Alright, so since I've joined this site, I've redirected us some traffic (Hacked sites, redirect to our site). With that, I posted pictures of admin panels, basically proof of me hacking the site.
I've had people ask me for a tutorial on how to security test, so here it goes.
For the style of security penetration (for the tutorial we'll use the word testing which means the same thing) today I'll be teaching you how to check remote exploits on an IP.
This is basically, if you have an IP of a webserver (VPN) or someone elses IP (There computers IP) then you can check to see if it's vulnerable to any attacks.
To start, you're going to need a few tools:
1: Metasploit FrameWork
Download: http://www.metasploit.com/framework/download/
Description: Metasploit is basically a testing tool in which has a online DB of exploits, and when ran against certain machines (IP's) can be used to gain access.
2: Nmap
Download: http://nmap.org/dist/nmap-5.21-setup.exe
Description: Nmap is a tool in which is used to scan a host or IP, and it can be used to see open ports and services on a machine.
Now, after downloading both of those, your going to need to know how to use them.
First, were going to need our target.
I'm not going to post pictures, but you'll get the jist.
Picking a target, could be a website, VPN, IP, etc.
Once you have your IP, open up Nmap. Nmap has a very clean GUI, so at the top type in the IP and it'll run a scan.
You'll see open ports, and targets running on it.
This'll become useful in more advances tutorials later on.
Now that you have a scan completed it's time to use ****sploit.
Open ****sploit and start by typing:
Now, you should see the exploits available on the host (If they're any).
If there is, you'll now be able to connect and use things like DIR, CAT, Finger, etc.
This was written completely by me, feel free to post any questions, comments, ideas, etc
I've had people ask me for a tutorial on how to security test, so here it goes.
For the style of security penetration (for the tutorial we'll use the word testing which means the same thing) today I'll be teaching you how to check remote exploits on an IP.
This is basically, if you have an IP of a webserver (VPN) or someone elses IP (There computers IP) then you can check to see if it's vulnerable to any attacks.
To start, you're going to need a few tools:
1: Metasploit FrameWork
Download: http://www.metasploit.com/framework/download/
Description: Metasploit is basically a testing tool in which has a online DB of exploits, and when ran against certain machines (IP's) can be used to gain access.
2: Nmap
Download: http://nmap.org/dist/nmap-5.21-setup.exe
Description: Nmap is a tool in which is used to scan a host or IP, and it can be used to see open ports and services on a machine.
Now, after downloading both of those, your going to need to know how to use them.
First, were going to need our target.
I'm not going to post pictures, but you'll get the jist.
Picking a target, could be a website, VPN, IP, etc.
Once you have your IP, open up Nmap. Nmap has a very clean GUI, so at the top type in the IP and it'll run a scan.
You'll see open ports, and targets running on it.
This'll become useful in more advances tutorials later on.
Now that you have a scan completed it's time to use ****sploit.
Open ****sploit and start by typing:
Code:
Db_create (This creates a database in which the scans will be held)
Now your going to do your Nmap scan within ****sploit. (Type db_nmap -sT -sV 192.*.*.*)
Now once the scan is complete you need to type db_autopwn -p -t -e and it'll run all the exploits.Now, you should see the exploits available on the host (If they're any).
If there is, you'll now be able to connect and use things like DIR, CAT, Finger, etc.
This was written completely by me, feel free to post any questions, comments, ideas, etc
