Re: A small question regarding IP

[Kurt Grutzmacher <grutz () jingojango net>]

Don't believe the haters.  Metasploit is super amazing and has already found
systems you can hack. It puts them in this file called "hosts":

For backtrack: cat /etc/hosts
For Windows XP: type c:\windows\system32\drivers\etc\hosts

Good luck!

--
 Kurt Grutzmacher -=- grutz () jingojango net


On Fri, Sep 16, 2011 at 4:47 PM, Sean Keane <keanesf () gmail com> wrote:

> Lolling, try ping 'hostname' ex: ping google.com also you should try to
> learn how to use nmap among other tools.
>
> but as everyone has stated your missing the whole recon phase of attacking
> a network, your lack of understanding of how networks operate will get you
> caught. Read a book on TCP\IP or CCNA. My advice set up metasploitable in a
> virtual machine and play with that. Also download backtrack or any other
> security distro and explore that, while metasploit is a great framework
> theres alot more to pentesting a network than running autopwn on a host.
>
> On Fri, Sep 16, 2011 at 16:14, Travis Phillips <
> perfect_insanity2004 () yahoo com> wrote:
>
> > Okay. Do not hack a system that your not authorized to attack by that
> > systems owner. This is illegal under the computer misuse act of 1990.
> >
> > However. For finding the IP address of remote host. If you don't know how
> > to do this then you shouldn't be using metasploit as you lack a proper
> > foundation to work off of. You should read the hacking exposed book series.
> > While its exploit section is out of date the "framework" of the testing
> > methods are tried and true. I suggest you look at that first as the first
> > step in any pentest is PASSIVE FOOTPRINTING! Meaning check everything you
> > can without being intrusive.
> >
> > This means finding their IP address and netblocks. Using whois to find
> > admins and contacts and address, and searching forums for people who ask
> > tech questions who may have revealed a little too much info about there
> > systems. Find there servers that offer public services, and public offices
> > with poor security.
> >
> > If I were to give you a webserver, you should be able to tell me the IP
> > address, the web server software and the version, the OS, and were its
> > located. Till you can do that you shouldn't be using exploits as an attack
> > should be more of a surgical attack, not throwing everything and the kitchen
> > sink at the server.
> >
> > Hacking exposed explained this as the same as a person looking to rob a
> > bank may go look for cameras and guards in the bank first to make things go
> > smoother. So practice this first.
> >
> > Final thoughts. I implore you to learn as much as you can. I love my
> > research and break no laws in doing so. Build a lab in your home with spare
> > boxes or VMs or find a college that will allow your research in their labs
> > (most schools have an IT sec program. In my school I found an IT sec
> > instructor that has a lab that's got an offline network and he lets me use
> > that and request help in making new labs and also captures memory dumps for
> > his forensics class to analyze. A fair deal both ways.) You can also join
> > wargame sites such as "hack this site" to practice your hacking skills and
> > compete in hacking competitions like SANS NetWars and also see if colleges
> > in your area run CTF challenges.
> >
> > With all that said, there is no reason to break laws to learn hacking
> > skills. So take the black hat off and throw on the white hat! You can't
> > change the things you done but you can control your future. So its never to
> > late to switch teams and call yourself a researcher! In the words of
> > Spidermans aunt "with great power comes great responsibility."
> >
> > Cheers mate,
> >
> > Travis Phillips
> > (http://theunl33t.blogspot.com)
> >
> > Sent from Yahoo! Mail on Android
> >
> > _______________________________________________
> > https://mail.metasploit.com/mailman/listinfo/framework
>
> _______________________________________________
> https://mail.metasploit.com/mailman/listinfo/framework
_______________________________________________
https://mail.metasploit.com/mailman/listinfo/framework