SUMMARY

As directed by Top Motors, the penetration test done by PenTest Expert to

determine existing vulnerabilities before upcoming sales season, confirmed the
security concerns that was raised by the ICT department.
Issues found while simulating the attacks include;
 28 confirmed risks.
 22 risks that can be completely remedied.
 6 vulnerabilities that were found to be minor but required constant monitoring.
It has been identified that all security concerns, in respect to the vulnerabilities that
existed within the organization, have been dealt with and risks reduce. The security
position of the company is expected to persist through out the year. However
penetration test is not a one time thing, as more vulnerabilities will always emerge
that warrant more simulations and mitigations.

SCOPE
The penetration testing scope for this process included Top Motors internal network
architecture including Wifi set-up and it also involved its website application. A social
engineering valuation was conducted against the staff to determin how responsive
they were to an attacker.
The test was started on May 3rd and lasted two weeks which led to this report. The
industry standard tools that were used in this process by PenTest Expert were
Nessus, Metasploit framework and Dirbuster.

FINDINGS
All of the security risks, vulnerabilities, and other security concerns raised by the ICT
department and company staff and findings from the test are highlighted in depth.
Several issues were found in the internal network within Top Motor hosts that called
for immediate mitigation to protect the organization from potential attackers.
The table below displays the scope of the penetration test that was conducted as
well as findings.
Test Finding
Internal network environment It was critical
Wireless network infrastructure It was fairly low
Web application It was high
Social engineering of staff It was fairly low

Reconnaissance was conducted by PenTest Expert and information about Top

Motor was collected and categorized. A host search was conducted, the operating
systems were fingerprinted to scan for ports and poor configurations. Only a small
number of vulnerabilities were identified within the targeted hosts which PenTest
Expert used to attack and compromise the system.
Operating systems that were found at Top Motors are listed in the table below;
OS host services vulnerabilities
windows 2 4 1
iOS 1 7 0
Linux 1 9 0
others 4 34 0

The topmotors.com webserver was realized to be using an Apache webserver on

port 81. Additionally, an enumeration scan for the web application was conducted in
order to reveal commonly placed directories, files and data. Most of the directories
that were found required authentication for accessing.
Hosts that were identified at Top Motors are;
Host IP OS Services Issues
May 6 192.45.67.8 Windows 2 0
May 6 192.56.76.4 Ios 5 0
May 6 192.10.1.1 Windows 3 0
 May 6 192.15.20.1 others 3 0

The IP addresses that were found to be probed externally using tools such as
Nessus, Metasploit framework and Dirbuster are listed below;
 192.45.67.8
 192.10.1.1
 192.56.76.4
After an extensive penetration testing the following findings were highlighted;
Were there vulnerable points within the Yes – The system was deemed
system? vulnerable to attacks.
File guessing attacks low – The system was not vulnerable to
attacks.
Denial of Service (DoS) simulated Yes – The system was deemed
attack vulnerable to Denial of Service (DoS)
attacks.
SQL Injection simulated attack Yes – The system was deemed
vulnerable to SQL Injection.
The overall risk in all segments? High - The system was very vulnerable
to attacks.

File guessing attacks

File guessing relies on attacker searching the entire web application for files and
other contents. These files can be scripts, database dumps, backups which can be
vulnerable to attacks, or sometimes they contain sensitive data that hackers can take
advantage of.
Although various attempts of file guessing was conducted by PenTest Expert against
the system. DirBuster scanner was used here but no files could be obtain, this
indicated that a hacker was not able to access files by using file guessing attacks.

Denial of service attacks (DOS)

This attack is intended to crush a network or web application, the system becomes
unreachable to its meant users. Denial of service attacks usually trigger the system
to shut down or crush, an attacker also saturates the target server with traffic or
flooding the bandwidth to render unavailability.
After a series of attempts to initiate denial of service attack on the network resources
or systems by PenTest Expert, the test revealed vulnerability to DOS.

SQL injection
SQL injection is a type of vulnerability that lets an attack to affect queries on the web
application’s databases. It usually lets the hacker to obtain data that would not be
available to them. An attacker is able to make some modifications or delete them
from the databases, the data may as well as be sensitive passwords and credentials
belonging staff members of Top Motors. SQL injection is able to compromise the host
server and back-end setup, it can also lead to other attacks such as initiating a
denial-of-service attack.
During the simulation PenTest Expert was able to use automated and manual
attacks using Metasploit Framework, the systems were vulnerable to SQL injection
and this indicated that an attacker would be able to initiate a wide variety of SQL
injection vulnerabilities, and archive data breaches.

Nessus Remediation Report

CONCLUSION
Top Motors has had security issues in the past which then directed to a broad failure
of critical company infrastructure. Some attempt by malicious hackers had made
attempts to exploited vulnerabilities within the organization. The use of anti-viruses
and passwords alone was deemed insufficient to ensure security.
PenTest Expert had a goal to test if a hacker could gain unauthorized access into the
organization and to identify security damages that could result from such attacks by
leveraging on known vulnerabilities. Poor configuration that was found at the network
and hosts was decided to be a main attack point, lack of monitoring and sufficient
controls for access also attributed.

RECOMMENDATIONS
Because of the security concerns that effected on the entire company proper secure
infrastructure ought to be assigned to respective points to guarantee that
remediation will be achieved.
PenTest Expert had the following recommendations for Top Motors
 By install logical borders on the internal network. A security breach should not
spill to other borders and areas, it should be contained at least. The use of
accounts that are special for each segment should be employed as a
mitigation of this issue.
 Employ management strategies such as conducting regular vulnerability tests
consistently to find out whether the security controls that have been mounted
are producing the required effects, are correctly placed, and are also
functioning as planned.
 Impose enactment to change control for the whole organization’s
infrastructure: Since misconfiguration was very common in all segments of the
system vulnerabilities that resulted would be mitigated by switching control
methods all through the system.
 It should be ensured that strong passwords and username or email
combinations for every account are unique and strong. Some of the staff
members used weak passwords and also reused them in other segments
making it very easy for attackers to target and compromise top Motors
systems.
 Every so often attacks on the system can be as a result of vulnerabilities that
are found on older versions of software. An attacker can be able to gain
access to the web application and the network by exploiting such
weaknesses. So as to prevent hackers it is recommended to devote
resources and time to patch management solutions that monitors and over
sees required software and system updates installations.
 In the case of a successful attack by malicious hacker, the company’s data
can be lost or damaged forever, it is recommended that databases dumps
must be previously backed up to circumvent interruption, and the loss of data.
 Protection the company network and resources using a firewall is one of the
most convenient action that prevent cyber attack. A firewall is meant to block
brute force attacks.