RE: Hacking Demo and Test Lab

From: Cure, Samuel J (scure_at_kpmg.com)
Date: 06/11/04

  • Next message: Jerry Shenk: "Nmap results in spread*** format" 
    To: "'Victor Chapela'" <victor@sm4rt.com>, "'raza sharif'" <raza@raza.demon.co.uk>, pen-test@securityfocus.com
Date: Fri, 11 Jun 2004 15:21:11 -0500

    Or have the remote system running VNC anyway. Then connect to the remote
    registry with credentials and decrypt the VNC password using Cain, then
    connect.

    Samuel J. Cure
    KPMG LLP, Risk and Advisory Services
    303 Peachtree Street, Suite 2000
    Atlanta, GA 30308
    mobile: 404.861.9436 - office: 404.222.3043

    -----Original Message-----
    From: Victor Chapela [mailto:victor@sm4rt.com]
    Sent: Friday, June 11, 2004 2:00 PM
    To: 'raza sharif'; pen-test@securityfocus.com
    Subject: RE: Hacking Demo and Test Lab

    I am not sure about VMWare, I also had some problems running demos
    consistently and decided to use a separate machine.

    I usually do my demos with a similar configuration XP -> 2000.

    A good 5 min sketch is:
    - get a remote shell using Jill, iis5hack or dcomexploit
    - You end up as NT Authority/SYSTEM in all cases, therefore you can add
    yourself as an administrator
    - connect to the admin$ share using your new credentials
    - dump the SAM file with pwdump3
    - crack some hashes using john
    - copy winvnc to system32
    - add your vnc password to the remote registry
    - install and start winvnc remotely
    - start a VNC session

    Even though you will rarely need to install vnc while pen testing, I have
    found that for demos it is a very good way to get the point through.

    Good luck

    Victor

    -----Original Message-----
    From: raza sharif [mailto:raza@raza.demon.co.uk]
    Sent: Friday, June 11, 2004 6:42 AM
    To: pen-test@securityfocus.com
    Subject: Hacking Demo and Test Lab

    Hi Folks ,

    Im doing some advanced Hacking Demos for management and also Corporates etc.

    I have a installed windows 2000 server and iis 5.0 on VMWARE GSX server.

    Im using Webdav and other exploits that all basically should spawn a shell
    using netcat.

    Im using XP as my attacking machine.

    Prob at the moment is Netcat will not spawn a shell regardless of what i
    try.

    Any ideas ? i checked the install it is windows 2000 500.1295 no reference
    to service packs etc. it's a default install.

    Also what are good demo's etc to run to show real hacking on windows 2000 ,
    iis etc..that i can get to work

    thanks

    Raza

    Raza@raza.demon.co.uk

    *****************************************************************************
    The information in this email is confidential and may be legally privileged.
    It is intended solely for the addressee. Access to this email by anyone else
    is unauthorized.

    If you are not the intended recipient, any disclosure, copying, distribution
    or any action taken or omitted to be taken in reliance on it, is prohibited
    and may be unlawful. When addressed to our clients any opinions or advice
    contained in this email are subject to the terms and conditions expressed in
    the governing KPMG client engagement letter.
    *****************************************************************************

  • Next message: Jerry Shenk: "Nmap results in spread*** format"
    • Quantcast