Introduction
Scenario
Fullstack Academy has reviewed your team’s report and is satisfied with the results. Because your team did such a great job, they would like a follow-up penetration test with an isolated portion of the network that was not part of the original engagement. However, this isolated portion of the network has a small number of systems, so it does not make sense for your entire team to be involved with this follow-up engagement. Instead, your team has assigned you to complete the penetration test for this isolated network on your own, as you have proven yourself ready to handle this kind of engagement.
Rules of Engagement
- You are authorized only to scan and attack systems that reside on the same /20 subnet on which your Kali instance resides (e.g., if the IP of your Kali instance is 172.31.6.161, you are only authorized to scan and attack systems on the 172.31.6.0/20 subnet).
- No social engineering or client-side exploits are needed or permitted on this penetration test.
- You are allowed to work with your classmates on this penetration test.
- Everything you need to complete this test should be available to you on the systems already; there should be no need to download outside tools for this penetration test.