PDA

View Full Version : Pentest Part one



pentest09
07-31-2011, 04:08 PM
Hi all its been a while,

Heres a video of various uses to own a windows box
Postgres-Nmap-Nessus-Metasploit-Autopwn-Sql_ping and so on...

http://blip.tv/dgconsultinguk/pentest-part-1-5428603

Regards dee

shendo
08-01-2011, 08:41 AM
good video for beginners like me ... thanks for sharing

2901119
08-01-2011, 08:46 AM
not bad, I liked the metasploit sql stuff. It reminded me of playing with metasploitable.

TheInnocent
08-01-2011, 07:08 PM
Could have had more explanations :)

pentest09
08-03-2011, 05:38 PM
thanks all,

I usually do caption and list all comms and why they are used but the video was rather long so left it out.

Kind regards Dee

kataibrengsek
09-05-2011, 10:02 AM
can i see yr website Pentest09?

Cains
09-06-2011, 09:17 AM
Great vid Pentest09, Mad skills in scripting after looking at your other projects.

xsixsi
09-11-2011, 09:19 PM
I would like to have a explaination on

db_autopwn -e -t -r -x -p

and also

what is /etc/init.d/postgresql/ thing what is that?

thank you

iproute
09-12-2011, 01:45 PM
I would like to have a explaination on

db_autopwn -e -t -r -x -p

and also

what is /etc/init.d/postgresql/ thing what is that?

thank you

The /etc/init.d/postgresql/ is an init script... I havent seen the video but he probably uses it like this
/etc/init.d/postgresql start
which starts his postgresql database server

db_autopwn is a metasploit command;

msf > db_autopwn -h

Usage: db_autopwn [options]
-h Display this help text
-t Show all matching exploit modules
-x Select modules based on vulnerability references
-p Select modules based on open ports
-e Launch exploits against all matched targets
-r Use a reverse connect shell
-b Use a bind shell on a random port (default)
-q Disable exploit module output
-R [rank] Only run modules with a minimal rank
-I [range] Only exploit hosts inside this range
-X [range] Always exclude hosts inside this range
-PI [range] Only exploit hosts with these ports open
-PX [range] Always exclude hosts with these ports open
-m [regex] Only run modules whose name matches the regex
-T [secs] Maximum runtime for any exploit in seconds

Bear in mind these are options reflected from an older 3.X whatever version of MSF from backtrack4r2. I just pulled it from my old tutorial from the BT4 forum section

xsixsi
09-12-2011, 04:51 PM
The /etc/init.d/postgresql/ is an init script... I havent seen the video but he probably uses it like this
/etc/init.d/postgresql start
which starts his postgresql database server

db_autopwn is a metasploit command;

msf > db_autopwn -h

Usage: db_autopwn [options]
-h Display this help text
-t Show all matching exploit modules
-x Select modules based on vulnerability references
-p Select modules based on open ports
-e Launch exploits against all matched targets
-r Use a reverse connect shell
-b Use a bind shell on a random port (default)
-q Disable exploit module output
-R [rank] Only run modules with a minimal rank
-I [range] Only exploit hosts inside this range
-X [range] Always exclude hosts inside this range
-PI [range] Only exploit hosts with these ports open
-PX [range] Always exclude hosts with these ports open
-m [regex] Only run modules whose name matches the regex
-T [secs] Maximum runtime for any exploit in seconds

Bear in mind these are options reflected from an older 3.X whatever version of MSF from backtrack4r2. I just pulled it from my old tutorial from the BT4 forum section

Thank you a lot for the info.
so I will not use postgresgl?. because I am on BT5 and I think I have got Metasploit 4.0