Gaining real pen test experience is very difficult for a BSc undergraduate student, therefore I was very pleased at receiving the news that my main task for my 5 week placement would be to conduct a basic internal pen test on the compsci network.
I had been learning and slowly developing the required skills for pen testing in my personal time over the last few months, but now I would be able to apply those skills to a live, secured network environment with multiple servers and devices available for targeting, as opposed to just one or two run through VirtualBox at home.
The test was to be performed in accordance with a professional standard framework, and a set procedure to follow at each stage. These stages consist of Reconnaissance, Scanning, Exploitation and completing a report upon test completion.
The test would be performed using industry leading tools, installed on a virtual machine running the new Kali Linux security operating system (below).
Using tools like Metasploit (below), Nmap and Nessus, I was able to successfully complete a port scan and vulnerability test of the entire network which aided me in my attempt to exploit the vulnerabilities that had been discovered, and provided valuable input to the network administrator regarding possible weaknesses that need to be addressed.
While I had some initial background knowledge of pen testing, it has been quite a challenge to bring that knowledge up to the level required for a fully secured network with only the internet and reading materials for support.
I quickly found that while I had the knowledge to perform a basic pen test on the network, this was going to yield few results, and am therefore researching and practicing more advanced techniques that should enable me to conduct a more thorough and complete test than attempted previously.
Ultimately, the initial exploitation of the network using basic tools was unsuccessful. However the insights I have gained from conducting a basic test through to completion have provided the core experience needed to move on to a more advanced attempt at gaining unauthorized access to the network, and emulating a malicious attacker more accurately.