Jump to content

agentaika

Active Members
 View Profile  See their activity

  • Posts

    32

  • Joined

  • Last visited

 Content Type 

Posts posted by agentaika

    Linux Conversion

    in Questions

    Posted

    actually those distro's are just as good as ubuntu just easier for the windows convert. building linux from scratch or a minimal install like debian is a great learning process.

    Not everyone has the time or the need to learn all of the ins and outs of their operating system. Sure, they should know some basics, but they really don't need to know how to compile programs from source, or add repositories through the command line. An operating system should help us get our work done. It shouldn't give us more work to do.

    Ubuntu is prone to breaking due to the level of user interaction, If you need to compile applications for your environment you'll have greater control over everything compared to the automated RPM/DEB etc

    I installed Ubuntu on my mother's computer and she uses it with no problem. :lol:

    Confirming Security of a Server

    in Security

    Posted

    if you have physical access to the computer then just usbhack him.

    That might go against the point of the test. :lol: We're trying to verify the security of his online server. But I'll still be able to make use of the information you've provided. Maybe I should give USBSwitchblade a second look.

    Thank you.

    odds are good your not going to be successful with hydra your better off using some exploit.

    Running an exploit is the only way to get unauthorized access to someone's computer?

    I find it so odd that someone like me, who has been using computers since the 80s, is having a hard time understanding this when 12 year olds today are able to hack without any problem. :( What in the hell are these kids reading? I want that. lol.

    pr just pack your trojan into some file he will open. then email it to him or trick him into opening it by binding it to another exe...

    Oh noes. This is a white hat attack. I don't want to do anything that could do serious damage.

    Linux Conversion

    in Questions

    Posted

    I could never understand why someone would recommend something like Debian, Fedora, and (especially) Slackware to someone who is new to Linux. I've been using Linux for many years now and I still have problems with those distros. Ubuntu is the epitome of ease. It's the only distro worth recommending to those who just want to get their work done, and would rather not spend too much time tinkering with settings.

    http://distrowatch.com/

    Quality Books on Hacking

    in Security

    Posted

    Thanks for the replies.

    First of all reading about it practical techniques will only help you so much. You need to work with the skills to master them. I would tell you though attack your own stuff. Setting up a Server, breaking into it, then fixing it will show you 3 points to learn from. But 2 books right off the top of my head are "Hacking Exposed 5th Edition" and "Gray Hat Hacking the Ethical Hacker's Handbook" I would at least get a firm basis in at least one programming lang. plus a firm understanding of computers and networking.

    I'm not looking to make a career out of hacking. I just want to help my cousin with the security on his server, and move on. lol. What ever knowledge I gain I'll likely use for something else. Or maybe I could do a little white hat hacking on the side? I don't know. But right now I would prefer a book that just, flat out, told me how to hack, step by step. I learn best by watching examples, and then filling in the details later. And regarding programming, I already know Python and some C++.

    Any documentation on the tools you will be using is a must. Before I even started trying to crack WEP keys I read through the documentation, same with metasploit.

    DVM is also a OK start if you have an extra machine laying around.. Go ahead and install windows SP1 on it and load it full of vulnerable programs. Get a reverse shell and add a user, then move on to bigger and better things.

    I'll give this a try.

    Confirming Security of a Server

    in Security

    Posted

    Just a quick question, if you're not on the same network. How will you be able to monitor his outgoing and ingoing traffic without the use of a RAT or something simular.. :blink:

    Enlighten me.

    I don't know. That is why I made this thread.

    Take over the first router that connects him to the internet and have it duplicate all the traffic to and from him at your IP.

    Which program would I use?

    Here is the workflow I've figured out so far.

    Conceal Identity

    - I won't need to conceal my identity for this test.

    Exploitation

    - Use nmap and hping to get information (OS, software, etc) about Victim

    - Go to milworm, or a similar site, to find exploits for software used by Victim

    - Apply exploit using Metasploit

    - Backdoor the Victim using socat

    - Transfer files using --??--

    - Upload a trojan (it'll just be a text file) to create a permanent backdoor for next hack

    - Clear the Victim's log so actions won't be cataloged using --??--

    Administrator Access

    - Use nmap and hping to get information (OS, software, etc) about Victim

    - Use THC-Hydra to crack administrator password

    - Backdoor the Victim using socat

    - Transfer files using --??--

    - Upload a trojan to create a permanent backdoor for next hack

    - Clear the Victim's log so actions won't be cataloged using --??--

    Confirming Security of a Server

    in Security

    Posted

    Yup, you are right. First scouting then determine what route to take and go for the kill :)

    A promising tutorial I recently found is : http://synjunkie.blogspot.com/2008/11/stor...hack-intro.html , it shows you step by step how to try and break security or finding the weak link in their infrastructure.

    Oodalalee! This is exactly what I need right now.

    -THC-Hydra is a tool you can use, but such an attempt will be logged ...

    For this test that might actually be a good thing. We'll be able to both look through the logs and see what I did wrong, and what he did wrong.

    -Therefor you need to look around for some basic windows tools like 'Net' (http://www.ss64.com/nt/net_share.html) and for the rest browse this forum a bit and use google (he is your friend)

    log your progress and show it here.

    Will do.

    Thanks again.

    Transferring files with SSH

    in Questions

    Posted

    Of course there is..

    But not the way you want to..

    Stop watching Hollywood movies that include hacking.. (Eg. Most of them :P)

    Just install a SSH daemon onto the target host & go nuts.\

    And don't use Ubuntu either.

