The IP address you posted is public. Probably not a good idea to post that, especially if it has been purposely left open for your class to get in. So hope you don't mind that I removed it.

Speaking of which, try putting http://<removed ip address> in your browser and see what comes up. This will give you a clue on how to proceed.

Other than that, it wouldn't be fair if we got your A for you, now would it? 

Don

Don, thank you for your reply.


No, it is fair. Professor said that we can use any sources to do that. He'll give us an A if we can demonstrate it how we did it. (If you want, I can give you he's e-mail to prove it, but I think it is not necessary)

By the we on that server he's hosting he's own website, here is how you can get there:

http://<removed ip address>/~hlin/sec370.htm

I know that there is Red Hat linux and Apache server, but I don't know what I can use to do that. 



Telnet port is closed

i sent  you a PM but for everyone else and since its for a class and for you to learn.

start with a FULL port scan and service  version id of the IP

nmap -A x.x.x.x -p 1-65535

so things to look at  would be what versions of SSH, FTP, and apache is the box running and what kernel version is it.  that will help us get you started and help you narrow down your search for usable exploits.

-chris

Hey maksimu,

Looks like you've been given pretty good advise to get yourself started with this project of yours. You said you're new to this so I thought I would suggest you google for an exploit or vuln on whatever version of FTP, SSH, etc.. that you find through your nmap scan. You can also search with your results via Metasploit, mimlw0rm or a number of other exploit publishing sites.

Good luck!

Dear,

you need to come out of the world of Security and Hacking, and have a look at exploits and developments of Shellcodes, also you can keep an eye on major 0-day vulnerabilities listings.

see, to make u understand better, it depends on what OS is running on the he's OS /PC/Server, then u also need the open ports, along with this u will need the most accurate Service information running on those specific open ports, now with armed with all this information , you can now start your hunt , since you are not into hacking, so you can try to search exploits or shellcodes for those services which are found running.

if you are a lucky one , you may find a couple or four, and then you can obtain a shell/root/admin/user privileges and if it is just user level rights, then u may need to escalate your privileges to that of an Admin/root.

Hope this will help you in understanding how to hack/get into he's computer/pc/server.


Thanks

Nitin Kushwaha

India