It Sec

Note: this was converted using from LaTeX to Markdown using ChatGPT and Gemini. The original PDF and bibliography can be found here and here. WLAN setup and security Laboratory protocol Exercise 11: WLAN setup and security Figure: Grouplogo Subject: ITSI/NWT Class: 3AHITN Name: Stefan Fürst, Justin Tremurici Group Name/Number: GROUPNAME/12 Supervisor: ANGE, ZIVK Exercise dates: 16.05.2025 | 06.06.2025 Submission date: 10.06.2025 Table of Contents Task definition Summary Complete network topology of the exercise Exercise Execution Setting up the Network Configuring the Router Configuring the Access Point Testing connectivity and DHCP addresses Access Point Isolation Attacking the Wi-Fi Network Setting up the Wi-Fi Adapter Starting the attack Sending Deauthentication Frames Analyzing the 4-Way Handshake in Wireshark Cracking the Password Testing My Own Wi-Fi Mitigations of This Attack How WPA3 improves security Possible WPA3 Attacks References Task definition This task focuses on the setup and subsequent attack of a WLAN network. The initial phase, “Übung 10: Einrichten eines WLAN-Netzwerks,” guides students through provisioning a WLAN. This involves configuring an Access Point (AP), planning channel usage, setting up Network Address Translation (NAT) and a DHCP service, and ensuring full connectivity between wireless and wired clients. Students configure a router with NAT, establish a DHCP server, and set up the AP with WPA2 security, assessing password strength and measuring channel utilization. Connectivity tests confirm communication within the network and to the internet. Access Point Isolation is also explored, with a bonus task involving its configuration and demonstration of its effects. ...

Note: this was converted using from LaTeX to Markdown using Chat GPT 4.1 the original pdf can be found here along with the bibliography Laboratory protocol Exercise 10: Capturing of network traffic in the local network Figure: Grouplogo Subject: ITSI Class: 3AHITN Name: Stefan Fürst, Justin Tremurici Group Name/Number: Name here/12 Supervisor: SPAC, ZIVK Exercise dates: 11.04.2025 | 25.04.2025 | 09.05.2025 Submission date: 16.05.2025 Table of Contents Task definition Summary Complete network topology of the exercise Exercise Execution Building the Topologies Mirroring traffic in RouterOS v7 Comparing the traffic before and after the configuration Packet Sniffing on the Local Device Capturing a Ping Between Two Targets Capturing Plain Text Passwords Capturing a VoIP Call References Task definition This task focused on the passive interception of network traffic in a local network using either a hub or a managed switch with mirror ports. The objective was to analyze unaltered communications using Wireshark on both attacker and victim machines. Two topologies were tested: a hub-based setup, which allowed full traffic visibility, and a switch-based setup, where traffic was mirrored from victim ports to the attacker’s port. Devices were assigned static IP addresses from a private range, and VoIP communication was simulated using either software-based or physical IP phones. ...

Note: this was converted using from LaTeX to Markdown using Chat GPT 4.1 the original pdf can be found here along with the bibliography Testing Windows server security Laboratory protocol Exercise 9: Testing Windows server security Figure: Grouplogo Subject: ITSI Class: 3AHITN Name: Stefan Fürst, Justin Tremurici Group Name/Number: Name here/12 Supervisor: SPAC, ZIVK Exercise dates: 14.03.2025 | 21.03.2025 | 28.03.2025 | 04.04.2025 Submission date: 11.04.2025 Table of Contents Task definition Summary Complete network topology of the exercise Exercise Execution Setting Up the Exercise Environment Brute-Forcing SMB with Hydra Analyzing Network Traffic with Wireshark Brute-Forcing RDP Explaining My Own RDP Brute-Forcing Script Analyzing Network Traffic with Wireshark (RDP) Hardening Windows Against Brute-Force Attacks Using EvLWatcher for Rate Limiting Disabling NTLM Authentication Configuring Login Timeout Settings Mimikatz: An Introduction What Can Mimikatz Do? How to Use Mimikatz Running Mimikatz Using Polyglot Files to Conceal Mimikatz DLL Side-Loading to Attempt to Bypass Windows Defender How to Detect and Block Mimikatz References Task definition This task was conducted using a combination of manual configuration and automated attack tools to evaluate the security posture of a Windows Server environment. The environment setup involved preparing both the target system and an attacker system running Kali Linux, which was equipped with tools such as Hydra for brute-force attacks and Wireshark for network traffic analysis. ...

Note: this was converted from LaTeX to Markdown using ChatGPT 4.1. The original PDF can be found here along with the bibliography. Secure data storage on Windows Laboratory protocol Exercise 8: Secure data storage on Windows Figure: Grouplogo Subject: ITSI Class: 3AHITN Name: Stefan Fürst, Justin Tremurici Group Name/Number: todo/12 Supervisor: SPAC, ZIVK Exercise dates: 14.02.2025 | 21.02.2025 | 28.02.2025 | 7.02.2025 Submission date: 14.3.2025 Table of Contents Task definition Task Overview Summary Exercise Execution Introduction Explaining the first script Changing the execution policy Installing BitLocker Changing the Hostname Downloading the second script Enabling Remote Desktop Creating a Scheduled Task The second script Creating Users and Adding Them to Groups Resizing the Disk and Creating a New Partition Creating Directories Populating the Directories Creating Users and Groups Verifying the Creation of users and groups Managing NTFS Permissions Using icacls Sharing the Directories via SMB Encrypting the Volume using BitLocker References Task definition Task Overview The goal of this exercise is to set up a secure and structured data storage system on a Windows Server, ensuring proper access control and encryption. The tasks include installing the operating system, configuring users and groups, setting up a folder structure, and securing access with permissions. ...

Note: this was converted from LaTeX to Markdown using ChatGPT 4.1. The original PDF can be found here along with the bibliography. Ethical hacking of a CTF-VM Laboratory protocol Exercise 7: Ethical hacking of a CTF-VM Figure: Grouplogo Subject: ITSI Class: 3AHITN Name: Stefan Fürst, Justin Tremurici Group Name/Number: todo/12 Supervisor: SPAC, ZIVK Exercise dates: 17-19.1.2025 Submission date: 20.1.2025 Table of Contents Task definition Summary Complete network topology of the exercise Exercise Execution Setting up the virtual machines Reconnaissance: Scanning the Network Reconnaissance: Exploring the websites Weaponization: Evaluating the needed tools Exploitation: Using Hydra to break HTTP basic authentication Exploitation: Using Hydra to brute force SSH login Exploring the system Listing all the files Investigating the listening service Investigating the process flag Further investigating the webserver Investigating secret_flag.txt Exploring the new user Finding the history flag It should be over now, right? Privilege escalation on Linux Using a smart enumeration tool Trying a kernel level exploit Trying to get privileges using Metasploit and Meterpreter Getting root access through editing the GRUB boot options Obtaining the final flag References Task definition This task is based on a Capture the Flag (CTF) challenge, where multiple flags are hidden across an environment and can be found either through exploits or by navigating the system. Two virtual machines are provided: an Ubuntu server, which hosts the flags, and a Kali Linux machine for offensive actions. Both machines operate in a Host-only network, meaning they can communicate with each other but not with the external internet or other devices. ...