    But wouldn't I need permission to install SSH onto the target? I apologize for not explaining the point of my question before hand, but my question relates to a hacking test that I'm doing for my cousin. Before he goes public with his site, he wants to see if I can hack it.

    connecting via ssh is possible without putting in a password if you do it correctly. There is still some "authentication" yet its done behind the scenes

    heres a link that shows you how its done.

    http://wp.uberdose.com/2006/10/16/ssh-automatic-login/

    as far as sending files without authenticating... its never recommended but in some cases you may want to do this... the best way i can think of is to use netcat it isnt secure by any means but like i said sometimes its easier to just do it this way... ive done it before when dd'ing a hardrive image over the network to store it on another computer....

    http://linux.byexamples.com/archives/227/c...le-with-netcat/

    netcat looks very promising. Thank you for the link. I'll look into it later today.

    Thank you all for your replies.

    Any additional information is welcome.

    Transferring files with SSH

    in Questions

    Posted

    Why did a thread about SSH clients turn in to accessing a remote computer without authenticating?

    Someone told me this was possible.

    Just because a port is open doesn't mean a daemon/service is listening..

    So there is no way to upload a file to someone's computer, or download a file from their computer, without authenticating?

    Transferring files with SSH

    in Questions

    Posted

    That would be why it isn't working.

    Goodness.... :lol:

    If I wanted to get remote access of a Windows computer without the admin's permission using Backtrack Linux, what would I need to use? My guess is that I would have to start with a scan using nmap and/or hping, look for open ports and vulnerabilities, and then do a dictionary attack using THC-Hydra. I just don't know what to do after this point.

    My goal is to crack the admin's password, upload a text file into the c:/ folder, and download a file from the system32 folder. I want to do this for a test that I explained in detail here in this thread.

    Transferring files with SSH

    in Questions

    Posted

    Ugg... This is so overly complicated...

    For the last 40 minutes now I've been trying to log into my own ftp using PuTTY, pscp, and psftp, but I keep getting "connection refused" and other error messages.

    Is there an easy way to and transfer files to and from a remote computer using ssh and the command terminal in Linux? In a perfect world the command SHOULD read 'sshlogin username:password@55.123.55.12 upload /home/me/test.txt to c:/temp' but, of course, none of the examples I've found give anything this clear. :angry: lol

    Transferring files with SSH

    in Questions

    Posted

    I'm having a hard time finding a direct example on how to do this.

    If I wanted to upload a file to someone's computer [FROM /home/me/file.txt --> TO c:/windows/], or get a file from someone else's computer [TO /home/me/ <-- FROM c:/windows/file.txt] what would I need to type in?

    I use Backtrack 3 for my penetration tests.

    Confirming Security of a Server

    in Security

    Posted

    Thanks a lot for painting a clear picture of what I need to do, Jayze.

    So, basically, to perform these tests I'll need to first gather information about his server with a program like nmap, look on a site like milworm for exploits to apply, and then apply those exploits with metasploit to gain root access. Once I get root access, I'll be able to upload a trojan (for the test it'll just be a text file saying "PWNED"), try to download some password hashes, clear the logs to cover my tracks, and then log out.

    If I have this right, I think I only have 2 questions remaining:

    - Could I also gain root access by cracking his admin password with a program like THC-Hydra?

    - What would I use to log into, and browse, the "Victim's" computer?

    Confirming Security of a Server

    in Security

    Posted

    Perhaps this is a shot in the dark and a little off the topic but why Apache services on a Win server? Isn't that kind of what IIS is built for?

    I don't know. I'm not even 100% sure if Apache is what he plans on using. But I do know he plans on setting everything up in Windows because that is the operating system he knows best. Personally, I would use Linux.

    Confirming Security of a Server

    in Security

    Posted

    When you run nmap against them it should fingerprint the OS. If he was running them in a VM it is a little more difficult. Some one i know was looking at a server the other day and the way the traffic was being routed made it impossible to finger print it.

    I don't believe he'll be running the servers from a virtual machine.

    Wow don't hear that often, and thank you kind sir!

    :)

    Seems that this purpose is exactly what Backtrack 3 is built for. Plenty of fun scanners and injectors.

    I've noticed, and I just recently noticed that its categories are listed in order of operation. That is very helpful.

    But you'd better get it in writing that your cousin authorizes this activity. You may find yourself thrown to the squad car in this kind of situation, and a piece of paper that says you're legit may be a real asset in such an event.

    lol. He has something better planned. He's going to record a video using his webcam giving me permission to do white hat hacking to his server. :) But I appreciate the warning.

    Thanks folks.

    Confirming Security of a Server

    in Security

    Posted

    Blocking single IPs once the penetrate your server is useless, one can simple hop on a unsecured wireless network and do there bidding from there after they have ran nmap on your network. Once your server has been compromised your pretty much fucked, unless you have off site backups that the attacker couldn't get a hold of.

    He does plan on doing regular backups of important data.

    What OS are the servers you are trying to test?

    They're Windows servers, but when I do the tests, I'm going to "attack" as if I don't know this.

    What are they running: Apache version? SQL? Drupal? ect...

    Apache.

    Are multiple computers hosting the site(topography or the network)? I.E. you > internet > switch > router > servers OR you > internet > switch > computer ect.

    He lives in a different state so we're not directly connected on the same network.

    Reason for asking is that there are exploits for switches and routers, once you gain root on one of them you could easily modify a firmware to do your bidding-forward traffic, ddos, ect.

    I didn't know that.

    Thank you for your reply.

×
×
  • Create New...