Penetration Testing mailing list archives
RE: Hacking Demo and Test Lab
From: "Ben Nagy" <ben () iagu net>
Date: Mon, 14 Jun 2004 17:35:34 +0200
Although I would consider this to be a 'management' hacking demo rather than 'advanced' hacking, I have done pretty much exactly the same demo. :) Couple of other ideas - I have used TightVNC, which you can configure not to display a toolbar icon. To demo stepping-stone attacks you can compromise a webserver or whatever behind a firewall, then compromise a second machine from the webserver, install VNC on #2 and bounce there using fport or something on #1 - even if outside communication to the second machine is denied by the firewall. Another nice one is to install a keylogger and collect a CC number from inside HTTPS sessions or maybe a PGP passphrase - seems to be the FBI favourite ;) This is all very lame, obviously, but it's just for demos, right? ben
-----Original Message----- From: Cure, Samuel J [mailto:scure () kpmg com] Sent: Friday, June 11, 2004 10:21 PM To: 'Victor Chapela'; 'raza sharif'; pen-test () securityfocus com Subject: RE: Hacking Demo and Test Lab Or have the remote system running VNC anyway. Then connect to the remote registry with credentials and decrypt the VNC password using Cain, then connect.
[...]
-----Original Message----- From: Victor Chapela [mailto:victor () sm4rt com]
[...]
I am not sure about VMWare, I also had some problems running demos consistently and decided to use a separate machine. I usually do my demos with a similar configuration XP -> 2000. A good 5 min sketch is: - get a remote shell using Jill, iis5hack or dcomexploit - You end up as NT Authority/SYSTEM in all cases, therefore you can add yourself as an administrator - connect to the admin$ share using your new credentials - dump the SAM file with pwdump3 - crack some hashes using john - copy winvnc to system32 - add your vnc password to the remote registry - install and start winvnc remotely - start a VNC session
[...]
-----Original Message----- From: raza sharif [mailto:raza () raza demon co uk] Sent: Friday, June 11, 2004 6:42 AM To: pen-test () securityfocus com Subject: Hacking Demo and Test Lab Hi Folks , Im doing some advanced Hacking Demos for management and also Corporates etc.
Current thread:
- Re: Nmap results in spreadsheet format, (continued)
- Re: Nmap results in spreadsheet format Eric Paynter (Jun 17)
- Re: Nmap results in spreadsheet format Bill Z. (Jun 19)
- Re: Hacking Demo and Test Lab Pablo Sisca (Jun 14)
- Re: Hacking Demo and Test Lab s b (Jun 15)
- Re: Hacking Demo and Test Lab Alberto Gonzalez (Jun 28)
- RE: Hacking Demo and Test Lab Grissett, Chris CONT Ciber (Jun 11)
- RE: Hacking Demo and Test Lab Grissett, Chris CONT Ciber (Jun 11)
- Re: Hacking Demo and Test Lab Martin Wasson (Jun 11)
- Re: Hacking Demo and Test Lab Mr Harry! (Jun 14)
- RE: Hacking Demo and Test Lab Cure, Samuel J (Jun 14)
- RE: Hacking Demo and Test Lab Ben Nagy (Jun 14)
- RE: Hacking Demo and Test Lab Meidinger Chris (Jun 14)
- Re: Hacking Demo and Test Lab Martin Wasson (Jun 16)