.

Hacking Scenarios

<<

cyber.spirit

User avatar

Sr. Member
Sr. Member

Posts: 356

Joined: Sun Feb 26, 2012 8:07 am

Location: in your heart!

Post Wed May 23, 2012 3:25 pm

Hacking Scenarios

Hello my freinds  i really love this forum becuase i alway got useful info here and thank you all.

frist of all, i wanna say im not new in hacking world i had some pentest experience i can use back track metasploit and many other tools and im familiar with many concepts and so on.

But as im addicted to hack!!!! i wanna start studying it so seriously  and i know i must build a hacking lab so i bought VMware Workstation 8 (i know i can use Virtual box for free but i love Vmware its better) and i download Backtrack 5 R2 Gnome i installed to A VM and a windows Xp VM also so do i need anything more for my lab?

i need some hacking scenario for exercises i googled it but i couldnt find some efficient scenarios dose anybody has them?

Thanks again Take care!!
ICS Academy Network Security Certified
<<

sil

User avatar

Hero Member
Hero Member

Posts: 551

Joined: Thu Mar 20, 2008 8:01 am

Location: ::1

Post Wed May 23, 2012 4:18 pm

Re: Hacking Scenarios

<<

cyber.spirit

User avatar

Sr. Member
Sr. Member

Posts: 356

Joined: Sun Feb 26, 2012 8:07 am

Location: in your heart!

Post Thu May 24, 2012 7:52 am

Re: Hacking Scenarios

ok thankx and what about my hacking lab is it efficient?
ICS Academy Network Security Certified
<<

magxtopher

Newbie
Newbie

Posts: 7

Joined: Tue Mar 27, 2012 8:00 am

Post Thu May 24, 2012 7:55 am

Re: Hacking Scenarios

Thanks.Great blog all newbies or serious security guru's shd read the link.
Cool mate.
<<

magxtopher

Newbie
Newbie

Posts: 7

Joined: Tue Mar 27, 2012 8:00 am

Post Thu May 24, 2012 8:07 am

Re: Hacking Scenarios

@ cyber.spirit,
My candidy advise is read google hacking and pen test by Johnny Long,
any security officer needs this book.You will found millions of hacking scenarios
and above all you will be equip with billions of search codes.I was shocked how
the guy come up with such book.After reading the book you  will attempt to know how
to hack with other search engines like msn,yahoo,bing etc.Give it a try u loose nothing.
Good luck.
<<

cyber.spirit

User avatar

Sr. Member
Sr. Member

Posts: 356

Joined: Sun Feb 26, 2012 8:07 am

Location: in your heart!

Post Thu May 24, 2012 11:54 am

Re: Hacking Scenarios

thank you both Magxtopher and sil that blog is really greate iDK who creates that its pretty well.

magxtopher, google hacking and pen test? Really? But i thought hacking with search engines is useless coz you cant choose ur target
u must select one of results anyway thanks again and i'll buy that book if its not free.
ICS Academy Network Security Certified
<<

rattis

User avatar

Hero Member
Hero Member

Posts: 1172

Joined: Mon Jul 27, 2009 1:25 pm

Post Thu May 24, 2012 12:00 pm

Re: Hacking Scenarios

Cyber.Spirt:

You might also want to check out Thomas Wilhelm (aka Grendel)'s book
http://www.amazon.com/Professional-Pene ... 1597494259

There are some other good things on hacking lab design of the forum if you look. Jaddix and Laz3r (I think) had a good couple posts a few years ago.
OSWP, Sec+
<<

rattis

User avatar

Hero Member
Hero Member

Posts: 1172

Joined: Mon Jul 27, 2009 1:25 pm

Post Thu May 24, 2012 12:01 pm

Re: Hacking Scenarios

cyber.spirit wrote:thank you both Magxtopher and sil that blog is really greate iDK who creates that its pretty well.

magxtopher, google hacking and pen test? Really? But i thought hacking with search engines is useless coz you cant choose ur target
u must select one of results anyway thanks again and i'll buy that book if its not free.


You can't hack if you don't have information. You can get information passively or actively.
OSWP, Sec+
<<

cyber.spirit

User avatar

Sr. Member
Sr. Member

Posts: 356

Joined: Sun Feb 26, 2012 8:07 am

Location: in your heart!

