.

[Article]-Video: The 15-Minute Network Pen Test Part 2

<<

don

User avatar

Administrator
Administrator

Posts: 4226

Joined: Sun Aug 28, 2005 10:47 pm

Location: Chicago

Post Thu Feb 26, 2009 1:04 am

[Article]-Video: The 15-Minute Network Pen Test Part 2

Hope the wait wasn't too difficult.  ;)

Permanent link: [Article]-Video: The 15-Minute Network Pen Test Part 2


Image


There are numerous tools used in the Penetration Testing (pen testing) process, and there are plenty of books that go into how to use the individual tools.  There are very few resources that discuss how the tools are used and how to approach the process.  Parts 1 and 2 encompass the basic outline of what was presented at a talk given to the Duke University ACM Chapter with some minor changes.

In Part 1, we took the viewer through the initial network recon stage through actual exploitation using Metasploit.  Initially the network is scanned through Nmap, and then continued with Nessus.  We importing the Nessus vulnerabilities directly into Metasploit, determined the corresponding modules for the specific host, then used the module to compromise a remote Microsoft Windows XP box.

Part 2 covers some of the post-exploitation tasks that a pen tester may use.  It begins with some basic Meterpreter tasks.  Meterpreter is a specialized pen testing shell that is included in Metasploit as a payload.  Using Meterpreter, password hashes are obtained from the exploited machine, and 0phcrack is used to crack the obtained passwords.  While the passwords are cracking offline, the viewer is taken back to Meterpreter in order to create a hidden cmd.exe shell on the remote host. Finally we create a new user and add that user to the Administrators group. Ready to see it in action?



Lots more from Ryan in the coming months. Thanks for all of your hard work,

Don
CISSP, MCSE, CSTA, Security+ SME
<<

KrisTeason

User avatar

Hero Member
Hero Member

Posts: 515

Joined: Sat Sep 08, 2007 7:48 pm

Location: /dev/null

Post Thu Feb 26, 2009 11:43 am

Re: [Article]-Video: The 15-Minute Network Pen Test Part 2

Sweet...It's Out Sooner Than I Thought! This Video Was Definitely Review For Me, What I Did Find Interesting Though Is What He Does When He Gains A Meterpreter Shell, I Typically Migrate Over To explorer.exe Or A More Stealthier Process He Just Creates The Process And Continues His Attack Through There. Good Video Though, Now That He's Got Access To Some Administrative Accounts, I Can See Part 3 Now...Getting A GUI Maybe...Still Can't Wait Though...Well Put Together!
eCPPT (Silver/Gold), eWPT, GSEC, GISP, GCIH, OSCP, OSWP
<<

apollo

Full Member
Full Member

Posts: 146

Joined: Fri Apr 04, 2008 7:44 pm

Post Thu Feb 26, 2009 12:10 pm

Re: [Article]-Video: The 15-Minute Network Pen Test Part 2

The GUI is a good idea, I hadn't thought about that, but that would be a good add-on.  The other two that I"d thought about doing were on using pass the hash through meterpreter sessions and using your meterpreter session to assist in pivoting.  Any other thoughts ?
CISSP, CSSLP, MCSE+Security, MCTS, CCSP, GPEN, GWAPT, GCWN, NOP, OSCP, Security+
<<

KrisTeason

User avatar

Hero Member
Hero Member

Posts: 515

Joined: Sat Sep 08, 2007 7:48 pm

Location: /dev/null

Post Thu Feb 26, 2009 12:40 pm

Re: [Article]-Video: The 15-Minute Network Pen Test Part 2

That sounds perfect actually. I've only seen the pass the hash attack once, pivoting and exploiting other machines with the ms08_067 would prove quite effective...then again you had the .128 and .129 post up in your first video (you being .129) & you've already gained entry into .128 so although pivoting is a beautiful idea, what other workstations would you attack in 3?
eCPPT (Silver/Gold), eWPT, GSEC, GISP, GCIH, OSCP, OSWP
<<

slimjim100

User avatar

EH-Net Columnist
EH-Net Columnist

Posts: 385

Joined: Wed Nov 08, 2006 12:50 pm

Location: Atlanta

Post Thu Feb 26, 2009 2:53 pm

Re: [Article]-Video: The 15-Minute Network Pen Test Part 2

Ryan you excited me with this follow-up video. Thanks you for taking to time to help other learn!

Cheers,

Brian

BTW I like the account names you added to the XP box :P
CISSP, CCSE, CCNA, CCAI, Network+, Security+, JNCIA, & MCP
<<

DrWireMORE

Newbie
Newbie

Posts: 4

Joined: Sun Feb 10, 2008 3:49 pm

Post Sat Feb 28, 2009 12:08 pm

Re: [Article]-Video: The 15-Minute Network Pen Test Part 2

Enjoyed the article and audio.  Confused to why this post and the links are referred to as video.  Have not found a video, but a great audio. dr
<<

LSOChris

Post Sat Feb 28, 2009 12:21 pm

Re: [Article]-Video: The 15-Minute Network Pen Test Part 2

maybe you are missing a codec or something, there is most certainly a video with a voice narration
<<

DrWireMORE

Newbie
Newbie

Posts: 4

Joined: Sun Feb 10, 2008 3:49 pm

Post Sat Feb 28, 2009 12:42 pm

Re: [Article]-Video: The 15-Minute Network Pen Test Part 2

Solved: nothing technical, just a screen size too small that I didn't see the flash window.  Got it... thanks (user error..go figure) dr
<<

don

User avatar

Administrator
Administrator

Posts: 4226

Joined: Sun Aug 28, 2005 10:47 pm

Location: Chicago

Post Fri Mar 27, 2009 2:21 pm

Re: [Article]-Video: The 15-Minute Network Pen Test Part 2

CISSP, MCSE, CSTA, Security+ SME
<<

Jhaddix

User avatar

Sr. Member
Sr. Member

Posts: 317

Joined: Wed Oct 29, 2008 10:25 pm

Post Fri Mar 27, 2009 4:35 pm

Re: [Article]-Video: The 15-Minute Network Pen Test Part 2

<<

UNIX

User avatar

Hero Member
Hero Member

Posts: 1244

Joined: Mon Apr 28, 2008 9:20 am

Post Wed May 13, 2009 9:36 am

Re: [Article]-Video: The 15-Minute Network Pen Test Part 2

Finally I had time too to view both of your videos - I really liked them and appreciate the work you put in. I think mainly for newcomers this is really helpful and shows on the technical side how a penetration could be done.

Return to Linn

Who is online

Users browsing this forum: No registered users and 1 guest

cron
.
Powered by phpBB® Forum Software © phpBB Group.
Designed by ST Software