Results 1 to 10 of 10

Thread: Old Software Versions

  1. #1
    Just burned his ISO
    Join Date
    Jun 2007
    Posts
    13

    Default Old Software Versions

    I'm currently trying to get a vulnerable windows box setup among other things for testing with backtrack. As such, I've been trying to get software versions corresponding with various metasploit modules installed on said box. However I've been hitting a wall when it comes to actually finding vulnerable versions of the software. I figured this probably isn't an entirely uncommon problem, but couldn't find anything relevant either here or on the metasploit pages, so I was hoping someone might have suggestions.

    Thanks for any input.

  2. #2
    Senior Member
    Join Date
    Apr 2007
    Posts
    3,385

    Default

    Why not just set up a comp with good old Win XP SP1 un-patched to practice on..its got plenty of goodies for Metasploit to find. And its very good practice for rookies of Metasploit to use to uncover holes and build up their -=Xploitz=- skills .
    [CENTER][FONT=Book Antiqua][SIZE=5][B][COLOR=blue][FONT=Courier New][COLOR=red]--=[/COLOR][/FONT]Xploitz[FONT=Courier New][COLOR=red]=--[/COLOR][/FONT][/COLOR][/B][/SIZE][/FONT][FONT=Courier New][COLOR=Black][SIZE=6][B] ®[/B][/SIZE][/COLOR][/FONT][/CENTER]
    [CENTER][SIZE=4][B]Remote-Exploit.orgs Master Tutorialist.[/B][/SIZE][SIZE=6][B]™
    [/B][/SIZE]
    [URL="http://forums.remote-exploit.org/showthread.php?t=9063"][B]VIDEO: Volume #1 "E-Z No Client WEP Cracking Tutorial"[/B]
    [/URL]
    [URL="http://forums.remote-exploit.org/showthread.php?t=7872"][B]VIDEO: Volume #2 "E-Z No Client Korek Chopchop Attack Tutorial"[/B]
    [/URL]
    [URL="http://forums.remote-exploit.org/showthread.php?t=8230"][B]VIDEO: Volume #3 "E-Z WPA/WPA2 Cracking Tutorial"[/B][/URL]

    [URL="http://forums.remote-exploit.org/showthread.php?t=8041"][B]VIDEO: Volume #4 "E-Z Cracking WPA/WPA2 With Airolib-ng Databases"[/B][/URL]
    [/CENTER]

  3. #3
    Developer
    Join Date
    Mar 2007
    Posts
    6,124

    Default

    Quote Originally Posted by Bob327 View Post
    I'm currently trying to get a vulnerable windows box setup among other things for testing with backtrack. As such, I've been trying to get software versions corresponding with various metasploit modules installed on said box. However I've been hitting a wall when it comes to actually finding vulnerable versions of the software. I figured this probably isn't an entirely uncommon problem, but couldn't find anything relevant either here or on the metasploit pages, so I was hoping someone might have suggestions.

    Thanks for any input.
    most software costs money. winamp 5.12 is vunerable to a play list buffer over flow.

    firefox 1.5 is vunerable

    the best thing to do is use google. Just remember that knowing how to preform a exploit at home does you know good in the field if there is no way to determine that your target computer is running. For example if you cant figure out how to tell what browser a target computer is running then it doesnt do you much good to know the exploit. Do your home work. The exploit is usually the easy part its finding a vunerable service by means of RESEARCH.(this is somthing most people have a aversion to and want to be spoonfed). Also make sure you know what your doing after you penetrate a target machine. If you dont have a serios working knowledge of windows (substandard) sorry excuse for a command line you will be screwed. And lastly if you are trying to preform a illegal activity chances are you will be leaving your cyber finger prints all over the place. cleaning up after your self is a crucial part of the exploit process. I strongly discourage illegal activity and remember you never know who you are a attacking and what sort of honey pot they may have waiting for you.

