Originally Posted by Linus1907
google.com or the search button .. welcome to infosec
WEP....done. But now what?
Hi guys
I’m pretty new at this so be gentle ;-)
I’ve gain access to my own network via WEP 64 and 128 bit hacking (aircrack-ng), and that’s pretty easy now.
My next two steps are:
1) WPA/WPA2 hacking, with a dictionary list. And I’m already started on this.
2) Now what?
By “now what?” I mean, how can I further exploit my security setup?
When I have the WEP access code, how do I start gain knowledge about the target network (my network) that I now have access to.
How do I see what kind of windows version the target computer is running?, what kind of programs that are installed on the computer, etc.?
Can anybody give me a hint or a link? The functions in BackTracker is overwelming for a newbie ;-)
Thanks
google.com or the search button .. welcome to infosec
Using backtrack for the first time is like being 10 years old again with the keys to a Ferrari.
Host/port/vulnerability scanning. Each one is a whole topic unto itself. nmap and OpenVAS/Nessus are good tools to use for starters. Look for tutorials here and elsewhere on the web on those tools and also have a look at the NMap book online or better yet buy a copy.
Capitalisation is important. It's the difference between "Helping your brother Jack off a horse" and "Helping your brother jack off a horse".
The Forum Rules, Forum FAQ and the BackTrack Wiki... learn them, love them, live them.
1) It isn't an easy job especially if victim has password like '3Xx4mPl3666'. But a lot of (not intelligent enough) people set easy passwords to not forget them. IMHO you'd better use Rainbow Tables.
2) Firstly, do not make a mess in network (e.g. setting SSID to "Internet for BJ") "The quieter you become, the more you are able to hear" - and that's a true. And as lupin said, use nmap it's a powerful tool for OS revealing.
Thank your very much, lupin. That pushed my in the right direction
vvpallin: Come on. I know google and the search button. I asked polite for a hint, not a lecture in using google. If your 444 post are like this, you should find another forum, than the "newbie area"- EOD.
A great next step for you before getting in to Exploits to find vulnerabilities could be ARP poisoning its a great Security test to see how open is your security arround
Advice is freely given on this forum. While it might not be the answer you wanted to hear, there's some truth behind the response. Everyone here is encouraged to search before posting. You'll notice your question has been asked before and will be asked again after you.
My advice is find a specific topic mentioned above and focus on it. There's so much to cover. Take a look at the Metasploit Unleashed course, as it focuses on a lot of the topics like network enumeration, vulnerability discovery, and exploiting. If you then want to take it to the next level, look at the classes from Offensive-Security.
http://www.offensive-security.com/metasploit-unleashed/
http://www.offensive-security.com/in...y-training.php
fare enough i guess ..
OSI Model <<-- start here "as i said google
tcp/ip
nmap, nmap and more nmap "other scanners?"
Learn ALLL the tools of the aircrack suite
Ettercap-ng
Openvas / Nessus
Metasploit, msf, msf and a whole shitload more msf
Exploits learn them .. use them etc..
Now learn to code
now go back up to OSI and repeat till we are here again.
Learn more tools
Start writing your own tools that the above things didnt do
Start fuzzing
Now write your own exploits
At this point i dont think you need a guide anymore
Using backtrack for the first time is like being 10 years old again with the keys to a Ferrari.
check out the De-ICE series. They are good fun and a good place to start learning.
TIP: don't cheat.
Guys: Thanks you very much. I gave me a lot more keywords to google.
vvpalin: Thanks for your reply - I aplogize if I were a bit "rough" in my first reply.
No hard feelings
Have a nice weekend.
Posting Permissions
