 |
| |
| |
|
Who's Online |
|
We have 34 guests and 1 member online |
|
| |
|
|
 |
|
EH-Net
|
|
May 26, 2013, 12:34:09 AM
|
 Show Posts
|
|
Pages: [1] 2 3 ... 24
|
|
1
|
Ethical Hacking Discussions and Related Certifications / Web Applications / Re: Nessus and Nikto
|
on: May 17, 2013, 04:19:50 AM
|
i can't watch that movie IDK why anyway: is network established between you and the target? can you ping it? Can you scan the target with nmap? Is your target on internet? if it is: Are you behind any firewall? If you are, try this scan: nmap --scanflags SYNFIN <Target IP address> This may bypass the firewall. Always scan the server using IP address because they may implemented network load balancing so you may scan different servers each and every time. Is your target in a virtual lab? if it is: Make sure that you attack system and server are using a same network adapter otherwise they can't connect to each other. check your IP addresses for both systems i hope this info can be helpful if not tell me i will watch the vidoe. |
|
|
|
|
3
|
Ethical Hacking Discussions and Related Certifications / Social Engineering / Re: Friends of Friends on Facebook
|
on: April 27, 2013, 01:07:26 AM
|
|
i don't know any tool but i think it's not easy and you won't be able to find those people for example who sets his/her friend list on only me to see the list or someone who is not searchable on fb and so on. It needs alot of work.
Create an attractive fake person on fb and send him/her friend request, if you failed, then try to send friend request to his/her friends
Anyway i hate client side attacks it is not technical!!
|
|
|
|
|
6
|
Resources / Tutorials / Re: Where is the router/firewall??!!!!!
|
on: April 20, 2013, 07:14:13 AM
|
Switches and routers are Layer-2 and -3 devices, respectively, and do not use TCP or UDP ports to operate. Anything at a higher level than the frame or packet is simply seen as the data payload.
Well, Well, yup that is right TCP/UDP ports are for higher levels in osi or tcp/ip models and i already know that. As i mentioned before they are using cisco stuff and It's better to configure your Cisco device to accept the ssh or at-least telnet connections for later configs because the router/switch is in server room there is so cold and it is hard to config the switch using consol cable, that is why i thought it's strange for a router. anway thanks for your info. |
|
|
|
|
7
|
Resources / Tutorials / Re: Where is the router/firewall??!!!!!
|
on: April 19, 2013, 01:14:45 PM
|
It may not matter. The purpose of identifying the customer's routers and switches is to see if you can attack an administrative port (ssh, telnet, and/or snmp). Otherwise, just keep moving on.
BTW, we discuss that in the Nidan class.
Hi Thomas. How are you? Thanx for your help i know that, your are right and i don't know cisco hacking but i am really curious to know what those devices are i think they are routers not firewalls but why they dont have any open ports. Anyway thanks i'll go to the next stage |
|
|
|
|
8
|
Resources / Tutorials / Re: Where is the router/firewall??!!!!!
|
on: April 19, 2013, 08:11:13 AM
|
|
Wait Wait Wait!!!
The problem is solved i have found a 20 range of their public ip address, seven of the are up 5 of that 7 are servers with alot of same configs and 2 of that 7 are Cisco devices there is no open TCP ports on that two but nmap aggressive scanning says tat they are cisco devices
now tell me please
1- how can i find which of them is router or switch?
2- how can i which network they are routing
please help i have complete the project three days later. thanks
|
|
|
|
|
9
|
Resources / Tutorials / Where is the router/firewall ??!!!!!
|
on: April 19, 2013, 07:03:03 AM
|
Hey my best friends i am in middle of a pentest for my cousins company and iam using ISSAF according to hackingdojo shodan. i've done these phases: -Passive info gathering -network mapping: - identifying live hosts (ok)
- TCP/UDP Port scanning (OK)
- Banner Grabbing (OK)
- P/A OS Guessing (OK)
but now i am in identifying router or firewall stage. i performed a traceroute to the target but after some hops i see all stars because those hops doesn't respond to ICMP packets. now what? how can i identify routers?? pLEaaAse help!! |
|
|
|
|
10
|
Resources / Tutorials / Re: SQL injection
|
on: April 19, 2013, 06:49:05 AM
|
hmm I would say learn SQL you may not have time but being pen tester I think is about being professional. Trying find a tool that you can just run and hope it works is just so wrong. You going to run a tools that you don't really understand how it works and what is it doing. How do you know it wont break the database.
