MN623 – Cyber Security and Analytics | Reliable Papers

MN623 – Cyber Security and Analytics Laboratory 8: Brute Force Password Attack on WordPress Submission Due: End of laboratory class, submit the file on Moodle at least 10 minutes before the end of laboratory class. Total Marks    = 5 marks for 10 weeks Marks will be given only to students who attend and participate during 2-hour laboratory class. Submission on Moodle is mandatory as an evidence of participation. Description of the laboratory exercise: Form a group to work during the semester: 3 members each group: write your names and student ID in every submission.Select a leader for the first 3- 4 weeks (leadership will rotate every 3-4 weeks).Most of the questions throughout these lab sessions, you can discuss with your group members, but you have to submit your own answer as an individual submission on Moodle. However, some of the lab work/assignments you may need to submit only one submission as a group. Therefore, carefully read the given instruction in every lab sheet/assignment. Learning Outcome: Analyse cyber security threats and attacksImplement and evaluate security testing tools in a realistic computing environmentEvaluate intelligent security solutions based on data analyticsAnalyse and interpret results from descriptive and predictive data analysis Complete both knowledge and practical exercises. Practical Tasks: In this session, you will perform brute-force password guessing attack on the WordPress host. The brute-force password guessing attack is to run through many combinations of letters and characters to identity the legitimate password. Note the attack can take a prolonged period of time (likely hours or days). Open the penetration testing lab environment Open the penetration testing lab environment from lab 07. Revise the WordPress host On Kali-Linux host, open web browser to check the WordPress website Perform WPSCAN Attack on the WordPress host Perform WPSCAN brute-force password guessing attack[1] on the WordPress hostPrepare a Wordlist for the attack (or use the default Wordlist attack file)Set out the WPSCAN command to carry on the attack. Analyse the attack outcomes Report the WordPress host vulnerabilitiesReport how we can secure the usernames and passwords. Use Data Mining Tools for Predictive Modeling Report on use of WEKA tools to perform predictive modeling with decision trees in network security Lab Manuals Today’s lab work needs previous week’s lab setup where you have one WordPress server and kali linux machine where wpscan commands have its database updated Step 1: Create more than one user in WordPress site (if not created in last lab) Step 2: Create a password dictionary in kali linux desktop To create this, you can create your own dictionary file manually or using chrunch command that we learned earlier. Alternatively you can download some dictionary files as well Step 3: Verify wordpress admin page is accessible Step 4: Give the following command in kali linux terminal : wpscan –u http://192.168.56.103/wp-admin –wordlist /root/Desktop/pass.txt –username user [Use your server ip address and own password file name] You will get the password in the command prompt output: In this example we have one user only [1]https://www.hempstutorials.co.uk/brute-forcing-passwords-with-thc-hydra/

Is this the question you were looking for? If so, place your order here to get started!

Related posts

New Technologies in Nursing

New Technologies in Nursing New Technologies in Nursing Introduction The current nursing technologies have transformed how nurses conduct their duties. Evidently, such technologies and new healthcare systems have endured establishing better services to patients. According to the reports of...