# Window Security Lab

----------------------------------------------------------------------------------------------------------------------------------------------------------
## Phase 1: Weak System

### Objective:
    In the objective of this labe we will create a vulnerable Winddows system and verify access from a Kali Linux attacker machin

### What I Did
    1. Configured Windows and Kali on the same internal network
    2. Disabled firewall and security protections on Windows
    3. Enabled file sharing with no authentication
    4. Created a share folder (Shared Lab)

### Attak Steps
    1. Scanned targets using nmap command
    2. Enumerated SMB shares
    3. Accessed the shared folder without any credentials

### Key Results
    1. Port 445 (SMB) was open
    2. Shared resources were accessible without authentication 
    3. Successfully accessed the system from Kali Linux machine

### Risk
    These type of Window configuration allows unathorized user to access files without credentials which can cause high risk security issues.
----------------------------------------------------------------------------------------------------------------------------------------------------------

## Phase 2: Authentication

### What Changed
    1. We turned ON password protected sharing
    2. Created a user: labuser

### What I tested

1. Anonymous access (no login)
       smbclient -L 192.168.10.10 -N -m SMB2
    #### Results: Access Denied

2. Access with login 
    smbclient -L 192.168.10.10 -U labuser -m SMB2
    #### Result: SharedLab is visible

3. Enter the shared folder
    smbclient//192.168.10.10/ShatedLab -U labuser -m SMB2
    #### Result: Access Successful

### What I Learned
    1. Authentication blocked the unathorized user
    2. Valid credntials allow access
    3. Security controls change how the system behaves