.

Ethical hacking and penetration testing project

<<

iamgenius

User avatar

Newbie
Newbie

Posts: 2

Joined: Wed Sep 21, 2016 11:38 am

Post Wed Sep 21, 2016 11:43 am

Ethical hacking and penetration testing project

Hi to all,

Sorry to be such a demanding guy from the beginning, but I hope this will be a good start and I'll enjoy my time here with you guys. This is my first post. I'm doing a Master in cyber security and currently taking ethical hacking and penetration testing course. I need to do a semi-final project for this course. I must say that I'm enjoying this class the most. It is the pinnacle of our Master program. That's how I feel, so it should help.

I need some project ideas. Simple ones that is as we only have one month to finish everything. It is a mini-project. I'm searching online as of now for some ideas but it is also good to consult experts like you guys. I have ideas of my own of course but I'm not settled yet. I'll share one with you. Please keep reading...

In some organizations(like military for example), computer networks can be totally private and isolated from the public cloud/network. This means there can be no points of entry from the public network into the internal network belonging to the specific organization as it is simply physically isolated. Now, we all carry smartphones equipped with data packages and they are online all the time. At work, some might be tempted to charge his smartphone using the USB port of one of the PC's inside the organization or the company.

I think you know where I'm getting at. This way, you might be exposing the internal isolated network to the public network, provided that the USB cable is for charge and data. Right? Black hats can easily get into your smartphone, but can they also somehow access the PC the via the smartphone and have control over it and consequently on the whole domain network maybe ? Is it too far-fetched? This is the main area where I need help. I want to demonstrate that it is possible and provide countermeasures of course.

I don't know, it might too hard but it is one of the first ideas I thought of and it is one that I would love to work on. It will be really entertaining to work on something like this.

Now, there is a very similar idea but simpler. Out of ignorance, one might hook his laptop to the network cable and make it join the domain using the ethernet card in the laptop. Now, the laptop has another network adapter, the WIFI adapter that is. The laptop can join the domain and connect to the internet by nearby wifi or via his smartphone mobile hotspot feature. This will also expose the internal isolated network. Attackers can get into the laptop and then to the internal network.

Hopefully I made myself clear...

What do you think? Feasible to do in one month?

I have some other ideas but I don't really like them, so I'll use them as a last resort. Please give me your comments. I welcome other ideas as well.

Thanks in advance
<<

iamgenius

User avatar

Newbie
Newbie

Posts: 2

Joined: Wed Sep 21, 2016 11:38 am

Post Sat Sep 24, 2016 1:05 pm

Re: Ethical hacking and penetration testing project

To make it more clear, I'll say that what I want to accomplish is penetrating a closed private network. Naturally, you wouldn't be able to because it is a completely isolated network. After some digging, I think I now know how to do the laptop idea. However, I still need help with the smartphone one. I guess there might be some ready made tools which can illegally copy files from the PC if the smartphone is connected to it via a USB cable. Specially for android devices maybe. If somebody can offer me some help here, I'll appreciate it. I welcome all other comments as well.

Thanks.

Return to Network Pen Testing

Who is online

Users browsing this forum: No registered users and 2 guests

cron
.
Powered by phpBB® Forum Software © phpBB Group.
Designed by ST Software