  4. #4
    Senior Member
    Join Date
    Apr 2007
    Posts
    3,385

    Default

    Yep..and most honey pots use sugarcanes (if you dont know..sugarcanes are honeypots that masquerade as an open proxy.) But on the more ironic side of it....honeypots can carry risks to a network....if they are not properly walled off, an attacker can use them to actually break into a system.
    [CENTER][FONT=Book Antiqua][SIZE=5][B][COLOR=blue][FONT=Courier New][COLOR=red]--=[/COLOR][/FONT]Xploitz[FONT=Courier New][COLOR=red]=--[/COLOR][/FONT][/COLOR][/B][/SIZE][/FONT][FONT=Courier New][COLOR=Black][SIZE=6][B] ®[/B][/SIZE][/COLOR][/FONT][/CENTER]
    [CENTER][SIZE=4][B]Remote-Exploit.orgs Master Tutorialist.[/B][/SIZE][SIZE=6][B]™
    [/B][/SIZE]
    [URL="http://forums.remote-exploit.org/showthread.php?t=9063"][B]VIDEO: Volume #1 "E-Z No Client WEP Cracking Tutorial"[/B]
    [/URL]
    [URL="http://forums.remote-exploit.org/showthread.php?t=7872"][B]VIDEO: Volume #2 "E-Z No Client Korek Chopchop Attack Tutorial"[/B]
    [/URL]
    [URL="http://forums.remote-exploit.org/showthread.php?t=8230"][B]VIDEO: Volume #3 "E-Z WPA/WPA2 Cracking Tutorial"[/B][/URL]

    [URL="http://forums.remote-exploit.org/showthread.php?t=8041"][B]VIDEO: Volume #4 "E-Z Cracking WPA/WPA2 With Airolib-ng Databases"[/B][/URL]
    [/CENTER]

  5. #5
    Just burned his ISO
    Join Date
    Jun 2007
    Posts
    13

    Default

    Thanks much for the advice. An unpatched copy of Windows SP1 is definitely something I've been been pursuing, but doesn't seem readily available through my department. The older versions of firefox and winamp were much easier to find than the stuff like itunes and quicktime I was looking for .

    Since you brought up honeypots and getting one setup is another backburner project I'm working on, I was wondering if you had any general tips for doing so? I'll certainly be taking a closer look at the public projects and documentation out there before I get very involved with it, but I'm quite the novice so anything is appreciated.~

  6. #6
    Senior Member
    Join Date
    Apr 2007
    Posts
    3,385

    Default

    I'm probably gonna get flammed for this...but get bittornado here...


    Linux...http://download2.bittornado.com/down...-0.3.17.tar.gz

    Windows....http://download.bittornado.com/downl...w32install.exe


    and then D/l a pirated copy of Windows XP SP1 here...

    http://www.isohunt.com/download/15890499/windows+XP+SP1

    Pirated copies of Win XP SP1have more security holes than past President Carter has pills.


    My / remote-exploits disclaimer.

    BTW this post of mine is intended to be used as educational and testing purposes ONLY!! And I / we / nor remote-exploit.org take any responsibility for your actions. Its legal to make a backup of the software you own ONLY. So if you don't own this..don't download it.
    [CENTER][FONT=Book Antiqua][SIZE=5][B][COLOR=blue][FONT=Courier New][COLOR=red]--=[/COLOR][/FONT]Xploitz[FONT=Courier New][COLOR=red]=--[/COLOR][/FONT][/COLOR][/B][/SIZE][/FONT][FONT=Courier New][COLOR=Black][SIZE=6][B] ®[/B][/SIZE][/COLOR][/FONT][/CENTER]
    [CENTER][SIZE=4][B]Remote-Exploit.orgs Master Tutorialist.[/B][/SIZE][SIZE=6][B]™
    [/B][/SIZE]
    [URL="http://forums.remote-exploit.org/showthread.php?t=9063"][B]VIDEO: Volume #1 "E-Z No Client WEP Cracking Tutorial"[/B]
    [/URL]
    [URL="http://forums.remote-exploit.org/showthread.php?t=7872"][B]VIDEO: Volume #2 "E-Z No Client Korek Chopchop Attack Tutorial"[/B]
    [/URL]
    [URL="http://forums.remote-exploit.org/showthread.php?t=8230"][B]VIDEO: Volume #3 "E-Z WPA/WPA2 Cracking Tutorial"[/B][/URL]

