Results 1 to 6 of 6

Thread: ToDo after successfully acquiring access

  1. #1
    Just burned his ISO
    Join Date
    Dec 2006
    Posts
    1

    Default ToDo after successfully acquiring access

    Firstly I want to thank everyone that has written guides for getting newbies up and running. From which card to buy (I got a WG511T) to setting up packet injection on it, I would have been at a loss were it not for those tutorials.

    What I'm looking for now is a general framework/checklist of what you experienced guys do once you gain access to a network. I have successfully cracked my own WEP and used metasploit on my Win2000 machine, but my environment is very simple.

    Some questions for you all-
    What do you do to map out the network? I know I can see some active wireless clients using airodump, but what about wired clients?

    Once it is mapped out, what is your typical plan you use to explore and pentest machines on the network?

    All the tools available in BT can be somewhat daunting to a newbie, so I would appreciate some general advice.

  2. #2
    My life is this forum thorin's Avatar
    Join Date
    Jan 2010
    Posts
    2,629

  3. #3
    Junior Member
    Join Date
    Jul 2008
    Posts
    57

    Default

    Once you connect to the network, try:

    nmap -v -sP *wired/wireless ip here*

    that should give you that pc's status.

    good luck
    Go ahead, try it, I DARE YOU :cool:

  4. #4
    Very good friend of the forum killadaninja's Avatar
    Join Date
    Oct 2007
    Location
    London, United Kingdom.
    Posts
    526

    Default thats the best way ive seen that question asked

    Normally people asking "what next" receive a sarcastic answer back, but just from reading the way you posted the question it seems pretty clear to me that your a smart interested guy. I think what youre asking is what after nmap etc, well theres lots of ways to exploit, you say you use metasploit well you should look up more features of it, theres not much you cant do over wlan/lan with metasploit. If you want to know what else other than metasploit then your basically looking for vulnareble boxes use nmap to scan your subnet. Once this is done start mapping out the network, nmap has a usefull tool for this under ermm mapping. Once youve mapped out which devices are comps start scanning them for vulnerable open ports such as telnet 23. once you have a list of vulnerable boxes go about finding the easiest way to exploit them using the services they are running there are countless tuts on haking windows boxes, you just need to find the best way for your target.
    Sometimes I try to fit a 16-character string into an 8–byte space, on purpose.

  5. #5
    Just burned his ISO
    Join Date
    Dec 2008
    Posts
    14

    Default

    Just wanted to say thanks for the info. I feel like I've gotten pretty good at wpa/wep cracking on my router and I was wanting to progress my skills in this very way. I wish the metasploit site would come back up so i could do some recon....its been down for the last two days or so.

  6. #6

    Default

    Quote Originally Posted by kptclutch View Post
    Just wanted to say thanks for the info. I feel like I've gotten pretty good at wpa/wep cracking on my router and I was wanting to progress my skills in this very way. I wish the metasploit site would come back up so i could do some recon....its been down for the last two days or so.
    the metasploit site is back up temporarly at metasploit.org and metasploit.net
    Until they become conscious they will never rebel, and until after they have rebelled they cannot become conscious...

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •