Lab 14 Web Application Vulnerabilities

Exercise 1: Installing XAMPP First, we start in the Server VM and in the properties to World Wide Web Publishing Service and stop the service as well as disabling it on startup. Next, we need to go into Change User Account Control Settings and change it to never notify. Now we navigate to the xampp installer and […]

Lab 13 HTTP and HTTPS

This lab will demonstrate how vulnerable HTTP is. Exercise 1: Sniffing HTTP First, we need to open the Server VM and go to IIS Now going inside of Authentication we need to change the Anonymous Authentication and Basic Authentication. Now we need to switch to the Client VM and run Wireshark. Now Wireshark is running, we now […]

Lab 12 Data Leakage Prevention

Exercise 1: Installing Rights Management Services In this lab, we will be setting up Active Directory Rights Management Services. First, we need to create a new user named ADRMS Now we have created the user, we need to add him to the Domain Admins group. Now that we have our user fully setup we can […]

Lab 11 Network Access Protection

Exercise 1: Installing Network Access Protection In this lab, we will be configuring Network Access Protection Role. First, we need to install Certificate Services. Now that the role has been installed, we now need to configure the role. Now we need to add another role ‘Network Policy Server’ and ‘Health Registration Authority’   Exercise 2: […]

Lab 10 Attacks Against DHCP and DNS

Exercise 1: Setting Up the Scenario In this lab, we need to edit our current DHCP scope and change the lease time, as well as the Subnet delay. After making those changes we also need to move the ‘wwwroot’ folder to the ‘inetpub’ folder. Exercise 2: Preparing the Attack In this part, we need to […]

Lab 9 Telnet and FTP

Exercise 1: Configuring Telnet and FTP This lab is to demonstrate how unsecured Telnet and FTP are. We start this by installing the FTP role on the server and the Telnet Server Feature. Now we need to start the Telnet Server. The next step is to copy c:\gtslabs\ftproot to c:\inetpub Next is to change authentication methods […]

Lab 8 Configuring a VPN

Exercise 1: Installing a Network Adapter In this exercise, we need to install a second network adapter to the Server VM to support RRAS. The Lab shows it being done in Hyper V and since we are using VSphere it’s done differently but I’ll follow it as much as possible. The lab wanted an ‘External […]

Lab 7 Password Sniffing

Exercise One: Keyloggers In this exercise, we are installing a keylogger on the Client VM, which we need to log in as the domain administrator first. Once logged in we can install Actual spy and do the following steps; Check the box to allow the program to start on startup Check all boxes under hiding Check […]

Lab 6 Configuring Certificate Services

Exercise One In this lab, we will be working within the Server VM. I need to install Active Directory Certificate Services through the roles and features tab. Now we need to configure AD CS. Exercise Two This lab we will examine the AD CS role we installed. First, we need to go to tools and open AS CS and […]

Lab 5 Steganography

Exercise One In this lab, we learn how to hide information within the Windows File System. We start by logging into the Client and running silenteye-0.4.1-win32 installer. Once installed we need to make a note of the gtslearning.jpg image creation and last modified date. Once those dates are noted we need to open WinMD5 and drag the image […]