Assignment Brief:
Scenario:
Assume that you are working for a company called PentestingPros, which has a track record of successful pentests. Your client has asked your employer to retest a server following a previous penetration test, which was conducted by another SME. Your penetration test will take place as soon as the client remediates the major findings from the initial pentest. During the first briefing meeting the client informed you that the retest of the server will take place during some weeks of March and April 2022. In particular, you will be assigned specific timeslots throughout the week in which you will be able to pentest the server. They also inform you that the main vulnerabilities found by the previous pentest include:
• A backdoor listening on port 55 • A number of compromised ssh credentials • Sensitive data exposure via the web server