Results 1 to 7 of 7

Thread: the next step

  1. #1
    7ELEVEN
    Guest

    Default the next step

    in my last post "open ports come and get me" i was not inviting anyone to hack my pc. the ip address was local. ummm why is is that every-body is more concerned about were the post is located rather than ANSWERING THE QUESTION BEING ASKED? all i wanna learn is a method to connect to a remote pc on my test network.....thats all. all the open ports are listed in my other post that was just closed

  2. #2

    Default

    Quote Originally Posted by 7ELEVEN View Post
    in my last post "open ports come and get me" i was not inviting anyone to hack my pc. the ip address was local. ummm why is is that every-body is more concerned about were the post is located rather than ANSWERING THE QUESTION BEING ASKED? all i wanna learn is a method to connect to a remote pc on my test network.....thats all. all the open ports are listed in my other post that was just closed
    I read your last posts & I'm sure others did too, Sure we can help but Judging by your questions you sound like you really lack a lot of network skills? I mean basic TCP/IP knowledge to network two systems & remote connect to eachother shouldn'tbe that hard?

    VNC
    Telnet
    FTP
    TFTP

    can all be used but in different ways

  3. #3
    7ELEVEN
    Guest

    Default

    yes i do lack some skills....the only reason why im hear is to learn. thats why im asking you guys questions. And yes i could easily connect to the remote pc if i disabled the password on the remote box, but im tryin to find away to "Pentest" the box with the password on.

  4. #4
    Super Moderator Archangel-Amael's Avatar
    Join Date
    Jan 2010
    Location
    Somewhere
    Posts
    8,012

    Default

    If you are trying to connect to a windows machine try using smb4k to connect to it. There is a thread around here by pureh@te that will show you how to use some of the smb tools to gain access to a windows machine.
    I think he might have a video as well.
    http://forums.remote-exploit.org/sho...?t=8495&page=2

    Try that one.
    And never mind the fact that someone is going to give you a hard time. But at the same time you need to be willing to put forth the effort. I would suggest that after extensive searching and reading that you take your time when posting questions. This will serve you better in the long run. There are ton of threads here that will give you info on the who what when where and how of pentesting. You just have to look.
    Good luck
    To be successful here you should read all of the following.
    ForumRules
    ForumFAQ
    If you are new to Back|Track
    Back|Track Wiki
    Failure to do so will probably get your threads deleted or worse.

  5. #5
    Very good friend of the forum hhmatt's Avatar
    Join Date
    Jan 2010
    Posts
    660

    Default

    I think this is what your thinking of!

    http://forums.remote-exploit.org/sho...?t=8495&page=2

  6. #6
    My life is this forum thorin's Avatar
    Join Date
    Jan 2010
    Posts
    2,629

    Default

    Quote Originally Posted by 7ELEVEN View Post
    mmm why is is that every-body is more concerned about were the post is located rather than ANSWERING THE QUESTION BEING ASKED?
    1) Probably because the information you provided is incorrect (see #1 below).
    2) Probably because your rude and do things like YELL.
    3) Because what you're doing is likely illegal (no matter how much you claim that you "own" the systems or have permission or whatever).
    the ip address was local.
    1) Get some basic networking knowledge (take some courses, do some reading) etc.... 81.x.x.x addresses do not fall within local or private IP spaces as defined by RFC 1918.
    2) There is an entire process to performing a PenTest. Most methodologies break it into 4 steps:
    a) Identify what boxes are live and what ports are open.
    b) Identify the OS of the live boxes and the specific services/versions of those service which are available.
    c) Identify what vulnerabilities those services/OSes might be susceptible to.
    d) Test if those vulnerabilities are indeed exploitable.

    all i wanna learn is a method to connect to a remote pc on my test network
    Your previous post clearly states that you can connect to the system via:
    Telnet
    HTTP
    Windows Networking
    VNC
    etc...
    What's the big mystery?

    Lastly, no one here owes you anything. If you somehow believe you're: entitled to good answers, above doubt/suspicion, or owed information simply for posting you're completely mistaken. Everyone here volunteers their time (including the developers/maintainers of the project), if you're somehow unhappy with the service/response then feel free to try elsewhere.
    I'm a compulsive post editor, you might wanna wait until my post has been online for 5-10 mins before quoting it as it will likely change.

    I know I seem harsh in some of my replies. SORRY! But if you're doing something illegal or posting something that seems to be obvious BS I'm going to call you on it.

  7. #7
    dementia_reign
    Guest

    Default

    7eleven listen you need to understand networking to atleast a fundamental level like they said ftp,telnet,trace route,nslookup

    nbtstat -an

    stuff like that not to mention you have to know how something works to exploit it and if you are pen testing its pretty much assumed you know wtf your doing to a significant level where if you find a whole its yours

    not holy shit port 3389 what is the password how do i do that

    just read man pen testing is for people that are security consultants

    i am training for that i held a position as a technical and security consultant and i learned everyday i use to work on ebay vuln reports for pci compliance for a huge company that was fun just get your feet wet learn TCP/IP OSI a Little
    learn how packets travel where they go how the get there

    why the ports are opened and how to exploit what is running behind that port

    odds are if telnet is open u need to crack a pass and user name ftp may be anonymous
    3389 with snmp enabled is suicide Ive seen many domain controllers bite dust and loose hundreds of gigs of data due to that

    id say go learn snmp it will give you a good idea on how windows works it basically tells you everything even what undies that box has on lol

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •