Location via proxy:   [ UP ]  
[Report a bug]   [Manage cookies]                
Scribd Logo
Upload

Welcome to Scribd!

  • 65 views

    Lab5 HOD401

    Uploaded by

    Nguyen Giang Nam (K16 HCM)
    The document describes how to perform vulnerability research and assessments using various tools and databases. It includes steps to search vulnerabilities in the Common Weakness Enumeration (CWE) and Common Vulnerabilities and Exposures (CVE) databases. It also provides instructions to analyze vulnerabilities in the National Vulnerability Database (NVD). Additionally, it outlines the process to conduct vulnerability scans on a network using OpenVAS and Nessus tools, including creating policies, launching scans, and viewing results.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd

    Lab5 HOD401

    Uploaded by

    Nguyen Giang Nam (K16 HCM)
    65 views26 pages
    The document describes how to perform vulnerability research and assessments using various tools and databases. It includes steps to search vulnerabilities in the Common Weakness Enumeration (CWE) and Common Vulnerabilities and Exposures (CVE) databases. It also provides instructions to analyze vulnerabilities in the National Vulnerability Database (NVD). Additionally, it outlines the process to conduct vulnerability scans on a network using OpenVAS and Nessus tools, including creating policies, launching scans, and viewing results.

    Original Description:

    HOD401

    Original Title

    Lab5_HOD401

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    The document describes how to perform vulnerability research and assessments using various tools and databases. It includes steps to search vulnerabilities in the Common Weakness Enumeration (CWE) and Common Vulnerabilities and Exposures (CVE) databases. It also provides instructions to analyze vulnerabilities in the National Vulnerability Database (NVD). Additionally, it outlines the process to conduct vulnerability scans on a network using OpenVAS and Nessus tools, including creating policies, launching scans, and viewing results.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Download as pdf or txt
    65 views26 pages

    Lab5 HOD401

    Uploaded by

    Nguyen Giang Nam (K16 HCM)
    The document describes how to perform vulnerability research and assessments using various tools and databases. It includes steps to search vulnerabilities in the Common Weakness Enumeration (CWE) and Common Vulnerabilities and Exposures (CVE) databases. It also provides instructions to analyze vulnerabilities in the National Vulnerability Database (NVD). Additionally, it outlines the process to conduct vulnerability scans on a network using OpenVAS and Nessus tools, including creating policies, launching scans, and viewing results.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Download as pdf or txt
    You are on page 1of 26

    Lab 1: Perform Vulnerability Research with Vulnerability

    Scoring Systems and Databases


    1.1 Perform Vulnerability Research in Common Weakness
    Enumeration (CWE)
    Open any web browser (here, Mozilla Firefox) and navigate to https://cwe.mitre.org/.

    CWE website appears. In the Google Custom Search under Search CWE section, type
    SMB and click the search icon.
    The search results appear, displaying the underlying vulnerabilities in the target service (here,
    SMB). You can click any link to view detailed information on the vulnerability.

    Now, click any link (here, CWE-427) to view detailed information about the vulnerability.
    A new webpage appears in the new tab, displaying detailed information regarding the
    vulnerability. You can scroll-down further to view more information.
    Now, navigate back to the CWE website, scroll down, and click the CWE List link present
    below the searched results.

    A new webpage appears, displaying CWE List Version. Scroll down, and under the
    External Mappings section, click CWE Top 25 (2022).

    A webpage appears, displaying CWE VIEW: Weaknesses in the 2022 CWE Top 25 Most
    Dangerous Software Weaknesses. Scroll down and view a list of Weaknesses in the 2022
    CWE Top 25 Most Dangerous Software Weaknesses under the Relationships section.
    You can click on each weakness to view detailed information on it.
    1.2 Perform Vulnerability Research in Common Vulnerabilities
    and Exposures (CVE)
    In the Windows 10 virtual machine, open any web browser (here, Mozilla Firefox) and
    navigate to https://cve.mitre.org/.

    CVE website appears. In the right pane, under the Newest CVE Entries section, recently
    discovered vulnerabilities are displayed.
    You can copy the name of any vulnerability under the Newest CVE Entries section and
    search on CVE to view detailed information on it. (Here, we are selecting the vulnerability
    CVE-2023-3173)

    Now, click on the Search CVE List tab. Under Search CVE List section, type the
    vulnerability name (here, CVE-2023-3173) in the search bar, and click Submit.
    Search Results page appears, displaying the information regarding the searched
    vulnerability. You can click the vulnerability link to view further detailed information
    regarding the vulnerability.

    Similarly, in the Search CVE List section, you can search for a service-related vulnerability
    by typing the service name (here, SMB) and click Submit.

    Search Results page appears, displaying a list of vulnerabilities in the target service (SMB)
    along with their description, as shown in the screenshot.
    Further, you can click on CVE-ID of any vulnerability to view its detailed information. Here,
    we will click on the first CVE-ID link.

    Detailed information regarding the vulnerability is displayed such as its Description


    References, and Date Entry Created. Further, you can click on links under the References
    section to view more information on the vulnerability.
    1.3 Perform Vulnerability Research in National Vulnerability
    Database (NVD)
    In the Windows 10 virtual machine, open any web browser (here,
    Mozilla Firefox) and navigate to https://nvd.nist.gov/.

    NATIONAL VULNERABILITY DATABASE website appears: the recently discovered


    vulnerabilities can be viewed.

    You can click on the CVE-ID link (here, CVE-2023-28164) to view detailed information
    about the vulnerability.

    A new webpage appears, displaying CVE-2023-28164 Detail. You can view detailed
    information such as Current Description, Severity, References, and Weakness
    Enumeration.

    Under the Severity section, click the Base Score link to view the CVSS details regarding the
    vulnerability.
    A new webpage appears, displaying information such as Base Scores, Temporal Score, and
    Environmental Score Overall Score related to a vulnerability in graphical form, under
    Common Vulnerability Scoring System Calculator CVE-2023-28164.
    Scroll down to view more detailed information on different score metrics such as Base Score
    Metrics, Temporal Score Metrics, and Environmental Score Metrics.

    NOW, navigate back to the main page Of the NATIONAL VULNERABILITY


    DATABASE website. Expand Vulnerabilities and click Search & Statistics option, as
    shown in the screenshot.
    Lab 2: Perform Vulnerability Assessment using Various
    Vulnerability Assessment Tools
    2.1 Perform Vulnerability Analysis using OpenVAS.
    Turn on the Parrot Security and Windows Server 2016 virtual
    machines.

    Click Applications at the top of the Desktop Window and navigate to Pentesting >
    Vulnerability Analysis > OpenVAS – Greenbone > Start to launch OpenVAS tool.

    After the tool initializes, click Firefox icon from the top-section of the Desktop.

    The Firefox browser appears, in the address bar, type https://127.0.0.1:9392 and press
    Enter.

    OpenVAS login page appears, log in with Username and Password as admin and password
    and click the Login button.
    OpenVAS Dashboard appears, as shown in the screenshot.

    Navigate to Scans > Tasks from the Menu bar.

    The Task Wizard window appears; enter the target IP address in the IP address or
    hostname field (here, the target system is Windows Server 2016 [10.10.10.16]) and click
    the Start Scan button.
    The task appears under the Tasks section; OpenVAS starts scanning the target IP address.

    Wait for the Status to change from Requested to Done. Once it is completed, click the Done
    button under the Status column to view the vulnerabilities found in the target system.
    2.2 Perform Vulnerability Scanning using Nessus
    The Nessus opens-up in the default browser. Click Connect via SSL button to proceed.

    Welcome to Nessus page appears, ensure that Nessus Essentials radio button is selected and
    click Continue.

    The Get an activation code page appears. Enter your personal details and click the Email
    button.
    In the Register Nessus page, paste the copied activation code in the Activation Code field;
    then, click Continue.

    Create a user account page appears. Create credentials for administrative control of the
    scanner. Then, click Submit.
    The Downloading plugins... wizard appears. Nessus will start fetching the plugins and will
    install them.

    Nessus begins to initialize; this will take some time. On completion of initialization, the
    Nessus dashboard appears along with the Welcome to Nessus Essentials pop-up. Close the
    pop-up.
    The Nessus Essentials dashboard appears; click Policies under RESOURCES section from
    the pane on the left.

    The Policies window appears; click Create a new policy.

    The Policy Templates window appears; click Advanced Scan.


    The New Policy / Advanced Scan section appears. In the Settings tab under the BASIC
    setting type, specify a policy name in the Name field (here, NetworkScan_Policy), and give
    a Description about the policy (here, Scanning a Network).

    In the Settings tab, click DISCOVERY setting type and turn off the Ping the remote host
    option from the right pane.
    Select the Port Scanning option under the DISCOVERY setting type, and then click the
    Verify open TCP ports found by local port enumerators checkbox. Leave the other fields
    with default options, as shown in the screenshot.

    Select the ADVANCED setting type. In the right pane, under the Performance Options
    settings, set the values of Max number of concurrent TCP sessions per host and Max
    number of concurrent TCP sessions per scan to Unlimited.
    To configure the credentials of a new policy, click the Credentials tab and select Windows
    from the options.

    Specify the Username and Password in the window. Here, the specified credentials are
    prolan9414/Namgara1234.
    Click the Plugins tab and do not alter any of the options in this window.
    Click the Save button.

    A Policy saved successfully notification pop-up appears, and the policy is added in the
    Policies window, as shown in the screenshot.
    Now, click Scans from the menu bar to open My Scans window; click Create a new scan.

    The Scan Templates window appears. Click the User Defined tab and select NetworkScan
    Policy.
    The New Scan / NetworkScan_Policy window appears. Under General Settings in the right
    pane, input the Name of the scan (here, Local Network) and enter the Description for the
    scan (here, Scanning a local network); in the Targets field, enter the IP address of the target
    on which you want to perform the vulnerability analysis. In this lab, the target IP address is
    10.10.10.16 (Windows Server 2016).

    Click Schedule settings; ensure that the Enabled switch is turned off.
    Click the drop-down icon next to the Save button and select Launch to start the scan.
    The Scan saved and launched successfully notification pop-up appears. The scan is
    launched, and Nessus begins to scan the target.
    After the completion of the scan: click Local Network to view the detailed results.

    You might also like