System Hacking - p.11

Lab 10

System Monitoring Using RemoteExec

System hacking is the science of testing computers and networks for vulnerabilities andplugging.

Lab Scenario

To be an expert ethical hacker and penetration tester, you must have sound knowledge of footprinting, scanning, and enumeration. Tliis process requires an active connection to the machine being attacked. A hacker enumerates applications and banners in addition to identifying user accounts and shared resources. You should also have knowledge of gaining access, escalating privileges, executing applications, liiduig tiles, and covering tracks.

Lab Objectives

The objective of tins lab is to help students to learn how to:
■Modify Add / Delete registry keys and or values
■ Install service packs, patches, and hottixes
■ Copy folders and tiles
■ Run programs, scripts, and applications
■ Deploy Windows Installer packages in silent mode

Lab Environment

To earn־ out die lab, you need:
■ Remote Exec Tool located at D:\CEH-Tools\CEHv8 Module 05 System Hacking\Executing Applications Tools\RemoteExec
■ Windows Server 2008 running on the Yutual machine
■ Follow die Wizard Driven Installation steps

■ You can also download die latest version of RemoteExec from the link
http://www.isdecisions.com/en
■ If you decide to download die latest version, dien screenshots shown in the lab might differ
■ Administrative pnvileges to run tools

Lab Duration

Tune: 10 Minutes

Overview of RemoteExec

RemoteExec, die universal deployer for Microsoft Windows systems, allows network administrators to run tasks remotely.

Lab Task

1. Install and  launch RemoteExec.

FIGURE 10.1: RemoteExec main window

2. To configure executing a file, double-click Remote jobs.

FIGURE 10.2: RemoteExec configuring Remote jobs

3. To execute a New Remote job, double-click die New Remote job option diat configures and executes a new remote job

FIGURE 10.3: RemoteExec configuring New Remote job

4. in a New Remote job configuration you can view different categories to work remotely.
5. Here as an example: we are executing die file execution option. To execute double-click File Execution.

FIGURE 10.4: RemoteExec configuring File Execution

6. In the File execution settings, browse die executable file, select Interactive from drop-down list of Context, and check the Auto option

FIGURE 10.5: RemoteExec File execution settings

7. Configuring die Filter Section:
a. For the OS version, select = from die drop-down menu and specify die operating system.
b. For the OS level, select = from die drop-down menu and select Workstation.
c. For the IE version, select >= from die drop-down menu and specify the IE version.
d. For the Service Pack, select = from die drop-down menu and specify die service pack version

FIGURE 10.6: RemoteExec Filter tab

8, Selecting a Target Computer: Enter die target computer name manually by selecting Name from the drop-down list and clicking OK.

FIGURE 10.7: RemoteExec Add/Edit a computer

9. To execute the defined action on die remote computer, click the Launch
option in the nglit pane of die window.

FIGURE 10.8: RemoteExec executing the defined action

Lab Analysis

Analyze and document die results related to die lab exercise.