Penetration Testing mailing list archives
RE: Hacking Demo and Test Lab
From: "Cure, Samuel J" <scure () kpmg com>
Date: Fri, 11 Jun 2004 15:21:11 -0500
Or have the remote system running VNC anyway. Then connect to the remote registry with credentials and decrypt the VNC password using Cain, then connect. Samuel J. Cure KPMG LLP, Risk and Advisory Services 303 Peachtree Street, Suite 2000 Atlanta, GA 30308 mobile: 404.861.9436 - office: 404.222.3043 -----Original Message----- From: Victor Chapela [mailto:victor () sm4rt com] Sent: Friday, June 11, 2004 2:00 PM To: 'raza sharif'; pen-test () securityfocus com Subject: RE: Hacking Demo and Test Lab I am not sure about VMWare, I also had some problems running demos consistently and decided to use a separate machine. I usually do my demos with a similar configuration XP -> 2000. A good 5 min sketch is: - get a remote shell using Jill, iis5hack or dcomexploit - You end up as NT Authority/SYSTEM in all cases, therefore you can add yourself as an administrator - connect to the admin$ share using your new credentials - dump the SAM file with pwdump3 - crack some hashes using john - copy winvnc to system32 - add your vnc password to the remote registry - install and start winvnc remotely - start a VNC session Even though you will rarely need to install vnc while pen testing, I have found that for demos it is a very good way to get the point through. Good luck Victor -----Original Message----- From: raza sharif [mailto:raza () raza demon co uk] Sent: Friday, June 11, 2004 6:42 AM To: pen-test () securityfocus com Subject: Hacking Demo and Test Lab Hi Folks , Im doing some advanced Hacking Demos for management and also Corporates etc. I have a installed windows 2000 server and iis 5.0 on VMWARE GSX server. Im using Webdav and other exploits that all basically should spawn a shell using netcat. Im using XP as my attacking machine. Prob at the moment is Netcat will not spawn a shell regardless of what i try. Any ideas ? i checked the install it is windows 2000 500.1295 no reference to service packs etc. it's a default install. Also what are good demo's etc to run to show real hacking on windows 2000 , iis etc..that i can get to work thanks Raza Raza () raza demon co uk ***************************************************************************** The information in this email is confidential and may be legally privileged. It is intended solely for the addressee. Access to this email by anyone else is unauthorized. If you are not the intended recipient, any disclosure, copying, distribution or any action taken or omitted to be taken in reliance on it, is prohibited and may be unlawful. When addressed to our clients any opinions or advice contained in this email are subject to the terms and conditions expressed in the governing KPMG client engagement letter. *****************************************************************************
Current thread:
- Re: Nmap results in spreadsheet format, (continued)
- Re: Nmap results in spreadsheet format Bill Z. (Jun 17)
- Re: Nmap results in spreadsheet format Eric Paynter (Jun 17)
- Re: Nmap results in spreadsheet format Bill Z. (Jun 19)
- Re: Hacking Demo and Test Lab s b (Jun 15)
- Re: Hacking Demo and Test Lab Mr Harry! (Jun 14)
- RE: Hacking Demo and Test Lab Ben Nagy (Jun 14)