All good! But you were half-right; I am the student, and it is indeed my task. =) And mine alone, since I am the only blind student in the class - its the alternative to the "physical hacking", if you will.
> Metasploit is mostly used for a weaponization and exploitation stages
Duely noted! That is what I had known about it too. But, as said, it's been a good while since I last put my eyeballs on it. Last time I had brought it up - here on Nostr, no less - I was told that it was "outdated". o.o
The stated goal of this assignment is to:
- Find any kind of data that a mere student shouldn't be able to find.
Granted, I _am_ allowed to utilize the full arsenal of my knowledge in Linux, networking and therein. So the goal given to me in particular is to:
- Find any kind of attack vector that would allow exfiltration of data that I shouldn't be able to get.
The class is about stuff like the GDPR and friends - and since the handling of private/sensitive data also includes securing it, this is where I come in to play. Simply said, I am supposed to pentest our school and see how much damage I can do by just hooking up my laptop to their LAN.
Assume this rather generic scenario: Dude walks in and masquerades as a student, plugs into a LAN outlet (theres more than enough of those around) and starts to "do stuff". I am supposed to do that stuff, and this is why I am looking into prepping.
Thank you for the pointers and insights, I will keep those in mind! :)
If you've got more, I'd be more than happy to have'em =)