Page 1 of 3 123 LastLast
Results 1 to 10 of 22

Thread: information

  1. #1
    Junior Member
    Join Date
    May 2007
    Posts
    34

    Default information

    i know there are a lot of information about everything available in the internet
    but im would be glad if you could add a section with information about pentest in the next version
    i heard about "Penetration Tester's Open Source Toolkit" and maybe you could make a new version of this book for backtrack
    the reason for my question is that you can decide which informations a relevant so the people cat learn as much as possible about pentesting

  2. #2
    Developer
    Join Date
    Mar 2007
    Posts
    6,126

    Default

    Sounds to me like you are asking for a clear cut set of instructions on how to hack some one or somebodies system. I for one will not provide any more info than this. Also I think its kind of grandios of you to ask for a book to be modified just so YOU can understand what is relevant and what is not. the "open source tool kit "book is a huge wealth of information. If your having trouble understanding that then you are putting the cart before the horse. Start small>grow big

  3. #3
    Junior Member
    Join Date
    May 2007
    Posts
    34

    Default

    no i did not mean that
    if i want information about how to hack a system i know that google would satisfy me...
    to the "Penetration Tester's Open Source Toolkit":
    im not every time able to understand all... thats true but i think thats not just the context it could also be the language because i am form Germany
    i just wanted to ask if it could be changed that it would a little bit more up to date... you know... things like programs which are not used in backtrack 2
    so im sorry for the misunderstanding...

  4. #4
    Developer
    Join Date
    Mar 2007
    Posts
    6,126

    Default

    Maby then you should have inquried about a german translation of some material. that would have sounded much more legit. Back track 2 final was just released in march so there is not going to be a ton of spoonfed info on it since it is relativley new. I suggest reasearching each tool {I feel like I say this alot} one at a time and use google to translate the man pages for you. What I don't think some new kids understand is that back track is a compiled distro which includes mostly other peoples tools. granted there are some tools wrote by muts and the folks at remote exploit but for the most part they were nice enough to compile every thing we needed into one OS. so that means that every tool has a creator, a website and a manual some where in internet world. you must understand that pen testing is a borderline illegal subject on the internet when we are all anonymous so we can only advise and not write a book with special directions on how to bring down a network.

  5. #5
    Junior Member
    Join Date
    May 2007
    Posts
    34

    Default

    yeah
    maybe there was a misunderstanding again
    i dont need a translation into german i just said that its not every time quite easy to understand all properly
    and i know this thing about backtrack..
    i dont want to have information about all tools i wanted to ask for information about this whole subject..
    and of course nobody wants an instruction on how to bring a system down...
    i just want to understand a little bit more about this total topic
    and obviously there is this thread for suggestions for the future so i think its clear that nobody wants now a new version..
    so we can only advise and not write a book with special directions on how to bring down a network.
    so does that mean you are a real pentester?

  6. #6
    Developer
    Join Date
    Mar 2007
    Posts
    6,126

    Default

    Its my Hobby. I dont do it for a living and I only legally test against my own network I have set up at home. I would say I'm pretty good at some types of testing and really lame at others. Im not denying you any help we are just cautious on this site for various reasons ,one of them being I enjoy it and we help each other in ethical ways and I dont want to see it shut down because we gave some 13 year old kid instructions on how to hack his dads wifi, then he gets on and downloads a porn torrent full of viruses and trogens ands it infects dads wireless vpn server/client with his work and next thing you know every hacker on the eastern sea board has a new identity and creditcard number......... this may sound extreme but we do not want to be responsible none the less. Tell us what you need help with specificly and i will try

  7. #7
    Junior Member
    Join Date
    May 2007
    Posts
    34

    Default

    ok^^
    Its my Hobby.
    thats pretty cool..
    lets say i am a little bit older than 13 i switched to backtrack some time ago. first just with the live cd and than installed backtrack "1" to my hdd and after the release of backtrack 2 i immediately put it on my disk. and i followed this forum sometimes but never registered...
    and i noticed that the people here are careful with information...
    the whole point was about basement information about pentesting but if i have the next time a question i will ask you

  8. #8
    Developer
    Join Date
    Mar 2007
    Posts
    6,126

    Default

    Id say great sounds like you could be a asset to the clan.In my experiance the best way to pentest is on your OWN sterile network{ive crashed a few times with nessus and metasploit]. then when you recive a error or somthing is jacked then ask and post the specific steps and errors so some one can duplicate your steps and help with the error.

  9. #9
    Junior Member
    Join Date
    May 2007
    Posts
    34

    Default

    your right but sometimes i scan the networks of friends... so i can learn more about scanners (i.e. nmap)
    so what are you doing in your OWN network? if you can say that without giving small children tips about hacking their father
    and of course i know that im not such an expert like you

  10. #10
    Developer
    Join Date
    Mar 2007
    Posts
    6,126

    Default

    the tools in the kde menu are in order for a reason. Im a advocate of the command line but the menu helps in the order. Im feeling "pure nice" today so here you go.

    locate target-I.e. other computer on your net work
    break wep and gain accses to AP
    open whatever ports on AP you need. gain IP of Target computer.
    If your testing from outside your network now go to another location and attack YOUR OWN SYSTEM from outside. you have opened specific ports on the router and used port forwarding to the computer of your choice. now scan for vunerabilities and OS and services. Next locate a exploit that matches the services that your target box is running. Something very important that novice's sometimes dont understand is your not breaking into a computer directly you are exploiting a vunerability in services that the computer is running to gain a shell or upload a .exe backdoor or whatever. Im not going to explain the tools because I fear i said to much already so If i did mother please delete this and reprimand me with a public verbal lashing and a swift kick in the ass.

    Hint of working exploit
    Internet Explorer createTextRange() Code Execution win32
    This module exploits a code execution vulnerability in Microsoft Internet Explorer. Both IE6 and IE7 (Beta 2) are vulnerable. It will corrupt memory in a way, which, under certain circumstances, can lead to an invalid/corrupt table pointer dereference. EIP will point to a very remote, non-existent memory location. This module is the result of merging three different exploit submissions and has only been reliably tested against Windows XP SP2. This vulnerability was independently discovered by multiple parties. The heap spray method used by this exploit was pioneered by Skylined.

Page 1 of 3 123 LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •