Penetration Testing mailing list archives
Re: LAN pen test
From: Bruno Cesar Moreira de Souza <bcmsouza () yahoo com br>
Date: Thu, 7 Dec 2006 14:47:58 -0300 (ART)
Hi Only a review of my statement in the last post, because I think was not enough clear: "you could try ... exploiting an Internet Explorer flaw..." change for this: "If you were doing an internal pen-test trying to own the network administrator workstation, you could try to do a DNS poisoning or just an arp poisoning attack (take a look on ettercap and dsniff) to redirect the http connection of your target, for your 'evil' http service with a 0day Internet Explorer exploit." Cheers, Bruno Cesar M. de Souza --- Bruno Cesar Moreira de Souza <bcmsouza () yahoo com br> escreveu:
Hi, For an updated XP machine, whithout additional network services or network applications, maybe you will need a 0day exploit - an exploit for a vulnerability not yet patched by the vendor. Sometimes, security researches disclose 0day exploits for the public. Recently, some exploits for Internet Explorer and MS Office applications were disclosed before Microsoft could patch the holes. If you were doing an internal pen-test trying to own the network administrator workstation, you could try to do a DNS poisoning or just an arp poisoning attack (take a look on ettercap and dsniff) to redirect the target for your web site, exploiting an Internet Explorer flaw, for example. But if you can´t find a known vulnerability for your target, you can try by yourself discover a security hole and write an exploit. A suggestion: in the learning of the "pen-test art" is better to first understand deeper the common kinds of vulnerabilities and have the fundamentals, instead of just run exploits downloaded from the web. Best Regards, Bruno Cesar Moreira de Souza --- mifa () stangercorp com escreveu:I have gone through the eh course and I still donotfeel like I can really understand how to pen test.None of the exploits or methods seem to work on a updated xp machine. I set up a vm ware network to practice on. I can not seem to make any progress because the information I have is outdated. Can anyone point me to a resource that would helpmegain access to an xp machine that is running automatic updates (my vm). I cant seem to do itonethe lan any way other than to use a trojan andwhatwould be to point of pen testing a system if the only way in is via trojan; thats standardseucrity,dont run programs from email, blah blah blah...
------------------------------------------------------------------------
This List Sponsored by: Cenzic Need to secure your web apps? Cenzic Hailstorm finds vulnerabilities fast. Click the link to buy it, try it or download Hailstorm for FREE.
http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW
------------------------------------------------------------------------
_______________________________________________________
Você quer respostas para suas perguntas? Ou você sabe muito e quer compartilhar seu conhecimento? Experimente o Yahoo! Respostas ! http://br.answers.yahoo.com/
__________________________________________________ Fale com seus amigos de graça com o novo Yahoo! Messenger http://br.messenger.yahoo.com/ ------------------------------------------------------------------------ This List Sponsored by: Cenzic Need to secure your web apps? Cenzic Hailstorm finds vulnerabilities fast. Click the link to buy it, try it or download Hailstorm for FREE. http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW ------------------------------------------------------------------------
Current thread:
- LAN pen test mifa (Dec 05)
- Re: LAN pen test Jerome Athias (Dec 05)
- Re: LAN pen test Krugger (Dec 07)
- RE: LAN pen test Clemens, Dan (Dec 07)
- Re: LAN pen test Cleiton Martins (Dec 05)
- Re: LAN pen test killy (Dec 07)
- Re: LAN pen test Bruno Cesar Moreira de Souza (Dec 07)
- Re: LAN pen test Pete Herzog (Dec 10)
- Re: LAN pen test Christine Kronberg (Dec 11)
- <Possible follow-ups>
- Re: LAN pen test anonymouse (Dec 05)
- Re: LAN pen test Bruno Cesar Moreira de Souza (Dec 07)
- RE: LAN pen test Nelson Brito (Dec 10)
- Re: LAN pen test Krugger (Dec 10)
- Re: LAN pen test Nick (Dec 11)
- RE: LAN pen test mifa (Dec 16)
- Re: LAN pen test Jerome Athias (Dec 05)