I not saying you have to be a complete expert at it but least understand the basic behind SQL I don't think learning the basic takes that much time.
I also not sure any of the De-ice disk have SQL injection in them
I would not recommend hitting you mates website
If you want to try SQL DVWA has some in and Webgoat does they are pretty basic to find.
I would agree with MaXE use SQLMAP but this does mean you have to understand SQL its not a click click win tool.
I agree with you man and will learn sql and sql injection too. yup password cracking is the only way to go for de-ice disk thomas told us in hacking dojo class too. sql is not that hard right but for some one like me who works and studies all the time, it is hard i should plan to make some free time to learn that. anyway thanks alot |
|
|
|
|
11
|
Resources / Tutorials / Re: SQL injection
|
on: April 19, 2013, 02:26:05 AM
|
Havij is a script kiddie tool just like Pangolin is, except Havij is more widely used by script kiddies especially in the middle east. A pro tool, which can do a lot more, but is also a lot harder to use is sqlmap.
However, using a tool only, without knowing what causes SQL Injection, how to fix it (in the code!) and how to test manually will not teach you anything, and thus you will always be a script kiddie unless you know the cause, remediation and how to test all types of SQL Injection vulnerabilities manually.
Sometimes the tools simply won't work, and then you have to test manually as a penetration tester.
Yup your totally right but I was at the middle of penetration testing and I had no time to see what sql injection is how to work with sqlmap and so on. But now l am learning some other pentesting lessons I WILL LEARN sql injection after that thank you |
|
|
|
|
12
|
Resources / Tutorials / SQL injection
|
on: February 16, 2013, 02:36:07 PM
|
hi there I wanna try sql hacking and i have there choices Metasploitable De-ice.net My friend's website Well, i wanna try all and i'm using Havij program as injector. But i think we need a url like this www.test.com/index.php?id=123But how can i find the url for metasploitable or de-ice. I think i can use google dorks to find the url for my friend's site but how? I'll be so thankful if you tell me. |
|
|
|
|
13
|
Resources / Tutorials / Re: introduce me exploitation books
|
on: February 04, 2013, 03:45:22 PM
|
|
so you wanna say most or its better to say all of exploits are in assembly?
Ok if you say i accept because i have no experience with exploitation. But i bought hacking AOE it teachs programming part all C and a little bit of assembly(however idk exactly because i didn't read it i just read the table of content) but if i am right tell me why it doesn't teach asembly instead of c its harder it needs more time.
Thanks for your help
|
|
|
|
|
14
|
Resources / Tutorials / Re: introduce me exploitation books
|
on: February 04, 2013, 02:10:16 PM
|
Well, I don't know assembly  so it is not useful for me You're going to need to learn it then. Just because an exploit is written in C, Python, Perl, Ruby, etc., doesn't mean that assembly isn't involved. More often than not, those are just the deliver mechanism for the exploit. You're going to have to get comfortable working in a debugger and understanding assembly. There's no way around it. So ture. I said i have no time to learn assembly for now. I just wanna learn to write some exploits with c then after a while i am going to learn assembly. Its better for me atleast i can write exploits with c |
|
|
|
|
15
|
Resources / Tutorials / Re: introduce me exploitation books
|
on: February 04, 2013, 07:47:20 AM
|
Open Security Training is like gold given for free but sadly the videos are wayyy tooo gigantic and the classes are in Assembly.
Well, I don't know assembly so it is not useful for me |
|
|
|
|
Loading...
|
|
|
|
OSCP - Offensive Security Certified Professional : Failed my first attempt at the OSCP exam
