Help with pentesting.
Hi,
I am new to pentesting and would like to get some help getting started. I have a lab setup with a Windows 7 RC 7100, and my Laptop with Backtrack 4. I have done a Port scan of my Windows desktop and found the following ports open:
Port State Service Version
21/tcp open ftp FileZilla ftpd
23/tcp open telnet Microsoft Windows XP telnetd
80/tcp open http Apache httpd 2.2.11 ((Win32))
135/tcp open msrpc Microsoft Windows RPC
139/tcp open netbios-ssn
445/tcp open netbios-ssn
515/tcp open printer
554/tcp closed rtsp
912/tcp open vmware-auth VMware Authentication Daemon 1.0 (Uses VNC, SOAP)
1801/tcp open unknown
2103/tcp open msrpc Microsoft Windows RPC
2105/tcp open msrpc Microsoft Windows RPC
2107/tcp open msrpc Microsoft Windows RPC
2869/tcp open http Microsoft HTTPAPI httpd 2.0 (SSDP/UPnP)
3389/tcp open ms-term-serv?
5357/tcp open http Microsoft HTTPAPI httpd 2.0 (SSDP/UPnP)
10243/tcp open http Microsoft HTTPAPI httpd 2.0 (SSDP/UPnP)
49156/tcp open msrpc Microsoft Windows RPC
49161/tcp open msrpc Microsoft Windows RPC
I know this is incredibly open but I cannot find a way to gain access. So I was hoping one you of you could possibly point me in the right direction.
Basically you can use Metasploit to try hack this system, find any exploitable software and install on your remote system and try to hack. You will learn which exploit works on which port.. Start with using Metasploit there are lots of information about MSF like ; offensive-security.com/metasploit-unleashed
Telnet and FTP are open. Maybe you can try to gain access through those. Telnet would be especially fun if you could.
There are at least four ports there, that if you knew their functions, would immediately stand out as possible attack vectors. Several others stand out as possible vectors, depending on how they are implemented. In fact, three don't require anything more than another Windows machine to immediately log into the Win7 machine. One requires nothing more than a browser.Originally Posted by vbnet
This post is a prime example of why guys like me start thinking homicidal thoughts about people who claim to be "new to pentesting." It's nothing personal, but the fact of the matter is that you obviously don't have the background in the basics of networking. Before you start pen testing, you need to start learning the basics. You need to learn things like the basics of TCP/IP communications, and the common TCP & UDP ports, how the services behind them run and may be accessed. Learn those basics, and then you might know enough to start thinking about learning to pen test.
Thorn
Stop the TSA now! Boycott the airlines.
What would be some good web sites to learn about TCP/IP?
This one is excellent.
A third party security audit is the IT equivalent of a colonoscopy. It's long, intrusive, very uncomfortable, and when it's done, you'll have seen things you really didn't want to see, and you'll never forget that you've had one.
Thank you for the reply, but I have searched extensively and have found nothing free. Lots of online classes but nothing that you can just go there and read about TCP/IP.
Your google fu' is weak.
A third party security audit is the IT equivalent of a colonoscopy. It's long, intrusive, very uncomfortable, and when it's done, you'll have seen things you really didn't want to see, and you'll never forget that you've had one.
Thanks for the site. I will read through it and then post back what I learned. And if I still need help.
Before you embark into the complicated world of TCP/IP, you may want to give this a read first.
A third party security audit is the IT equivalent of a colonoscopy. It's long, intrusive, very uncomfortable, and when it's done, you'll have seen things you really didn't want to see, and you'll never forget that you've had one.
Posting Permissions
