information
i know there are a lot of information about everything available in the internet
but im would be glad if you could add a section with information about pentest in the next version
i heard about "Penetration Tester's Open Source Toolkit" and maybe you could make a new version of this book for backtrack
the reason for my question is that you can decide which informations a relevant so the people cat learn as much as possible about pentesting
Sounds to me like you are asking for a clear cut set of instructions on how to hack some one or somebodies system. I for one will not provide any more info than this. Also I think its kind of grandios of you to ask for a book to be modified just so YOU can understand what is relevant and what is not. the "open source tool kit "book is a huge wealth of information. If your having trouble understanding that then you are putting the cart before the horse. Start small>grow big
no i did not mean that
if i want information about how to hack a system i know that google would satisfy me...
to the "Penetration Tester's Open Source Toolkit":
im not every time able to understand all... thats true but i think thats not just the context it could also be the language because i am form Germany
i just wanted to ask if it could be changed that it would a little bit more up to date... you know... things like programs which are not used in backtrack 2
so im sorry for the misunderstanding...
Maby then you should have inquried about a german translation of some material. that would have sounded much more legit. Back track 2 final was just released in march so there is not going to be a ton of spoonfed info on it since it is relativley new. I suggest reasearching each tool {I feel like I say this alot} one at a time and use google to translate the man pages for you. What I don't think some new kids understand is that back track is a compiled distro which includes mostly other peoples tools. granted there are some tools wrote by muts and the folks at remote exploit but for the most part they were nice enough to compile every thing we needed into one OS. so that means that every tool has a creator, a website and a manual some where in internet world. you must understand that pen testing is a borderline illegal subject on the internet when we are all anonymousso we can only advise and not write a book with special directions on how to bring down a network.
yeah
maybe there was a misunderstanding again
i dont need a translation into german i just said that its not every time quite easy to understand all properly
and i know this thing about backtrack..
i dont want to have information about all tools i wanted to ask for information about this whole subject..
and of course nobody wants an instruction on how to bring a system down...
i just want to understand a little bit more about this total topic
and obviously there is this thread for suggestions for the future so i think its clear that nobody wants now a new version..
so does that mean you are a real pentester?so we can only advise and not write a book with special directions on how to bring down a network.
Its my Hobby. I dont do it for a living and I only legally test against my own network I have set up at home. I would say I'm pretty good at some types of testing and really lame at others. Im not denying you any help we are just cautious on this site for various reasons ,one of them being I enjoy it and we help each other in ethical ways and I dont want to see it shut down because we gave some 13 year old kid instructions on how to hack his dads wifi, then he gets on and downloads a porn torrent full of viruses and trogens ands it infects dads wireless vpn server/client with his work and next thing you know every hacker on the eastern sea board has a new identity and creditcard number......... this may sound extreme but we do not want to be responsible none the less. Tell us what you need help with specificly and i will try
ok^^
thats pretty cool..Its my Hobby.
lets say i am a little bit older than 13
and i noticed that the people here are careful with information...
the whole point was about basement information about pentesting but if i have the next time a question i will ask you
Id say great sounds like you could be a asset to the clan.
your right but sometimes i scan the networks of friends... so i can learn more about scanners (i.e. nmap)
so what are you doing in your OWN network? if you can say that without giving small children tips about hacking their father
and of course i know that im not such an expert like you
the tools in the kde menu are in order for a reason. Im a advocate of the command line but the menu helps in the order. Im feeling "pure nice" today so here you go.
locate target-I.e. other computer on your net work
break wep and gain accses to AP
open whatever ports on AP you need. gain IP of Target computer.
If your testing from outside your network now go to another location and attack YOUR OWN SYSTEM from outside. you have opened specific ports on the router and used port forwarding to the computer of your choice. now scan for vunerabilities and OS and services. Next locate a exploit that matches the services that your target box is running. Something very important that novice's sometimes dont understand is your not breaking into a computer directly you are exploiting a vunerability in services that the computer is running to gain a shell or upload a .exe backdoor or whatever. Im not going to explain the tools because I fear i said to much already so If i did mother please delete this and reprimand me with a public verbal lashing and a swift kick in the ass.
Hint of working exploit
Internet Explorer createTextRange() Code Execution win32
This module exploits a code execution vulnerability in Microsoft Internet Explorer. Both IE6 and IE7 (Beta 2) are vulnerable. It will corrupt memory in a way, which, under certain circumstances, can lead to an invalid/corrupt table pointer dereference. EIP will point to a very remote, non-existent memory location. This module is the result of merging three different exploit submissions and has only been reliably tested against Windows XP SP2. This vulnerability was independently discovered by multiple parties. The heap spray method used by this exploit was pioneered by Skylined.
Posting Permissions
