[Gloucs] Virtual hacking

Will Rendell b19wll at gmail.com
Fri Oct 22 09:20:31 UTC 2010


Hi Matt (GnackTrack Matt)

I have a few questions re Gnacktrack, I woke up at 4am and could not get
back to sleep, so I read this post and had a look at your site. I have
downloaded the live iso and have had a little play with it. So far all I
have done is arp-scan and nmap via the terminal and I am amazed what
information can be found out!

I am at a loss on what to do with the info, in terms of running a
penatration test against some of my devices on my LAN. Do you have a simple
howto guide maybe or is it just a case of fiddling?

Many thanks


Will

On 21 October 2010 17:42, Matthew Phillips <phillips321 at gmail.com> wrote:

> Hi Matt,
>
> First of all using a telnet client is a good way to fingerprint a service
> such as the 3 you have found, but an even better way to automate the finger
> printing would be to use the nmap -A flag or simply use amap as thats a
> purpose build fingerprinting tool.
>
> The main issue is that each service will have different ways of
> communicating.
>
> For example to communicate with a HTTP service try the following:
>
> GET / HTTP/1.1[enter]
> [enter]
> [enter]
>
> (make sure you press enter twice as it looks for a two next line
> characters)
>
> Your best bet for now would be to download and install nessus. It's a
> vulnerability exploitation tool. If you download GnackTrack it already
> comes
> bundled, you'll just have to registyer for a free home feed to get the
> plugins (http://www.nessus.org/plugins/?view=homefeed)
>
> Then run nessus against your windows XP target.
> A demo of nmap, nessus and then metasploit to control the target is here:
> http://www.youtube.com/watch?v=Bpafg8WQSqk (i recorded this before the
> last
> LUG talk in case something went wrong on the night. - watch in 720p to see
> the text)
>
> If you want to target web applications directly it's worth downloading
> wackopicko which is a vulnerable web application(it will be your target), a
> vmware and livecd copy can be found on the gnacktrack website.
>
> Hope this helps
>
> Matt
>
> P.s. All of the apps mentioned above are preinstalled in GnackTrack, sorry
> for the shameful plug ;-)
>
> On 21 October 2010 17:30, matt robbins <mrrobbins1 at live.co.uk> wrote:
>
> >
> > Hi Guys,
> >
> > I've been attempting "hacking" into my windows xp os using my "virtual"
> > linux ubuntu package.
> > when I scanned with nmap it gave me 3 open ports, 139, 135 and 2869
> > I then used Telnet to connect to the following ports and got these
> results;
> >
> > port 135 hangs when i try to connect to it
> > port 139 disconnects me
> > port
> >  2869 is http but i have not a clue what commands to use and how i
> > should use them, I tried regular html etc but that did not work, it just
> >  disconnected me back to the linux ubuntu terminal program.
> >
> > Any
> > help would be appreciated as i am trying to learn more about security. I
> >  thought the best bet would be to go on the "offensive" and learn to
> > hack succesfully against myself for a while using different methods,
> > then eventually I could go on the defensive and learn about preventative
> >  measures and test them against myself etc.
> >
> > Regards,
> >
> > Matt R
> > _______________________________________________
> > gloucs mailing list
> > gloucs at mailman.lug.org.uk
> > https://mailman.lug.org.uk/mailman/listinfo/gloucs
> >
> _______________________________________________
> gloucs mailing list
> gloucs at mailman.lug.org.uk
> https://mailman.lug.org.uk/mailman/listinfo/gloucs
>



-- 
William Rendell
Web Site: www.williamrendell.com


More information about the gloucs mailing list