Results 1 to 7 of 7

Thread: Metasploit 3.1 & NMap

  1. #1
    Just burned his ISO
    Join Date
    Feb 2008
    Posts
    2

    Talking Metasploit 3.1 & NMap

    Hey everybody, I'm new to penetration testing and I intend on going into a career as a network administrator so I thought that I'd better brush up on this stuff if I don't want punk kids messing with my network just a few days into the business.
    Also, I would post this in another forum but I just registered so I have no choice but to do it here for now.

    So after reading some other threads to try to find answers, I came across several links (probably a dozen) that either didn't work or were of no help. I'm sure that some of you will say that I hardly looked at all, but those dozen were just on this site, there was at least an hour's worth of time spent on google as well.

    SO HERE'S MY SITUATION
    I DLed Nmap, Nessus, and Metasploit 3.1 last night and tinkered mostly with nmap, just getting used to it, you know. scanned my old windows 2000 computer in the other room and it returned these results:
    Not shown: 1710 closed ports
    PORT STATE SERVICE VERSION
    135/tcp open msrpc?
    139/tcp open netbios-ssn
    445/tcp open microsoft-ds Microsoft Windows XP microsoft-ds
    1025/tcp open NFS-or-IIS?
    MAC Address: 00:06:5B:50:C5:20 (Dell Computer)
    Device type: general purpose
    Running: Microsoft Windows 2000|XP|2003
    OS details: Microsoft Windows 2000 Server SP3 or SP4, Microsoft Windows XP SP2 or Windows Server 2003 SP0/SP1


    Then i had this whole big installation deal with metasploit (hereafter referred to as 'meta' cause i'm tired of typing that whole thing) that i finally resolved today. so i go into the meta GUI, look through the exploits under windows, and try a couple under http just to see how it works (not expecting a penetration, of course) and then after I've had my fun with that i check the nmap return and start looking for an IIS, netbios, or microsoft-ds exploit. i didn't look through the whole tree for windows, but just through a quick glance i didn't see anything that i thought would work.

    i also scanned the same box with nessus that brought up a result page that took me about 20 minutes to go over; it was big, but there were plenty of holes in the box, needless to say.

    SO
    I've tried to give as much detail as possible without putting you to sleep. Is there anyone out there that could tell me how they would go about penetrating this box?
    If you want/need more info I'm more than willing to give it (except an IP, of course :P)

  2. #2
    Developer
    Join Date
    Mar 2007
    Posts
    6,124

    Default

    Sounds to me like you are using windows. If you are you are in the wrong place. This is a linux backtrack distro support forum. I do however know how it feels to ba a n00b and lost. I don't particularly believe your story because I hear 20 or 30 of them a day so although I won't give you a step by step haxor it now post I will link you to some videos.


    This is one of mine

    And so is this

    Both using metasploit and here are quite a few dealing with windows

  3. #3
    Senior Member
    Join Date
    Jan 2006
    Posts
    1,334

    Default

    Also........

    Quote Originally Posted by IS.Josef View Post
    ........So after reading some other threads to try to find answers, I came across several links (probably a dozen) that either didn't work or were of no help. I'm sure that some of you will say that I hardly looked at all, but those dozen were just on this site, there was at least an hour's worth of time spent on google as well.......
    Can you please post the links on here that didn't work?

    And, as PH said, no-one around here will give you a complete step-by-step on breaking into a specific machine, so don't even ask!
    (Please read the forum rules......)

    And finally, if you intend to follow a career as a net admin you might have to be prepared to put in more effort than "at least an hours worth of time" searching Google

  4. #4
    Senior Member streaker69's Avatar
    Join Date
    Jan 2010
    Location
    Virginville, BlueBall, Bird In Hand, Intercourse, Paradise, PA
    Posts
    3,535

    Default

    And if you are really going to pursue a career as a NetAdmin and you're just starting out in the field, you should read this thread.

    http://forums.remote-exploit.org/sho...light=netadmin

    Eventually, I'm going to get around to publishing all that information together plus a bunch of other stuff that I haven't written down yet.
    A third party security audit is the IT equivalent of a colonoscopy. It's long, intrusive, very uncomfortable, and when it's done, you'll have seen things you really didn't want to see, and you'll never forget that you've had one.

  5. #5
    Just burned his ISO
    Join Date
    Feb 2008
    Posts
    2

    Default

    Quote Originally Posted by Re@lity View Post
    And finally, if you intend to follow a career as a net admin you might have to be prepared to put in more effort than "at least an hours worth of time" searching Google
    I usually only have to spend about 5 minutes looking for solutions to a problem that I may be having, but I've gone to lengths of 8 hours at one time, if that doesn't bleed into days afterwards. I don't like leaving things unsettled. But today I had to do some driving around the city, so I didn't have all day for this one.

    Also apologies on the topic of pentesting a specific machine, didn't know that. and for the future i'll list all links i find that don't work. : )

    thanks streaker, that was a LOT of useful stuff, how long have you been in the field? i'm still completely new to it and trying to find work.... my only skills in networking for now are the workings of RIP, OSPF, EIGRP, IS-IS, configuring routers and switches, and configuring VLSM, subnet masks, and wildcard masks. not much i know, but i intend on expanding that to a ridiculous list such as yours, lol. i bet your resume is a novel!

    as per the 'linux support forum for back track' yeah i noticed the back track part (see large logo at the top of page lol), but linux eluded me. been wanting to learn how to deal with the linux os because a friend of mine recently tried it out and had a blast messing with the interface, but he could NOT get the internet working through his wifi. plus every serious tech junkie knows that windows is a joke in many aspects, particularly security. but eh, it's easy, so i'll stick with it for a while longer till i read up enough on linux to migrate.

  6. #6
    Just burned his ISO
    Join Date
    Mar 2008
    Posts
    2

    Default

    True!!!
    i have a similar problem!!!
    i tried almost each and every exploit in metasploit 3 using payloads of windows_reverse / windows_reverse_vncinject!!

    but cudnt break into any of the PCs!! scanned the PC and had its http,rpc and netBios ports open! how do i knw which exploit to use and all!!
    id b gr8ful to hear a nice lil lecture on this or if u have links to learn more about the exploits!!!
    thnx a lot!!!!!!!!!!!!!!!!111


    this is my first ever post
    AND IM EXCITED!!!!!!!

  7. #7
    Junior Member
    Join Date
    Feb 2010
    Posts
    26

    Thumbs up Gr8 Vid Helped heaps

    Quote Originally Posted by pureh@te View Post
    I do however know how it feels to ba a n00b and lost. I don't particularly believe your story because I hear 20 or 30 of them a day so although I won't give you a step by step haxor it now post I will link you to some videos.


    This is one of mine

    And so is this

    Both using metasploit and here are quite a few dealing with windows
    I'm still lost but it's work like that that keeps us noobs (sometimes nobs coming back for more
    great work cheers

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •