update backtrack and shortcuts

======updates==========Update the Package Index: The APT package index is essentially a database of available packages from the repositories defined in the /etc/apt/sources.list file. To update the local package index with the latest changes made in repositories, type the following:

sudo apt-get update

Upgrade Packages: Over time, updated versions of packages currently installed on your computer may become available from the package repositories (for example security updates). To upgrade your system, first update your package index as outlined above, and then type:

sudo apt-get upgrade
======change the IP address BEGIN==========
1. Login to the system and open up /etc/network/interfaces 
 sub0@natty:~$ sudo nano /etc/network/interfaces 
2. Modify the last line:
 iface eth0 inet static 
3. Change the ip. The primary network interface auto eth0 
 iface eth0 inet  
 static address 192.168.1.5 
 netmask 255.255.255.0
 gateway 192.168.1.1 
4. save it. and run 
 sub0@natty:~$ sudo ifdown eth0 
 sub0@natty:~$ sudo ifup eth0

======update meterpreter==========
1. msfupdate
more info @ https://community.rapid7.com/docs/DOC-1306
======update BackTrack==========

apt-get update
apt-get upgrade

======start dradis=========
1. root@bt:~# cd /pentest/misc/dradis/
root@bt:/pentest/misc/dradis# ./start.sh
2. Navigate to https://localhost:3004/
3. user and password = dradis
4. db_import didnt import so import from the web interface
======Installing Metasploit Framework + PostgreSQL DB Backend Under Ubuntu 12.04 LTS==========
http://dangertux.wordpress.com/2011/12/08/installing-metasploit-framework-postgresql-db-backend-under-ubuntu-12-04-lts/

======adding Metasploit and the Pcaprub wrapper=========
http://blog.carlosgarciaprado.com/?tag=metasploit-pcaprub-pentesting
http://redmine.backtrack-linux.org:8080/issues/148

Comments

VM 9 : PHP Include And Post Exploitation

Walkthrough 1. https://medium.com/@Kan1shka9/pentesterlab-php-include-and-post-exploitation-walkthrough-8a85bcfa7b1d 2. Ine [] 3. http://megwhite.com.au/pentester-lab-bootcamp-walkthrough-php-include-post-exploitation/ 4. http://fallensnow-jack.blogspot.com/2014/07/pentester-lab-php-lfi-post-exploitation.html Notes: root@kali:~# nmap 10.0.0.12 Starting Nmap 7.40 ( https://nmap.org ) at 2017-05-30 12:23 EDT Nmap scan report for 10.0.0.12 Host is up (0.00035s latency). Not shown: 999 filtered ports PORT STATE SERVICE 80/tcp open http MAC Address: 08:00:27:1F:12:24 (Oracle VirtualBox virtual NIC) Nmap done: 1 IP address (1 host up) scanned in 5.31 seconds root@kali:~# Enumerating port 80 Run dirb root@kali:~# dirb http://10.0.0.12/ ----------------- DIRB v2.22 By The Dark Raver...

VM 5: Vulnix :

Walkthru: A. https://mrh4sh.github.io/vulnix-solution [SMTP and Finger enumeration, creating linux user with specific UID, root squashing, ssh pwd cracking using medusa & hydra, logging using ssh keys, updating /usr/sbin/exportfs] B. http://overflowsecurity.com/hacklab-vulnix/ [ same as above. create ssh keys for root and copied to victim to login as root w/o recovering pwd] C. https://www.rebootuser.com/?p=988[ local bash shell from nfs] B. https://www.vulnhub.com/?q=vulnix&sort=date-des&type=vm [list of solutions] D. https://www.rebootuser.com/?p=988 [User Enumeration #1 – SMTP, Finger; Entry Point including hydra, Putty(using rlogin service), nfs (showmount,mount) ] Notes: - As you can see the root user is the only account which is logged on the remote host.Now that we have a specific username we can use it in order to obtain more information about this user with the command finger root@host . - Another effective use of the finger...

Penetration Testing Framework 0.57

Network Footprinting (Reconnaissance) The tester would attempt to gather as much information as possible about the selected network. Reconnaissance can take two forms i.e. active and passive. A passive attack is always the best starting point as this would normally defeat intrusion detection systems and other forms of protection etc. afforded to the network. This would usually involve trying to discover publicly available information by utilising a web browser and visiting newsgroups etc. An active form would be more intrusive and may show up in audit logs and may take the form of an attempted DNS zone transfer or a social engineering type of attack. http://www.vulnerabilityassessment.co.uk/

nagpentest

Search This Blog