mirror of
https://github.com/The-Art-of-Hacking/h4cker
synced 2024-11-13 23:07:07 +00:00
146 lines
No EOL
7.8 KiB
Text
146 lines
No EOL
7.8 KiB
Text
{\rtf1\ansi\ansicpg1252\uc1 \deff0\deflang1033\deflangfe1033{\fonttbl{\f0\froman\fcharset0\fprq2{\*\panose 02020603050405020304}Times New Roman;}{\f28\froman\fcharset238\fprq2 Times New Roman CE;}{\f29\froman\fcharset204\fprq2 Times New Roman Cyr;}
|
|
|
|
{\f31\froman\fcharset161\fprq2 Times New Roman Greek;}{\f32\froman\fcharset162\fprq2 Times New Roman Tur;}{\f33\froman\fcharset177\fprq2 Times New Roman (Hebrew);}{\f34\froman\fcharset178\fprq2 Times New Roman (Arabic);}
|
|
|
|
{\f35\froman\fcharset186\fprq2 Times New Roman Baltic;}}{\colortbl;\red0\green0\blue0;\red0\green0\blue255;\red0\green255\blue255;\red0\green255\blue0;\red255\green0\blue255;\red255\green0\blue0;\red255\green255\blue0;\red255\green255\blue255;
|
|
|
|
\red0\green0\blue128;\red0\green128\blue128;\red0\green128\blue0;\red128\green0\blue128;\red128\green0\blue0;\red128\green128\blue0;\red128\green128\blue128;\red192\green192\blue192;}{\stylesheet{
|
|
|
|
\ql \li0\ri0\widctlpar\aspalpha\aspnum\faauto\adjustright\rin0\lin0\itap0 \fs24\lang1033\langfe1033\cgrid\langnp1033\langfenp1033 \snext0 Normal;}{\*\cs10 \additive Default Paragraph Font;}{\s15\ql \li0\ri0\widctlpar
|
|
|
|
\tqc\tx4320\tqr\tx8640\aspalpha\aspnum\faauto\adjustright\rin0\lin0\itap0 \fs24\lang1033\langfe1033\cgrid\langnp1033\langfenp1033 \sbasedon0 \snext15 header;}{\*\cs16 \additive \sbasedon10 page number;}}{\info{\author tom}{\operator tom}
|
|
|
|
{\creatim\yr2009\mo8\dy24\hr14\min23}{\revtim\yr2009\mo8\dy24\hr15\min17}{\version12}{\edmins53}{\nofpages3}{\nofwords490}{\nofchars2793}{\nofcharsws3430}{\vern8243}}
|
|
|
|
\widowctrl\ftnbj\aenddoc\noxlattoyen\expshrtn\noultrlspc\dntblnsbdb\nospaceforul\formshade\horzdoc\dgmargin\dghspace180\dgvspace180\dghorigin1800\dgvorigin1440\dghshow1\dgvshow1
|
|
|
|
\jexpand\viewkind1\viewscale114\viewzk2\pgbrdrhead\pgbrdrfoot\splytwnine\ftnlytwnine\htmautsp\nolnhtadjtbl\useltbaln\alntblind\lytcalctblwd\lyttblrtgr\lnbrkrule \fet0\sectd \linex0\endnhere\sectlinegrid360\sectdefaultcl {\header \pard\plain
|
|
|
|
\s15\ql \li0\ri0\widctlpar\tqc\tx4320\tqr\tx8640\pvpara\phmrg\posxr\posy0\aspalpha\aspnum\faauto\adjustright\rin0\lin0\itap0 \fs24\lang1033\langfe1033\cgrid\langnp1033\langfenp1033 {\field{\*\fldinst {\cs16 PAGE }}{\fldrslt {
|
|
|
|
\cs16\lang1024\langfe1024\noproof 3}}}{\cs16
|
|
|
|
\par }\pard \s15\ql \li0\ri360\widctlpar\tqc\tx4320\tqr\tx8640\aspalpha\aspnum\faauto\adjustright\rin360\lin0\itap0 {
|
|
|
|
\par }}{\*\pnseclvl1\pnucrm\pnstart1\pnindent720\pnhang{\pntxta .}}{\*\pnseclvl2\pnucltr\pnstart1\pnindent720\pnhang{\pntxta .}}{\*\pnseclvl3\pndec\pnstart1\pnindent720\pnhang{\pntxta .}}{\*\pnseclvl4\pnlcltr\pnstart1\pnindent720\pnhang{\pntxta )}}
|
|
|
|
{\*\pnseclvl5\pndec\pnstart1\pnindent720\pnhang{\pntxtb (}{\pntxta )}}{\*\pnseclvl6\pnlcltr\pnstart1\pnindent720\pnhang{\pntxtb (}{\pntxta )}}{\*\pnseclvl7\pnlcrm\pnstart1\pnindent720\pnhang{\pntxtb (}{\pntxta )}}{\*\pnseclvl8
|
|
|
|
\pnlcltr\pnstart1\pnindent720\pnhang{\pntxtb (}{\pntxta )}}{\*\pnseclvl9\pnlcrm\pnstart1\pnindent720\pnhang{\pntxtb (}{\pntxta )}}\pard\plain \qc \li0\ri0\widctlpar\aspalpha\aspnum\faauto\adjustright\rin0\lin0\itap0
|
|
|
|
\fs24\lang1033\langfe1033\cgrid\langnp1033\langfenp1033 {Rules of Engagement Worksheet:
|
|
|
|
\par }\pard \ql \li0\ri0\widctlpar\aspalpha\aspnum\faauto\adjustright\rin0\lin0\itap0 {
|
|
|
|
\par Penetration Testing Team Contact Information:
|
|
|
|
\par
|
|
|
|
\par Primary Contact: ____________________________________________
|
|
|
|
\par
|
|
|
|
\par Mobile Phone: ____________________________________________
|
|
|
|
\par
|
|
|
|
\par Pager: \tab ____________________________________________
|
|
|
|
\par
|
|
|
|
\par Secondary Contact: _______________________________________________
|
|
|
|
\par
|
|
|
|
\par Mobile Phone: ________________________________________________
|
|
|
|
\par
|
|
|
|
\par Pager: ________________________________________________
|
|
|
|
\par
|
|
|
|
\par Target Organization Contact Information:
|
|
|
|
\par
|
|
|
|
\par Primary Contact: ____________________________________________
|
|
|
|
\par
|
|
|
|
\par Mobile Phone: ____________________________________________
|
|
|
|
\par
|
|
|
|
\par Pager: \tab ____________________________________________
|
|
|
|
\par
|
|
|
|
\par Secondary Contact: _______________________________________________
|
|
|
|
\par
|
|
|
|
\par Mobile Phone: ________________________________________________
|
|
|
|
\par
|
|
|
|
\par Pager: ________________________________________________
|
|
|
|
\par
|
|
|
|
\par
|
|
|
|
\par "Daily Debriefing" Frequency: _____________________________________________
|
|
|
|
\par
|
|
|
|
\par "Daily Debriefing" Time/Location: __________________________________________
|
|
|
|
\par
|
|
|
|
\par
|
|
|
|
\par Start Date of Penetration Test: ______________________________________________
|
|
|
|
\par
|
|
|
|
\par End Date of Penetration Test: ______________________________________________
|
|
|
|
\par
|
|
|
|
\par Testing Occurs at Following Times: __________________________________________
|
|
|
|
\par
|
|
|
|
\par Will test be announced to target personnel: ____________________________________
|
|
|
|
\par
|
|
|
|
\par Will target organization shun IP addresses of attack systems: _____________________
|
|
|
|
\par
|
|
|
|
\par Does target organization's network have automatic shunning capabilities that might disrupt access in unforeseen ways (i.e. create a denial-of-service condition), and if so, what steps will be taken to mitigate the risk:
|
|
|
|
\par
|
|
|
|
\par ____________________________________________________________________
|
|
|
|
\par
|
|
|
|
\par ____________________________________________________________________
|
|
|
|
\par
|
|
|
|
\par
|
|
|
|
\par Would the shunning of attack systems conclude the test: _______________________
|
|
|
|
\par
|
|
|
|
\par If not, what steps will be taken to continue if systems get shunned and what approval (if any) will be required:
|
|
|
|
\par
|
|
|
|
\par _______________________________________________________________________
|
|
|
|
\par
|
|
|
|
\par _______________________________________________________________________
|
|
|
|
\par
|
|
|
|
\par _______________________________________________________________________
|
|
|
|
\par
|
|
|
|
\par IP addresses of penetration testing team's attack systems:
|
|
|
|
\par
|
|
|
|
\par _______________________________________________________________________
|
|
|
|
\par
|
|
|
|
\par _______________________________________________________________________
|
|
|
|
\par
|
|
|
|
\par _______________________________________________________________________
|
|
|
|
\par
|
|
|
|
\par Is this a "black box" test: __________________________________________________
|
|
|
|
\par
|
|
|
|
\par What is the policy regarding viewing data (including potentially sensitive/confidential data) on compromised hosts:
|
|
|
|
\par
|
|
|
|
\par _______________________________________________________________________
|
|
|
|
\par
|
|
|
|
\par _______________________________________________________________________
|
|
|
|
\par
|
|
|
|
\par _______________________________________________________________________
|
|
|
|
\par
|
|
|
|
\par
|
|
|
|
\par Will target personnel observe the testing team: _________________________________
|
|
|
|
\par
|
|
|
|
\par
|
|
|
|
\par \page
|
|
|
|
\par
|
|
|
|
\par ______________________________________________________________
|
|
|
|
\par Signature of Primary Contact representing Target Organization
|
|
|
|
\par
|
|
|
|
\par ____________________________
|
|
|
|
\par Date
|
|
|
|
\par
|
|
|
|
\par
|
|
|
|
\par
|
|
|
|
\par ______________________________________________________________
|
|
|
|
\par Signature of Head of Penetration Testing Team
|
|
|
|
\par
|
|
|
|
\par ____________________________
|
|
|
|
\par Date
|
|
|
|
\par
|
|
|
|
\par
|
|
|
|
\par If necessary, signatures of individual testers:
|
|
|
|
\par
|
|
|
|
\par ______________________________________________________________
|
|
|
|
\par Signature
|
|
|
|
\par
|
|
|
|
\par ____________________________
|
|
|
|
\par Date
|
|
|
|
\par
|
|
|
|
\par
|
|
|
|
\par ______________________________________________________________
|
|
|
|
\par Signature
|
|
|
|
\par
|
|
|
|
\par ____________________________
|
|
|
|
\par Date
|
|
|
|
\par
|
|
|
|
\par
|
|
|
|
\par ______________________________________________________________
|
|
|
|
\par Signature
|
|
|
|
\par
|
|
|
|
\par ____________________________
|
|
|
|
\par Date
|
|
|
|
\par
|
|
|
|
\par
|
|
|
|
\par ______________________________________________________________
|
|
|
|
\par Signature
|
|
|
|
\par
|
|
|
|
\par ____________________________
|
|
|
|
\par Date
|
|
|
|
\par }} |