Assessment 2 Details and Submission Guidelines
Purpose of the assessment (with ULO Mapping)
ULO 2. Analyze IT systems and their security weaknessesULO 3. Devise and execute cyber security attacks on IT systems ULO 4. Critically analyze remediation steps and countermeasures to prevent damage to systems
Objectives of Assignment
Gain a understanding of web technologies
Learn modern techniques to map and scan the databases of
web applications
Learn how to protect web application against active threats
Weight Total Marks Word limit Due Dates
Submission Guidelines
All work must be submitted on Moodle by the due date along with a completed Assignment Cover Page.
The assignment must be in MS Word format, 1.5 spacing, 11- pt Calibri (Body) font and 2 cm margins on all four sides of your page with appropriate section headings.
Reference sources must be cited in the text of the report, and listed appropriately at the end in a reference list using IEEE referencing style.
Extension
If an extension of time to submit work is required, a Special Consideration Application must be submitted. You must submit this application within four working days of the assessment due date.
Further information is available at:Microsoft Word - QA20 Student Assessment 2.0 (3).doc (filesusr.com)
Academic Misconduct
Academic Misconduct is a serious offence. Depending on the seriousness of the case, penalties can vary from a written warning or zero marks to exclusion from the course or rescinding the degree.
Students should make themselves familiar with the full policy and procedure available at:Microsoft Word - Student Academic Integrity.docx (filesusr.com).
Assessment 2
Brute Force Attack On WordPress Web Site To Enumerate Users Names and Passwords
Install Bitnami on Virtual Box. Download the copy of virtual machine for WordPress packaged by Bitnami from https://bitnami.com/stack/wordpress/virtual-machine
Log in with user name as ‘bitnami’ and password ‘bitnami’.
Change password
Type‘ip addr’command to check IP address of newly launched web site
Check the web site on your computer browser by typing ip address of web site.
6.
Type in browser ip address of web site followed by/wp-admin
7.
Find out user credentials by using command in Bitnami shell as shown below-
sudo cat /home/bitnami/bitnami_credentials
8.
Note down user name and password as shown in the figure and log in to wordpress admin panel
9. Create users on control panel by clicking on user tab on left hand side.
10. Addnew user called ‘admin’ with password as ‘password’.
11. Now open WPSCAN in Kali Linux and Type following command
wpscan --url http://192.168.0.90 -e u -U admin -P /root/rockyou.txt
Make sure that you have installed word dictionary on your kali linux from popular web sites andnamed it is ‘rockyou.txt’ and check the path name in the above command correctly. As well as checkthe IP address of your WordPress web site.
Output Window- Upload the output window screen on the weekly submissions for grading.
Marking Guide: Criteria
Installation of kali Linux
Testing of web Bitnami site
WP Scan Commands
Final Output
Description Marks
2 marks for description and 3 marks for screen shot 5
5 marks for description and commands used 5
5 marks for description and screen shot 5
Already registered? Login
Not Account? Sign up
Enter your email address to reset your password
Back to Login? Click here