Server Side Attacks - INFORMATION GATHERING

  • Need an IP address.
  • Very simple if target is on the same network (netdiscover or zenmap).
  • If target has a domain, then a simple ping will return its IP.

> ping www.XXXX.com

  • Getting the IP is tricker if the target is a personal computer, might be useless if the target is accessing the internet through a network as the IP will be the router IP and not the targets, client side attacks are more effective in this case as reverse connetcion can be use.

INFORMATION GATHERING

  • Try default password(ssh iPad case).
  • Services might be mis-configured, such as the "r" service. Ports 512, 513, 514
  • Some might even contain a back door!
  • Code execution vulnerabilites.

CASE:

Target - Server Metasploitable

Tool - Zenmap on Kali Linux

Start the metasploit server first.(The same network with Kali Linux)

Input the target IP  and click start button.

After scan is finished, we need to analyse the scan result.

We find netkit-rsh and google it. It maybe interesting.

Install rsh-client firstly.

We login the target server with default account - root.

We have the root right now, so can find many useful information about this target server.

Ethical Hacking - GAINING ACCESS(2)的更多相关文章

  1. Ethical Hacking - GAINING ACCESS(1)

    Gaining Access Introduction Everything is a computer Two main approaches (1)Server Side Do not requi ...

  2. Ethical Hacking - GAINING ACCESS(23)

    CLIENT SIDE ATTACK - BeEF Framework Hooking targets using MITMF Tools: MITMF and BeEF Start BeEF and ...

  3. Ethical Hacking - GAINING ACCESS(6)

    Server Side Attack Analysing scan results and exploiting target system. Go to the Analysis page and ...

  4. Ethical Hacking - GAINING ACCESS(24)

    CLIENT SIDE ATTACKS - Detecting Trojan manually or using a sandbox Analyzing trojans Check the prope ...

  5. Ethical Hacking - GAINING ACCESS(22)

    CLIENT SIDE ATTACKS - BeEf Framework Browser Exploitation Framework allowing us to launch a number o ...

  6. Ethical Hacking - GAINING ACCESS(21)

    CLIENT SIDE ATTACKS - Trojan delivery method - using email spoofing Use gathered info to contract ta ...

  7. Ethical Hacking - GAINING ACCESS(20)

    CLIENT SIDE ATTACKS - Spoofing backdoor extension Change the extension of the trojan from exe to a s ...

  8. Ethical Hacking - GAINING ACCESS(19)

    Client-Side Attacks - Social Engineering Tool: The FAT RAT Just like Veil, it generates Undetectable ...

  9. Ethical Hacking - GAINING ACCESS(18)

    CLIENT SIDE ATTACKS Backdooring ANY file Combine backdoor with any file - Generic solution. Users ar ...

  10. Ethical Hacking - GAINING ACCESS(17)

    CLIENT SIDE ATTACKS - Backdooring exe' s Download an executable file first. VEIL - FRAMEWORK A backd ...

随机推荐

  1. 大众点评cat实时监控简介及部署

    简介 背景 CAT(Central Application Tracking)是由吴其敏(前大众点评首席架构师,现携程架构负责人)主导设计基于Java开发打造的实时应用监控平台,为大众点评网提供了全面 ...

  2. cocos2dx Mac平台 打印长字符串,游戏卡死

    1,打开了输出控制台,输出卡死的解决方案: 打开控制台: game -console enable 关闭控制台: game -console false 修改文件 ConsoleWindowContr ...

  3. WeChair项目Beta冲刺(1/10)

    团队项目进行情况 1.昨日进展    Beta冲刺第一天 前期进展: 对代码进行优化,完成上阶段冲刺未完成的实名认证上传图片的功能,解决解密存在部分失败的bug问题 2.今日安排 前端:设计扫码占座功 ...

  4. 006.OpenShift持久性存储

    一 持久存储 1.1 持久存储概述 默认情况下,运行容器使用容器内的临时存储.Pods由一个或多个容器组成,这些容器一起部署,共享相同的存储和其他资源,可以在任何时候创建.启动.停止或销毁.使用临时存 ...

  5. JavaWeb网上图书商城完整项目--day02-18.修改密码页面处理

    1.用户登陆成功之后会显示 当点击修改密码的时候,会进入下面的页面 对应的是pwd.jsp这个文件 我们把对jsp页面前段的校验都封装在pwd.js中,在jsp中引入该js文件 <%@ page ...

  6. MySql索引要注意的8个事情

    设计好MySql索引可以让你的数据库查询效率大为提高.设计MySql索引的时候,有一些问题需要值得我们注意的: 1,创建MySql索引 对于查询占主要的应用来说,索引显得尤为重要.很多时候性能问题很简 ...

  7. swift对象存储安装

    对象存储服务概览 OpenStack对象存储是一个多租户的对象存储系统,它支持大规模扩展,可以以低成本来管理大型的非结构化数据,通过RESTful HTTP 应用程序接口. 它包含下列组件: 代理服务 ...

  8. Vue学习-组件的基本使用(局部组件)

    目录 示例代码 1.创建组件(构造器对象创建-Vue.extend) 2.注册组件 3.使用组件 4.语法糖创建并注册组件 示例代码 http://jsrun.net/H8vKp/edit 1.创建组 ...

  9. 基础的markdown用法

    首先推荐一款在线的markdown编辑器:Editor.md 一篇博客里面就是文字与图片的集合.markdown其实就是编辑文字,插入图片的工具.对于大多数人来说,学习几个标签就可以了. 标题 #** ...

  10. HTTPS加密协议详解(一):HTTPS基础知识

    转自:https://blog.csdn.net/hherima/article/details/52469267------------------------------专栏导航:-------- ...