Regular host VA/PT: Metasploitable3

  • Digintrude
  • 05 Oct

What is meant by Windows Machines?

Windows machines are a sequential series of operating systems which are developed by Microsoft. Every version of Windows has a graphical user interface, including a desktop that allows users to view files and folders in windows. For the last two decades, Windows has been the most widely used (OS) operating system for personal computers / PCs.

Microsoft Windows has been designed for both home computing and for professional purposes. The most recent version of Windows for PCs, tablets, embedded devices and smartphones is Windows 10. The current versions for server computers is Windows Server 2016.

Why is it important?

The bigger the target, the easier it is to aim at. Windows Operating systems has more than 80% of consumers across the world; so larger the number, bigger the attack surface. So, Penetration testing for host machines is important as:

  • It helps to find vulnerabilities / weak areas where an intruder can attack to gain access to the computer’s data and features.
  • It gives proper estimate for the magnitude of attacks on potential businesses.
  • It gives evidence to suggest that it is important to increase budgets in security aspect of technology.
How is Penetration Testing Useful?

Penetration testing has the following benefits:

  • It delivers detailed info about the security threats. In accumulation to this, it also categorizes the grade of vulnerabilities and suggests which one is more vulnerable and which one is less.
  • Penetration testing helps organization’s major activities to be updated and to comply with the auditing system.
  • A small breach of security system may cause millions of dollars in damage. Penetration testing can help in protecting organizations from such damages.
  • Breach of even a single client’s data may cause big financial damage along with reputation damage. It protects the establishments who handle with clients and keep their data intact.
  • Penetration testing is a mixture of techniques that reflects various issues of the systems, it tests, analyzes, and gives solutions. It is based on an organized technique that makes penetration testing step-by-step.
Step by Step method for Penetration Testing

Planning & Preparation

Planning and preparation jumps with essentially the goals and purposes of the penetration testing. The customer and the tester jointly define the goals so that both the gatherings have the same objectives and understanding. The common purposes of penetration testing are:

  • Identifying the vulnerabilities and improving the security of the technical systems.
  • To Increase the security of the organization and personnel infrastructure.
Information Gathering / Reconnaissance

Information Gathering / Reconnaissance contains an analysis of the initial information. A tester doesn’t have much info other than the initial information, for example an IP address or an IP address block. The tester starts by examining the available info and, if required, requests for more info such as, network plans, system descriptions, etc. from the customer. This step is like passive penetration testing. The only objective is to obtain a complete and thorough information of the systems.

Scanning / Discovery

In this step, a penetration tester will most probably use the automated tools to scan target resources for discovering any vulnerabilities. These tools usually have their own databases that give details of the newest vulnerabilities. However, tester can discover:

  • Any additional servers, systems, and other devices.
  • Open ports available on these devices.
  • Actual services running on these open ports.
Analysis of Information and Risks

In this step, tester examines and evaluates the info collected before the test steps for penetrating the system dynamically. As there are a large number of systems and sizes for infrastructure, it is very time consuming. While examining, the tester would consider the following items:

  • The clear goals of the penetration test.
  • The possible risks to the system.
  • The projected time required for assessing potential security flaws for the following active penetration testing.

However, from the list of recognized systems, the tester may select to test only those which comprise potential vulnerabilities.

Active Intrusion Attempts

This is the utmost important step that has to be performed with due attention. This step involves the degree to which the possible vulnerabilities that was recognized in the detection step which possess the actual risks. This step must be achieved when a confirmation of potential vulnerabilities is needed. For those systems having very high integrity necessities, the potential vulnerability and risk needs to be sensibly considered before showing critical clean up procedures.

Final Analysis

This step mainly considers all the steps conducted as discussed until now; Further, the tester would recommend removing the vulnerabilities and risks. Above all, the tester must promise the transparency of the tests and the weaknesses that it had disclosed.

Report Writing or Preparation

Report preparation essentially would start with overall testing measures, followed by an examination of vulnerabilities and risks. The high risks and critical vulnerabilities essentially have priorities and then tracked by the lower order.

Though, while documenting the final report, we need to consider the following points:

Complete summary of penetration testing.

  • Details of each step and the info gathered during the pen testing.
  • Details of all the vulnerabilities or weakness and risks discovered.
  • Details of cleaning and protecting the systems.
  • Recommendations for future security.

Sample Report for performing Penetration Testing; Here we are trying to perform internal network assessment to find how many machines are up and ports open on each host; based on