurs on an actual penetration test and will be an item that you can add to a portfolio.
Your video should show the steps involved in penetrating the client’s system. The video will be created with Microsoft Stream. The video should be a maximum of 10 minutes but should not be shorter than 5 minutes.
Include the following:
introduction and purpose
steps taken to break into the remote system and a discussion of the vulnerability you are exploiting
an explanation of how you accessed the shadow file and what methods you used to crack the password hash
an explanation of how you gained access to the confidential information on the system
a summary of the steps taken in the video and recommendations for the company
The IP address for the attacking machine will be 10.1.3.50
the IP address for the victim machine will be 10.1.3.100