Post Thu May 24, 2012 12:36 pm

Re: Hacking Scenarios

Yes chrisj i already know without Footprinting  i cant hack, and i can find info passively and sometimes actively. But if u used google hacking i may know in this type of attack u must use some Google dorks and choose a vulnerable  site from results and go further but my problem is i wanna choose the target by myself not useing the Google's results thats why i think its useless IDK maybe Im wrong.

and thank you for that book i guess its a greate book, and plese tell me is my lab efficient? do i need anything else for that? and which SP of windows XP is good for my lab


thanks again
Last edited by cyber.spirit on Thu May 24, 2012 12:40 pm, edited 1 time in total.
ICS Academy Network Security Certified
<<

rattis

User avatar

Hero Member
Hero Member

Posts: 1172

Joined: Mon Jul 27, 2009 1:25 pm

Post Thu May 24, 2012 1:06 pm

Re: Hacking Scenarios

cyber.spirit wrote:my problem is i wanna choose the target by myself not useing the Google's results thats why i think its useless IDK maybe Im wrong.

and thank you for that book i guess its a greate book, and plese tell me is my lab efficient? do i need anything else for that? and which SP of windows XP is good for my lab

thanks again


As for the google stuff, treat it as if it's out of scope. :)

I was reading Basics of Hacking and Penetration Testing, or was it in the elearn security documents, last week, I can't remember. Pretty sure that was where I came across, get the lowest SP version you can find. It'll have more stuff for you to exploit. Doesn't mean newer ones won't have stuff to exploit but you'll get more bang for your training doing the oldest. Of course, if your system will handle it, do all service packs and see how each do.
OSWP, Sec+
<<

ziggy_567

User avatar

Sr. Member
Sr. Member

Posts: 378

Joined: Tue Dec 30, 2008 1:53 pm

Post Thu May 24, 2012 3:25 pm

Re: Hacking Scenarios

But i thought hacking with search engines is useless coz you cant choose ur target
u must select one of results



Check out the "site:" or "inurl:" Google dorks...
--
Ziggy


eCPPT - GSEC - GCIH - GWAPT - GCUX - RHCE - SCSecA - Security+ - Network+
<<

cyber.spirit

User avatar

Sr. Member
Sr. Member

Posts: 356

Joined: Sun Feb 26, 2012 8:07 am

Location: in your heart!

Post Fri May 25, 2012 4:45 pm

Re: Hacking Scenarios

Ok thank you all
chrisj what do you think if i'll buy the complete package of Professional Penetration Testing Creating And Operating A Formal Hacking. i think its expensive but as i said im addicted to hack and i dont care !!!! so what is ur opinion???
ICS Academy Network Security Certified
<<

cyber.spirit

User avatar

Sr. Member
Sr. Member

Posts: 356

Joined: Sun Feb 26, 2012 8:07 am

Location: in your heart!

Post Fri May 25, 2012 4:46 pm

Re: Hacking Scenarios

can you give me an example ZIGGY??
ICS Academy Network Security Certified
<<

Grendel

User avatar

Full Member
Full Member

Posts: 246

Joined: Thu Aug 28, 2008 8:48 am

Location: Colorado Springs, CO

Post Fri May 25, 2012 8:48 pm

Re: Hacking Scenarios

cyber.spirit wrote:chrisj what do you think if i'll buy the complete package of Professional Penetration Testing Creating And Operating A Formal Hacking.


As author of the aforementioned book, I strongly support your purchase it.

:D
- Thomas Wilhelm, MSCS MSM
ISSMP CISSP SCSECA SCNA IEM

Web Site:
  • http://HackingDojo.com
Author:
  • Professional Penetration Testing
  • Ninja Hacking
  • Penetration Tester's Open Source Toolkit
  • Metasploit Toolkit for Penetration Testing
  • Netcat Power Tools
<<

ziggy_567

User avatar

Sr. Member
Sr. Member

Posts: 378

Joined: Tue Dec 30, 2008 1:53 pm

Post Fri May 25, 2012 10:59 pm

Re: Hacking Scenarios

can you give me an example ZIGGY??


Sure.

Say you're assessing a site for abc.com, and you want to look for sql dumps carelessly left on their webservers...go to Google and search for the following:

filetype:"sql" site:abc.com

As long as Google has indexed it, you're in business...
--
Ziggy


eCPPT - GSEC - GCIH - GWAPT - GCUX - RHCE - SCSecA - Security+ - Network+
Next

Return to Tutorials

Who is online

Users browsing this forum: No registered users and 1 guest

.
Powered by phpBB® Forum Software © phpBB Group.
Designed by ST Software