Penetration Testing mailing list archives
RE: Hacking Demo and Test Lab
From: Meidinger Chris <chris.meidinger () badenit de>
Date: Mon, 14 Jun 2004 16:37:01 +0200
I am also quite fond of dameware for this. If you are using, for example, the metasploit framework, just select the payload to be useradd, and you get a user named X. Then have dameware install its remote control using those credentials, and bingo. goes faster for an audience with little time. Chris Meidinger
-----Original Message----- From: Victor Chapela [mailto:victor () sm4rt com] Sent: Friday, June 11, 2004 8:00 PM To: 'raza sharif'; pen-test () securityfocus com Subject: RE: Hacking Demo and Test Lab I am not sure about VMWare, I also had some problems running demos consistently and decided to use a separate machine. I usually do my demos with a similar configuration XP -> 2000. A good 5 min sketch is: - get a remote shell using Jill, iis5hack or dcomexploit - You end up as NT Authority/SYSTEM in all cases, therefore you can add yourself as an administrator - connect to the admin$ share using your new credentials - dump the SAM file with pwdump3 - crack some hashes using john - copy winvnc to system32 - add your vnc password to the remote registry - install and start winvnc remotely - start a VNC session Even though you will rarely need to install vnc while pen testing, I have found that for demos it is a very good way to get the point through. Good luck Victor -----Original Message----- From: raza sharif [mailto:raza () raza demon co uk] Sent: Friday, June 11, 2004 6:42 AM To: pen-test () securityfocus com Subject: Hacking Demo and Test Lab Hi Folks , Im doing some advanced Hacking Demos for management and also Corporates etc. I have a installed windows 2000 server and iis 5.0 on VMWARE GSX server. Im using Webdav and other exploits that all basically should spawn a shell using netcat. Im using XP as my attacking machine. Prob at the moment is Netcat will not spawn a shell regardless of what i try. Any ideas ? i checked the install it is windows 2000 500.1295 no reference to service packs etc. it's a default install. Also what are good demo's etc to run to show real hacking on windows 2000 , iis etc..that i can get to work thanks Raza Raza () raza demon co uk
Current thread:
- Re: Nmap results in spreadsheet format, (continued)
- Re: Nmap results in spreadsheet format Bill Z. (Jun 19)
- Re: Hacking Demo and Test Lab Pablo Sisca (Jun 14)
- Re: Hacking Demo and Test Lab s b (Jun 15)
- Re: Hacking Demo and Test Lab Alberto Gonzalez (Jun 28)
- RE: Hacking Demo and Test Lab Grissett, Chris CONT Ciber (Jun 11)
- RE: Hacking Demo and Test Lab Grissett, Chris CONT Ciber (Jun 11)
- Re: Hacking Demo and Test Lab Martin Wasson (Jun 11)
- Re: Hacking Demo and Test Lab Mr Harry! (Jun 14)
- RE: Hacking Demo and Test Lab Cure, Samuel J (Jun 14)
- RE: Hacking Demo and Test Lab Ben Nagy (Jun 14)
- RE: Hacking Demo and Test Lab Meidinger Chris (Jun 14)
- Re: Hacking Demo and Test Lab Martin Wasson (Jun 16)