I recently got my CEH cirtifcation and I'm on a penetratin test for a big company. While I was learning I watched quite a few videos to build my skills.

What does Rm -rf / do?

On this penetration test I was able to get access with help from the CEH book and mentioned tools, but now the system isn't responding to anything?!?

Please help. Did the system administrator see my activity and patch the exploit?

Of course, if you are asking this after just passing your CEH and already on a live pen test... this sounds like horrible news for your client.

Do you have permission on this network with a contract of some sort? Hopefully they put a scope on the project so that you and they both would know not to do something that destructive.

Don

lol...


'man' is not an exploit.. it was not patched. I honestly don't know how you got this far (is it really possible to pass the CEH without knowing what 'rm -rf' does?), but I would suggest contacting your client if you just ran that command and now the system is unresponsive....

edit: Sorry, forgot to mention.. in the event a system goes down like you've mentioned during a test, it's usually written in your papers to call your contact

I don't know the scope of your engagement, what you're testing, etc.

That in mind, I would suggest first contacting your boss and letting him/her know that one of the target systems has become unresponsive, and you think it's possibly due to what you have done.

Hopefully he/she will know where to go from there.

Bill I can not get in contact with my boss. I am the technical lead on this and when I called back to the company he was out.. They told me to call his wife if I needed to get in contact wtih him. When I did she responded hardly because he had just served her with divorce papers. Should I contact his boss? This is onlymy secod week at this job and I don't wan tto look bad.

deltree is a windows command, rm is a linux/unix command.  Lack of basic file manipulation command knowledge says you're out of your league.  And just because you can pass an exam doesn't necessarily mean you're qualified.  I mean, you admittedly executed a command you have *no* knowledge about... that's a huge no-no, even just in every-day computing.  That's how viruses start propagating, and rootkis get installed. 

I'm sorry, I don't want to be harsh, but I wouldn't plan on holding this job of yours for too long.  Doing something like this is going to show pretty blatant incompetence, and I'd bet a paycheck or two that your boss is going to quickly realize that you're not the best qualified candidate they interviewed.

Again, sorry to be so harsh, but reality is what it is.

if you are the tech lead and you did that, you need to be fired right now. pack your crap go home, get a new job. give the client a BIG apology.

lol... yup, in essence this is what I was alluding too, just didn't want to come out and say it well stated