Page 1 of 2 12 LastLast
Results 1 to 10 of 11

Thread: Fresh Penetration Network setup(first exploit with Windows 7)

  1. #1
    Just burned his ISO
    Join Date
    Dec 2010
    Posts
    5

    Default Fresh Penetration Network setup(first exploit with Windows 7)

    I have successfully got BT4 R2 running on my new Mac in virtualbox alongside Windows 7. I have read several pages and have found a lot of helpful information on performing the basics.

    I have got msfconsole up and am running simple nmap scans and am returning information on my virtual machine running windows 7. My results show that all 1000 ports scanned are closed. I also run db_autopwn and no vulnerability modules load.

    I would like to start simple and understand how a basic penetration technique works. A lot of examples I am reading work with windows xp, but I am trying to exploit the windows 7 environment.

    When I use -O, I receive a message that too many fingerprints to match and that the OS type cannot be returned.

    Are these messages typical? Would I get some response if I opened up some ports, because I would rather not. Back to reading about slackware.

  2. #2
    Super Moderator lupin's Avatar
    Join Date
    Jan 2010
    Posts
    2,943

    Default Re: Fresh Penetration Network setup(first exploit with Windows 7)

    Traditional remote exploits are performed by taking advantage of a vulnerability in a listening network service. If you have no listening network services (e.g. if all your ports are "closed") then you will not be able to exploit the system using remote exploits. Pretty simple really.

    Install a vulnerable listening service on your Windows 7 system and you should then be able to attack it. Alternatively, you could try a client side exploit on your Windows system.

    I suggest you have a look at Metasploit Unleashed, and I have also written some exploit writing tutorials you can find links to from our HowTo forum if you want something more challenging and if you want to understand how this stuff works.
    Capitalisation is important. It's the difference between "Helping your brother Jack off a horse" and "Helping your brother jack off a horse".

    The Forum Rules, Forum FAQ and the BackTrack Wiki... learn them, love them, live them.

  3. #3
    Junior Member
    Join Date
    Aug 2010
    Posts
    34

    Default Re: Fresh Penetration Network setup(first exploit with Windows 7)

    Typical home Windows machines do not run any remote network services, so generally you are not going to remotely exploit a personal-use Windows box in a real world situation. That's why you're seeing all the ports closed; it's not running anything. For testing, you'll need to install a vulnerable service/program on it.

    You could also mess around with generating a browser exploit page and having the Windows box click it, though I'm not sure if there are any currently working browser exploits on Windows 7.

    There are generally quite few exploits for Windows 7, other than Internet Explorer 0days that sometimes work on it (but usually they get patched pretty fast).

  4. #4
    Junior Member
    Join Date
    Jan 2010
    Posts
    35

    Default Re: Fresh Penetration Network setup(first exploit with Windows 7)

    I've got a fully patched vista box running ie8 that's vulnerable to a few of the browser exploits, so they might work on Windows 7 too. You'd have to play around with it, but thats the fun part....

  5. #5
    Super Moderator lupin's Avatar
    Join Date
    Jan 2010
    Posts
    2,943

    Default Re: Fresh Penetration Network setup(first exploit with Windows 7)

    Quote Originally Posted by falseteeth View Post
    Typical home Windows machines do not run any remote network services, so generally you are not going to remotely exploit a personal-use Windows box in a real world situation.
    Strictly speaking, by default they will run the Windows file and printer sharing service, which has had its fair share of exploitable vulnerabilities, but firewall settings will usually block access to this by default. From a remote scan the port related to this service will come up as "closed", so it will appear not to be listening from remote systems, but it will actually be running and will be bound to a port and listening.
    Capitalisation is important. It's the difference between "Helping your brother Jack off a horse" and "Helping your brother jack off a horse".

    The Forum Rules, Forum FAQ and the BackTrack Wiki... learn them, love them, live them.

  6. #6
    Administrator sickness's Avatar
    Join Date
    Jan 2010
    Location
    Behind the screen.
    Posts
    2,921

    Default Re: Fresh Penetration Network setup(first exploit with Windows 7)

    I have got msfconsole up and am running simple nmap scans and am returning information on my virtual machine running windows 7. My results show that all 1000 ports scanned are closed. I also run db_autopwn and no vulnerability modules load.
    Well Windows 7 has by default some services opened, as @lupin mentioned the file and printer sharing also the remote desktop one, the reason why nmap gives you all ports filtered is because of the Win7 Firewall.

    I would like to start simple and understand how a basic penetration technique works. A lot of examples I am reading work with windows xp, but I am trying to exploit the windows 7 environment.
    Before you try to understand basic penetration testing techniques you should try to understand how exploit actually work and what are the differences between XP and Windows7 ( regarding exploits of course ).
    Back|track giving machine guns to monkeys since 2007 !

    Do not read the Wiki, most your questions will not be answered there !
    Do not take a look at the: Forum Rules !

  7. #7
    Just burned his ISO
    Join Date
    Dec 2010
    Posts
    5

    Default Re: Fresh Penetration Network setup(first exploit with Windows 7)

    Thanks everyone for the help!

    I read a bit more today and used the ms11_xxx_ie_css_import browser attack exploit my virtual machine. I recommend this as a simple starting point for others starting out as it is pretty simple.

    Thanks again!

  8. #8
    Member
    Join Date
    Feb 2010
    Posts
    78

    Default Re: Fresh Penetration Network setup(first exploit with Windows 7)

    In case you haven't found it yet, Securitytube.net has a great series on Metasploit called the Metasploit Megaprimer. From there you can move to the assembly tutorials on how to discover exploits for yourself. Irongeek also has a bunch of great videos to help you along. Happy learning!
    Computer security is a temporary condition.

  9. #9
    My life is this forum thorin's Avatar
    Join Date
    Jan 2010
    Posts
    2,629

    Default Re: Fresh Penetration Network setup(first exploit with Windows 7)

    If you need targets to play with you might want to check the "Testing Environments & Apps" section in my post to this thread:
    http://www.backtrack-linux.org/forum...ted-links.html
    I'm a compulsive post editor, you might wanna wait until my post has been online for 5-10 mins before quoting it as it will likely change.

    I know I seem harsh in some of my replies. SORRY! But if you're doing something illegal or posting something that seems to be obvious BS I'm going to call you on it.

  10. #10
    Just burned his ISO
    Join Date
    Dec 2010
    Posts
    5

    Default Re: Fresh Penetration Network setup(first exploit with Windows 7)

    Thanks everyone for the insight! I will definitely refer to both of those once i am done reading this bit I have now on Slack!

Page 1 of 2 12 LastLast

Similar Threads

  1. i need wireless network setup help!
    By hexyl in forum Beginners Forum
    Replies: 2
    Last Post: 04-11-2010, 08:06 PM
  2. Network Setup HowTo
    By xoroz in forum OLD Newbie Area
    Replies: 1
    Last Post: 08-26-2008, 11:13 AM
  3. Isolating Network Penetration Traffic
    By ipndrmath in forum OLD Specialist Topics
    Replies: 5
    Last Post: 07-10-2008, 12:43 PM
  4. Network setup help?
    By Number19 in forum OLD Newbie Area
    Replies: 8
    Last Post: 02-26-2008, 07:46 AM
  5. Wired Network Penetration
    By PabxH in forum OLD Newbie Area
    Replies: 12
    Last Post: 01-23-2008, 02:41 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •