Too excited about it to not make a thread about it/my upcoming adventures.
So for the month of January, my school basically says "go find a project that will help you become a better/more knowledgeable person or something", which is the explanation for how I am getting college credit for learning how to do the following.....
Today I broke into my first computer! I have a Windows XP virtual machine set up for a "target", and today I finally got the chance to actually try breaking in. I didn't actually do anything in there as I didn't really expect to do so today (hate software...), but I had the opportunity (two different ways/times) to run any programs on my computer that I wanted on it! (Couldn't make it download things from the internet because I had already knocked that out)
I will post updates whenever something noteworthy happens, and I will try to break it up so everyone can understand what happened, and then give a more technical tidbit to anyone who wants/cares/knows what I am talking about. (If you want to hear it, tell me; if no one wants it then I likely won't bother posting it)
Technical stuff; so much software!
Spent the first few days installing Linux (Ubuntu 9.10 32bit) and the necessary things for it to be useful (Programming stuff, mostly; + and various development environments). Then had to get virtualbox working; was not easy and I still don't have it so both virtual machines (vm's) can talk to each other AND have internet access. One of said vm's is XP (service pack 3) naturally, the other is an operating system of sorts (Linux based) called BackTrack, which is AMAZING. It has everything, all the best tools already installed, Dradis (filesharing and database-report framework for pen-testing), Metasploit (pen-testing framework), the Nessus scanner(s).....glorious!
The actual attacks I mounted today were both smb based, so taking advantage of XP's file sharing port (445). First attack was a tcp bind + running a command line under my control. Second was the same, except the tcp bind was "no nx" (meaning it circumvents most, if not all of Window's "don't do this action" protocols, and instead of a command line I would have been able to upload and execute any file of my choosing (not as cool as it sounds; it still needs a script for the target to know how to run the file).
Tonight and tomorrow I plan on writing some stuff to just make the target do some useless things, like start a command line and list the directories/other stuff, and get some other types of attacks working (XP actually started blocking port 445 after those two attacks....).
As a side note, if anyone has any good reads/sites/sources/etc for information on this sort of stuff, send it over! You will make my day and a half. Thanks in advance.
Reply With Quote
Originally Posted by f6fhellcat13
