[Gloucs] Virtual hacking

matt robbins mrrobbins1 at live.co.uk
Fri Oct 22 13:41:36 UTC 2010 

Hi Matt,

Actually scrap the part I put regarding the Ubuntu install, I looked it up and I need to somehow obtain Ubuntu Netbook.

I have Metaspoit installed on my windows xp os but when i run the metasploit console it seems to take an age to "configure user permissions for first run" any idea why?

Regards,

Matt R


> From: mrrobbins1 at live.co.uk
> To: gloucs at mailman.lug.org.uk
> Date: Fri, 22 Oct 2010 10:54:15 +0100
> Subject: Re: [Gloucs] Virtual hacking
> 
> 
> Hi Matt,
> 
> Thanks for that, its really useful!
> 
> I'm about to download and install nessus and also run that get html command on my http port.
> 
> Only thing is I can't download the GnackTrack even though i would love to because I only have a limited download size left this month.
> 
> I installed ubuntu using Virtual Box, the iso i actually downloaded for ubuntu was: Ubuntu 10.10-alternate-i386.iso. I actually tried installing it directly from usb stick (after I used PE Builder to "attempt" to build a bootable copy onto the usb stick) but it has a problem with the CD Drivers in part of the installation process. I am using a Samsung Notebook so I do not have a cd player.
> Is there an easier way to install it as I have a spare partition of atleast 20gigs ready and waiting for when i manage to install it.
> 
> Regards,
> 
> Matt R
> 
> > Date: Thu, 21 Oct 2010 17:42:58 +0100
> > From: phillips321 at gmail.com
> > To: gloucs at mailman.lug.org.uk
> > Subject: Re: [Gloucs] Virtual hacking
> > 
> > Hi Matt,
> > 
> > First of all using a telnet client is a good way to fingerprint a service
> > such as the 3 you have found, but an even better way to automate the finger
> > printing would be to use the nmap -A flag or simply use amap as thats a
> > purpose build fingerprinting tool.
> > 
> > The main issue is that each service will have different ways of
> > communicating.
> > 
> > For example to communicate with a HTTP service try the following:
> > 
> > GET / HTTP/1.1[enter]
> > [enter]
> > [enter]
> > 
> > (make sure you press enter twice as it looks for a two next line characters)
> > 
> > Your best bet for now would be to download and install nessus. It's a
> > vulnerability exploitation tool. If you download GnackTrack it already comes
> > bundled, you'll just have to registyer for a free home feed to get the
> > plugins (http://www.nessus.org/plugins/?view=homefeed)
> > 
> > Then run nessus against your windows XP target.
> > A demo of nmap, nessus and then metasploit to control the target is here:
> > http://www.youtube.com/watch?v=Bpafg8WQSqk (i recorded this before the last
> > LUG talk in case something went wrong on the night. - watch in 720p to see
> > the text)
> > 
> > If you want to target web applications directly it's worth downloading
> > wackopicko which is a vulnerable web application(it will be your target), a
> > vmware and livecd copy can be found on the gnacktrack website.
> > 
> > Hope this helps
> > 
> > Matt
> > 
> > P.s. All of the apps mentioned above are preinstalled in GnackTrack, sorry
> > for the shameful plug ;-)
> > 
> > On 21 October 2010 17:30, matt robbins <mrrobbins1 at live.co.uk> wrote:
> > 
> > >
> > > Hi Guys,
> > >
> > > I've been attempting "hacking" into my windows xp os using my "virtual"
> > > linux ubuntu package.
> > > when I scanned with nmap it gave me 3 open ports, 139, 135 and 2869
> > > I then used Telnet to connect to the following ports and got these results;
> > >
> > > port 135 hangs when i try to connect to it
> > > port 139 disconnects me
> > > port
> > >  2869 is http but i have not a clue what commands to use and how i
> > > should use them, I tried regular html etc but that did not work, it just
> > >  disconnected me back to the linux ubuntu terminal program.
> > >
> > > Any
> > > help would be appreciated as i am trying to learn more about security. I
> > >  thought the best bet would be to go on the "offensive" and learn to
> > > hack succesfully against myself for a while using different methods,
> > > then eventually I could go on the defensive and learn about preventative
> > >  measures and test them against myself etc.
> > >
> > > Regards,
> > >
> > > Matt R
> > > _______________________________________________
> > > gloucs mailing list
> > > gloucs at mailman.lug.org.uk
> > > https://mailman.lug.org.uk/mailman/listinfo/gloucs
> > >
> > _______________________________________________
> > gloucs mailing list
> > gloucs at mailman.lug.org.uk
> > https://mailman.lug.org.uk/mailman/listinfo/gloucs
>  		 	   		  
> _______________________________________________
> gloucs mailing list
> gloucs at mailman.lug.org.uk
> https://mailman.lug.org.uk/mailman/listinfo/gloucs

More information about the gloucs mailing list