Please read through all of the instructions and scenarios below…I have added the two papers that lead up to this one. There is also a template for this deliverable. Please let me know if you have any questions.

Up to this point, as a pen tester for Centralia Security Labs, you have set the rules of engagement, detailed how you plan to collect all the cyber intelligence needed, and mapped Haverbrook’s network by scanning its systems.

Now, you can begin to plan how you would gain access to the target systems. You know that there are many open source and commercial tools available to gain access. You could also create custom exploits using programming languages.

You have been proactive as a pen tester for Centralia Security Lab. You have exploited the network and taken control of a system within the target environment. As an effective penetration tester, you also know that you need to figure out how to maintain control of the system. To have a clear execution plan, you need to think about the best techniques and procedures when pivoting to obtain access and control of the targeted system.

You know that you have to be careful because if your actions are detected, network security administrators will isolate you and ultimately remove you from their network. Once you alert them, gaining access again becomes much more difficult.

Now you can finalize the specifics of how you would gain access to the target systems. Your report will include how you plan to collect enough information to access Haverbrook’s systems, web applications, and networks, including the target resources you would focus on and techniques you would use to gain access to them.

After collecting enough information about the target during Deliverable 2 (Reconnaissance and Scanning Plan), you will describe how to use that information to gain access to Haverbrook’s systems. Your one- to two-page plan on gaining access should include:

details of the gaining access process in regards to the techniques commonly used to exploit low-privileged user accounts by cracking passwords through techniques such as brute-forcing, password guessing, and social engineering, and then escalate the account privileges to administrative levels, to perform a protected operation.
an implementation outline of any software that will be used in gaining access to the network(s) or system(s) You may include open source and commercial tools available to execute the actual exploit: Burp Suite, Cain and Abel, Core Impact, John the Ripper, Metasploit, and others. You can also use some programming languages, such as Javascript, Perl, Python, Ruby, or C++, if you choose to develop custom exploits.
As you are developing the Gaining Access Plan, keep these questions in mind:

How would you escalate your privileges?
How would you establish a command and control communication channel?