[Gloucs] Virtual hacking
Will Rendell
b19wll at gmail.com
Sat Oct 23 10:26:47 UTC 2010
Matt
I have just played with wifite and it captured my handshake, on opening the
xxxxx.cap file with nano it was not clear where my paraphrase was. It was
just pages and pages of random strings of text. Should I be opening the cap
file with another app?
I have loaded gnacktrack on my little acer aspire one, when I run arp-scan
-l it won't run as it can't find an ip on eth0, as I am using wlan0 what do
I need to change to get it running with my WiFi
Thanks
Will
On 22 Oct 2010 14:41, "matt robbins" <mrrobbins1 at live.co.uk> wrote:
>
> Hi Matt,
>
> Actually scrap the part I put regarding the Ubuntu install, I looked it up
and I need to somehow obtain Ubuntu Netbook.
>
> I have Metaspoit installed on my windows xp os but when i run the
metasploit console it seems to take an age to "configure user permissions
for first run" any idea why?
>
> Regards,
>
> Matt R
>
>
>> From: mrrobbins1 at live.co.uk
>> To: gloucs at mailman.lug.org.uk
>> Date: Fri, 22 Oct 2010 10:54:15 +0100
>> Subject: Re: [Gloucs] Virtual hacking
>>
>>
>> Hi Matt,
>>
>> Thanks for that, its really useful!
>>
>> I'm about to download and install nessus and also run that get html
command on my http port.
>>
>> Only thing is I can't download the GnackTrack even though i would love to
because I only have a limited download size left this month.
>>
>> I installed ubuntu using Virtual Box, the iso i actually downloaded for
ubuntu was: Ubuntu 10.10-alternate-i386.iso. I actually tried installing it
directly from usb stick (after I used PE Builder to "attempt" to build a
bootable copy onto the usb stick) but it has a problem with the CD Drivers
in part of the installation process. I am using a Samsung Notebook so I do
not have a cd player.
>> Is there an easier way to install it as I have a spare partition of
atleast 20gigs ready and waiting for when i manage to install it.
>>
>> Regards,
>>
>> Matt R
>>
>> > Date: Thu, 21 Oct 2010 17:42:58 +0100
>> > From: phillips321 at gmail.com
>> > To: gloucs at mailman.lug.org.uk
>> > Subject: Re: [Gloucs] Virtual hacking
>> >
>> > Hi Matt,
>> >
>> > First of all using a telnet client is a good way to fingerprint a
service
>> > such as the 3 you have found, but an even better way to automate the
finger
>> > printing would be to use the nmap -A flag or simply use amap as thats a
>> > purpose build fingerprinting tool.
>> >
>> > The main issue is that each service will have different ways of
>> > communicating.
>> >
>> > For example to communicate with a HTTP service try the following:
>> >
>> > GET / HTTP/1.1[enter]
>> > [enter]
>> > [enter]
>> >
>> > (make sure you press enter twice as it looks for a two next line
characters)
>> >
>> > Your best bet for now would be to download and install nessus. It's a
>> > vulnerability exploitation tool. If you download GnackTrack it already
comes
>> > bundled, you'll just have to registyer for a free home feed to get the
>> > plugins (http://www.nessus.org/plugins/?view=homefeed)
>> >
>> > Then run nessus against your windows XP target.
>> > A demo of nmap, nessus and then metasploit to control the target is
here:
>> > http://www.youtube.com/watch?v=Bpafg8WQSqk (i recorded this before the
last
>> > LUG talk in case something went wrong on the night. - watch in 720p to
see
>> > the text)
>> >
>> > If you want to target web applications directly it's worth downloading
>> > wackopicko which is a vulnerable web application(it will be your
target), a
>> > vmware and livecd copy can be found on the gnacktrack website.
>> >
>> > Hope this helps
>> >
>> > Matt
>> >
>> > P.s. All of the apps mentioned above are preinstalled in GnackTrack,
sorry
>> > for the shameful plug ;-)
>> >
>> > On 21 October 2010 17:30, matt robbins <mrrobbins1 at live.co.uk> wrote:
>> >
>> > >
>> > > Hi Guys,
>> > >
>> > > I've been attempting "hacking" into my windows xp os using my
"virtual"
>> > > linux ubuntu package.
>> > > when I scanned with nmap it gave me 3 open ports, 139, 135 and 2869
>> > > I then used Telnet to connect to the following ports and got these
results;
>> > >
>> > > port 135 hangs when i try to connect to it
>> > > port 139 disconnects me
>> > > port
>> > > 2869 is http but i have not a clue what commands to use and how i
>> > > should use them, I tried regular html etc but that did not work, it
just
>> > > disconnected me back to the linux ubuntu terminal program.
>> > >
>> > > Any
>> > > help would be appreciated as i am trying to learn more about
security. I
>> > > thought the best bet would be to go on the "offensive" and learn to
>> > > hack succesfully against myself for a while using different methods,
>> > > then eventually I could go on the defensive and learn about
preventative
>> > > measures and test them against myself etc.
>> > >
>> > > Regards,
>> > >
>> > > Matt R
>> > > _______________________________________________
>> > > gloucs mailing list
>> > > gloucs at mailman.lug.org.uk
>> > > https://mailman.lug.org.uk/mailman/listinfo/gloucs
>> > >
>> > _______________________________________________
>> > gloucs mailing list
>> > gloucs at mailman.lug.org.uk
>> > https://mailman.lug.org.uk/mailman/listinfo/gloucs
>>
>> _______________________________________________
>> gloucs mailing list
>> gloucs at mailman.lug.org.uk
>> https://mailman.lug.org.uk/mailman/listinfo/gloucs
>
> _______________________________________________
> gloucs mailing list
> gloucs at mailman.lug.org.uk
> https://mailman.lug.org.uk/mailman/listinfo/gloucs
More information about the gloucs
mailing list