Download
hands on with backtrack n.
Skip this Video
Loading SlideShow in 5 Seconds..
Hands on with BackTrack PowerPoint Presentation
Download Presentation
Hands on with BackTrack

Hands on with BackTrack

169 Vues Download Presentation
Télécharger la présentation

Hands on with BackTrack

- - - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript

  1. Hands on with BackTrack Information gathering, scanning, simple exploits By Edison Carrick

  2. Starting up and Getting an IP • startx • ifup eth0

  3. The Tools • The ‘K Menu’ • That’s not all: • The `/pentest` directory

  4. netdiscover • ‘an active/passive address reconnaissance tool’ • Using ARP, it detects live hosts on a network.

  5. nmap • Nmap ("Network Mapper") is a free and open source commandline utility for network exploration or security auditing. • Extremely powerful. • Simple use: Nmap –v –A ‘v’ for verbosity and ‘A’ for OS/version Detection

  6. ZenmapNmap, but prettier • Zenmap is a GUI interface for nmap. • Easily detect OS, Services, TCP sequences and more with a click or two of a button.

  7. Exploits • Databases and Programs • ExploitDB • Metasploit • The internet • Exploit-db.com • Google

  8. Searching for a vulnerability • exploitDB • ./searchsploit • Googling • Conveniently Remote Exploit has included their exploitDB on backtrack. • Since we have a 2003 server lets search for 2003 vulnerabilities. • ./searchsploit 2003 • ./searchsploit 2k3

  9. Exploring and Testing a written Exploit • ‘cat’ perfect for viewing • Recognizing shellcode, and how the exploit runs. • Running the exploit • ./7132.py • Finding the usage

  10. Getting the Shell • ./7132.py 192.168.1.2 2 • Noticing that the exploit prints that the shell is bound to the server on port 4444. • Netcat- the tool for everything • nc –v 192.168.1.2 4444

  11. Prevention? • Keep servers and computers up-to-date and patched. • Use only services that are necessary, and disable the ones unneeded. • Using the default settings can be dangerous.

  12. More Information • NetDiscover- http://nixgeneration.com/~jaime/netdiscover/ • Nmap/Zenmap- http://nmap.org/ • http://www.exploit-db.com/ • http://www.metasploit.com/ • More on the MS08-067 vulnerability-MS08-067 • Background image for PowerPoint found at- xshock.de