









Study with the several resources on Docsity
Earn points by helping other students or get them with a premium plan
Prepare for your exams
Study with the several resources on Docsity
Earn points to download
Earn points by helping other students or get them with a premium plan
Community
Ask the community for help and clear up your study doubts
Discover the best universities in your country according to Docsity users
Free resources
Download our free guides on studying techniques, anxiety management strategies, and thesis advice from Docsity tutors
Instructions for university students on how to gain remote access to servers using ftp, ssh, and terminal server. The exercise involves identifying open ports, using tools like nmap and putty, and attempting to log in using guessed or known usernames and passwords. Potential challenges include login lockout, ids detection, and ip logging. The objective is to obtain specific information from the servers. Useful for students in computer science or information technology courses, particularly those related to network security or system administration.
Typology: Lab Reports
1 / 17
This page cannot be seen from the preview
Don't miss anything!
9/26/
Lab E
//PuttyPutty
,, TerminalTerminal
ServerServer
9/26/
Lab E
Scenario
You have already done a complete survey of a remotenetwork using
Nmap
Now, it’s time to attempt to actually get (remote) accessto one or more of the target’s servers using
guessed
(or
known) usernames/passwords.Your target is: Joe’s Kawasakis and Toothpick Construction, Inc.
9/26/
Lab E
Potential Show Stoppers
9/26/
Lab E
Before getting started, make sure you have anetwork connection… By making sure you have an IP address:
Open a DOS window
Enter:
ipconfig
If your IP address is not
between
and
9/26/
Lab E
Logginginto aLinux FTPservertakes youhere. You can cddown, butnot up!
Solaris lets you move upthe directory structure.
9/26/
Lab E
Only the pub directory is in this ftp dir cd .. Won’t do any good – can’t go up^ See? You’re still in the ftp directory
Will be 208.16.3.
something
9/26/
Lab E
1. Okay, you found an FTP server on a Linux box…
But you can’t log in as root (too insecure)And you can’t use the
find
command
You can’t even use the
cat
command to examine file contents!
You must GET any flags you want to examine. Here’s how: ftp> ls
are there any files in ftp directory?
ftp> ls
pub
are there any files in pub directory?
ftp> get <file-name>
the file is now on your
box
ftp> get pub/<file-name>
file is now on your
box
ftp> quit
Exit FTP
type <file-name>
Now, you’re back on your
box
9/26/
2. Run Putty (to use SSH) -^
If its icon is on thedesktop, double-click on it
-^
Or navigate to c:\tools\putty
and run it
there.
-^
Enter the server’s IPaddress 208.16.3.
not 1!
-^
Click on the “Open”button
-^
Select “Yes” if you get aPuTTY Security Alert
-^
You will be asked for ausername and password Guess, if you have to…
9/26/
Lab E
2. SSH (port 22) is open
(cont.)
If the SSH server is a Linux box: How do you know who all the users are? $ cat /etc/passwd
View all users
can view
passwd
Now,
try to
log in as each of these people
every
person!
If the SSH server is a Windows box: > dir/s/a c:\flag?.txt
Find the flags
/a shows hidden files
type c:\flag1.txt
View Flag 1
contents
exit
9/26/
Lab E
3. Windows Terminal Server (port 3389) is open
Click: Start/All Programs/Accessories/Communications/RemoteDesktop ConnectionEnter the IP address of the Terminal Server (not
and click on
Connect
9/26/
Lab E
3. Windows Terminal Server (port 3389) is open
(cont.)
-^
Once you find flags, look at their contents – that’s
what
your manager wants!^ > type c:\winnt\flag3.txt> net share
if you’re an admin, you can
check for who owns shares
-^
Now, disconnect^ • Click Start/Shut Down• Then select
Disconnect
Disconnect
9/26/
Lab E
Troubleshooting •^
In an environment like this lab, where the poor serversare being hammered by a room full of hackers, theservers may crash!
-^
So, if you have successfully used a port (ftp, ssh, etc.),and it suddenly stops working, make sure the server isstill up by pinging the server: > ping 208.16.3.
target’s IP, not 1!
Rescan the server’s ports – is the port you’re using stillopen? > nmap 208.16.3.
target’s IP, not 1!
If you find something amiss, let the instructor know!