The Ethical Hacker Network - Learning Phase on Pentest

vp75

Jr. Member

Offline

Posts: 78

Re: Learning Phase on Pentest - De-ICE

« Reply #15 on: July 15, 2011, 05:18:17 AM »

hi lorddicranius

I remember checking this dhcp in router (Its wireless and virgin media product uses netgear as far as i know), but i dont remember i can change or provide dhcp settings in router admin page (i may be wrong). But I did tried changing it from MAC network preference to use DHCP and it totally disconnected from router. (could be crazy thought Grin

)

So I will try it again at router end and give a shout...By the way some of my other queries has been answered by itself on your reply...(

). thanks mate.....

Cheers
Vp


	Logged

eCPPT

Grendel

Full Member

Offline

Posts: 241

Re: Learning Phase on Pentest - De-ICE

« Reply #16 on: July 15, 2011, 09:51:43 AM »

Another option is to put both the BT VM and the De-ICE VM images on NAT, and manually change the BT IP address to something like 192.168.1.10... They will talk to each other, assuming both VMs are on the same computer.


	Logged

- Thomas Wilhelm, MSCS MSM
ISSMP CISSP SCSECA SCNA IEM

Web Site:

http://HackingDojo.com

Author:

Professional Penetration Testing
Ninja Hacking
Penetration Tester's Open Source Toolkit
Metasploit Toolkit for Penetration Testing
Netcat Power Tools

Grendel

Full Member

Offline

Posts: 241

Re: Learning Phase on Pentest - De-ICE

« Reply #17 on: July 15, 2011, 09:54:22 AM »

Oh, an you can leave the router alone.


	Logged

- Thomas Wilhelm, MSCS MSM
ISSMP CISSP SCSECA SCNA IEM

Web Site:

http://HackingDojo.com

Author:

Professional Penetration Testing
Ninja Hacking
Penetration Tester's Open Source Toolkit
Metasploit Toolkit for Penetration Testing
Netcat Power Tools

vp75

Jr. Member

Offline

Posts: 78

Re: Learning Phase on Pentest - De-ICE

« Reply #18 on: July 15, 2011, 11:11:24 AM »

@Lord, based on your suggesstion, i checked up and seems only last octet i can enter it.....seems Virgin has done it in purpose.....(some forums does show by clearing dhcp cache i can change it, after all effort it didnt work on my router). By the way, when i changed lan ipaddress, i get error message as @Status: Invalid Lan IP address. The same as Wireless guest ip range@
its strange....

I will try with Grendel suggesstion, by the way, grendel, did you mean both BT & De-Ice on same Virtual rather separate?

Cheers
Vp


« Last Edit: July 15, 2011, 11:18:03 AM by vp75 »	Logged

eCPPT

hayabusa

Hero Member

Offline

Posts: 1630

Re: Learning Phase on Pentest - De-ICE

« Reply #19 on: July 15, 2011, 11:56:18 AM »

Grendel means that, in your VM solution (VMWare or whatever) you can put both VM's on the same Virtual network, which will route between them, independently of your physical router. (Like NAT or HOST ONLY configurations. You'll just have to configure the VM network to be on the 192.168.1.x subnet


	Logged

~ hayabusa ~

"All men can see these tactics whereby I conquer, but what none can see is the strategy out of which victory is evolved." - Sun Tzu, 'The Art of War'

OSCE, OSCP , GPEN, C|EH

vp75

Jr. Member

Offline

Posts: 78

Re: Learning Phase on Pentest - De-ICE

« Reply #20 on: July 15, 2011, 03:30:22 PM »

What on the earth is holding them (BT & De-Ice) atleast to wink eachother when put on NAT. Huh

both images or in Virtual Box , changed their network config to NAT, changed BT ipaddress to 192.168.1.10....it doesnt even wink ...(I hope that i havent missed anything)...

I spoke to my network provider, so pathetic that i cant change my ipaddress as i wanted...... Cry


	Logged

eCPPT

hayabusa

Hero Member

Offline

Posts: 1630

Re: Learning Phase on Pentest - De-ICE

« Reply #21 on: July 15, 2011, 07:53:13 PM »

So you ARE doing this on your internal network, right? You provider won't let you choose your internal scheme??? That's messed up... Either way, though, if your machines are local to each other, this shouldn't be giving you so much grief.


	Logged

~ hayabusa ~

"All men can see these tactics whereby I conquer, but what none can see is the strategy out of which victory is evolved." - Sun Tzu, 'The Art of War'

OSCE, OSCP , GPEN, C|EH

vp75

Jr. Member

Offline

Posts: 78

Re: Learning Phase on Pentest - De-ICE

« Reply #22 on: July 16, 2011, 03:51:54 PM »

hi guys,
Thanks for all your suggesstion, got more useful information in this process...
though the option i have chosen to overcome may / maynot not sound good Wink

, i have sorted the issue. Cheesy

I came across one of a blog , which gave information about the De-Ice pentesting practice...and thought of using it for my lab advantage , used it to login root & changed the ipaddress of de-ice to my range 192.168.0.20 and since my BT is also in 192.168.0.x range, now i'm able to work thru it.
But main objective of finding root password has been used already, i'm learning to find other vulnerability in it ....
I will keep updating about my progress & findings (hope it will be ok with you guys & grendel), if not will just provide my understanding as hints.....

[Currently running the medusa to find passwd for the couple of user in De-Ice] Password list is too big, seems i have to wait for 20mins/user....I believe using information thru (blog) Social Eng is also part of Pentest right...... Cool

Cheers
Vp


« Last Edit: July 16, 2011, 03:53:55 PM by vp75 »	Logged

eCPPT

Pages: 1 [2] Go Up

« previous next »