Attacking Webservers from the WAN

CEH Exam Domain:
Domain 1: Background
Domain 4: Tools/Systems/Programs
Domain 5: Procedures/Methodology

CEH Objective Mapping:
Objective 1.2 Information Security Threats and Attack Vectors
Objective 1.3 Information Security Tools
Objective 5.2 Information Security Assessment Methodologies

Overview

In this lab, you will attack a web server from the wide area network, or WAN, with a Kali Linux Attack Machine and use Microsoft Remote Desktop Connection (RDP) to connect to the victim machine.

outcomes:

In this lab, you will learn to:

Use nmap/Zenmap to scan a wide area network.
Use Bruter to exploit SMTP.
Use remote desktop with captured credentials to deface a web site.
Cover your tracks from the hack you just performed.

Courses

Ethical Hacking and Systems Defense Skill Lab

Key terms and descriptions

Remote Desktop Connection (formerly Microsoft Terminal Services Client)

Allows a user to remotely log into a networked computer running the terminal services server.

Port

In computer networking, a port is an endpoint of communication in an operating system associated with an IP address of a host and the protocol type of the communication.

Zenmap

A GUI front end for nmap; will allow you to scan for open ports and services.

Metasploit

A framework that contains exploits for various information systems.

nmap

A port scanner which will indicate whether ports are open or closed on a remote system.