Pentest Part one

Hi all its been a while,

Heres a video of various uses to own a windows box
Postgres-Nmap-Nessus-Metasploit-Autopwn-Sql_ping and so on...

http://blip.tv/dgconsultinguk/pentest-part-1-5428603

Regards dee

good video for beginners like me ... thanks for sharing

not bad, I liked the metasploit sql stuff. It reminded me of playing with metasploitable.

Could have had more explanations :)

thanks all,

I usually do caption and list all comms and why they are used but the video was rather long so left it out.

Kind regards Dee

can i see yr website Pentest09?

Great vid Pentest09, Mad skills in scripting after looking at your other projects.

I would like to have a explaination on

db_autopwn -e -t -r -x -p

and also

what is /etc/init.d/postgresql/ thing what is that?

thank you

Quote:

---

Originally Posted by xsixsi

I would like to have a explaination on

db_autopwn -e -t -r -x -p

and also

what is /etc/init.d/postgresql/ thing what is that?

thank you

---

The /etc/init.d/postgresql/ is an init script... I havent seen the video but he probably uses it like this
/etc/init.d/postgresql start
which starts his postgresql database server

db_autopwn is a metasploit command;

msf > db_autopwn -h
[*] Usage: db_autopwn [options]
-h Display this help text
-t Show all matching exploit modules
-x Select modules based on vulnerability references
-p Select modules based on open ports
-e Launch exploits against all matched targets
-r Use a reverse connect shell
-b Use a bind shell on a random port (default)
-q Disable exploit module output
-R [rank] Only run modules with a minimal rank
-I [range] Only exploit hosts inside this range
-X [range] Always exclude hosts inside this range
-PI [range] Only exploit hosts with these ports open
-PX [range] Always exclude hosts with these ports open
-m [regex] Only run modules whose name matches the regex
-T [secs] Maximum runtime for any exploit in seconds

Bear in mind these are options reflected from an older 3.X whatever version of MSF from backtrack4r2. I just pulled it from my old tutorial from the BT4 forum section

Quote:

---

Originally Posted by iproute

The /etc/init.d/postgresql/ is an init script... I havent seen the video but he probably uses it like this
/etc/init.d/postgresql start
which starts his postgresql database server

db_autopwn is a metasploit command;

msf > db_autopwn -h
[*] Usage: db_autopwn [options]
-h Display this help text
-t Show all matching exploit modules
-x Select modules based on vulnerability references
-p Select modules based on open ports
-e Launch exploits against all matched targets
-r Use a reverse connect shell
-b Use a bind shell on a random port (default)
-q Disable exploit module output
-R [rank] Only run modules with a minimal rank
-I [range] Only exploit hosts inside this range
-X [range] Always exclude hosts inside this range
-PI [range] Only exploit hosts with these ports open
-PX [range] Always exclude hosts with these ports open
-m [regex] Only run modules whose name matches the regex
-T [secs] Maximum runtime for any exploit in seconds

Bear in mind these are options reflected from an older 3.X whatever version of MSF from backtrack4r2. I just pulled it from my old tutorial from the BT4 forum section

---

Thank you a lot for the info.
so I will not use postgresgl?. because I am on BT5 and I think I have got Metasploit 4.0