    [URL="http://forums.remote-exploit.org/showthread.php?t=8041"][B]VIDEO: Volume #4 "E-Z Cracking WPA/WPA2 With Airolib-ng Databases"[/B][/URL]
    [/CENTER]

  7. #7
    Developer
    Join Date
    Mar 2007
    Posts
    6,124

    Default

    a improperly set up mssql server is partculary vunerable. the rest you'll have to research. I will say that most exploits in metesploit have been patched its more of a enviorment for developing your own and using the payloads. check bug traq and security focus for the latest public exploits.

    xploitz I triple dog super dare you to use my honey pot against me.LOL

  8. #8
    Senior Member PrairieFire's Avatar
    Join Date
    Apr 2007
    Posts
    705

    Default

    Dumpster diving at your local tech HQ is always a good way to get old software.
    Μολὼν λαβέ - Great spirits encounter heavy opposition from mediocre minds.

  9. #9
    Junior Member
    Join Date
    Jul 2007
    Posts
    57

    Default

    Quote Originally Posted by -=Xploitz=- View Post
    I'm probably gonna get flammed for this...but get bittornado here...


    Linux...http://download2.bittornado.com/down...-0.3.17.tar.gz

    Windows....http://download.bittornado.com/downl...w32install.exe


    and then D/l a pirated copy of Windows XP SP1 here...

    http://www.isohunt.com/download/15890499/windows+XP+SP1

    Pirated copies of Win XP SP1have more security holes than past President Carter has pills.


    My / remote-exploits disclaimer.

    BTW this post of mine is intended to be used as educational and testing purposes ONLY!! And I / we / nor remote-exploit.org take any responsibility for your actions. Its legal to make a backup of the software you own ONLY. So if you don't own this..don't download it.
    Wrong message to send...
    Fingerprint.

  10. #10
    Senior Member
    Join Date
    Apr 2007
    Posts
    3,385

    Default

    Quote Originally Posted by Duritoxn View Post
    Wrong message to send...
    What?? That pirated copies of Win XP SP1 are full of holes??

    @ at purehate "xploitz I triple dog super dare you to use my honey pot against me.LOL"

    Your tripple dog super daring me?? Ohh!..Thats it!..Its on like Donky Kong now peckerwo0d!
    [CENTER][FONT=Book Antiqua][SIZE=5][B][COLOR=blue][FONT=Courier New][COLOR=red]--=[/COLOR][/FONT]Xploitz[FONT=Courier New][COLOR=red]=--[/COLOR][/FONT][/COLOR][/B][/SIZE][/FONT][FONT=Courier New][COLOR=Black][SIZE=6][B] ®[/B][/SIZE][/COLOR][/FONT][/CENTER]
    [CENTER][SIZE=4][B]Remote-Exploit.orgs Master Tutorialist.[/B][/SIZE][SIZE=6][B]™
    [/B][/SIZE]
    [URL="http://forums.remote-exploit.org/showthread.php?t=9063"][B]VIDEO: Volume #1 "E-Z No Client WEP Cracking Tutorial"[/B]
    [/URL]
    [URL="http://forums.remote-exploit.org/showthread.php?t=7872"][B]VIDEO: Volume #2 "E-Z No Client Korek Chopchop Attack Tutorial"[/B]
    [/URL]
    [URL="http://forums.remote-exploit.org/showthread.php?t=8230"][B]VIDEO: Volume #3 "E-Z WPA/WPA2 Cracking Tutorial"[/B][/URL]

    [URL="http://forums.remote-exploit.org/showthread.php?t=8041"][B]VIDEO: Volume #4 "E-Z Cracking WPA/WPA2 With Airolib-ng Databases"[/B][/URL]
    [/CENTER]

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •