RE: Hacking Demo and Test Lab

From: Ben Nagy (ben_at_iagu.net)
Date: 06/14/04

  • Next message: Pablo Sisca: "Re: Hacking Demo and Test Lab" 
    To: <pen-test@securityfocus.com>
Date: Mon, 14 Jun 2004 17:35:34 +0200

    Although I would consider this to be a 'management' hacking demo rather than
    'advanced' hacking, I have done pretty much exactly the same demo. :)

    Couple of other ideas - I have used TightVNC, which you can configure not to
    display a toolbar icon.

    To demo stepping-stone attacks you can compromise a webserver or whatever
    behind a firewall, then compromise a second machine from the webserver,
    install VNC on #2 and bounce there using fport or something on #1 - even if
    outside communication to the second machine is denied by the firewall.

    Another nice one is to install a keylogger and collect a CC number from
    inside HTTPS sessions or maybe a PGP passphrase - seems to be the FBI
    favourite ;)

    This is all very lame, obviously, but it's just for demos, right?

    ben

    > -----Original Message-----
    > From: Cure, Samuel J [mailto:scure@kpmg.com]
    > Sent: Friday, June 11, 2004 10:21 PM
    > To: 'Victor Chapela'; 'raza sharif'; pen-test@securityfocus.com
    > Subject: RE: Hacking Demo and Test Lab
    >
    > Or have the remote system running VNC anyway. Then connect to
    > the remote registry with credentials and decrypt the VNC
    > password using Cain, then connect.
    [...]
    > -----Original Message-----
    > From: Victor Chapela [mailto:victor@sm4rt.com]
    [...]
    > I am not sure about VMWare, I also had some problems running
    > demos consistently and decided to use a separate machine.
    >
    > I usually do my demos with a similar configuration XP -> 2000.
    >
    > A good 5 min sketch is:
    > - get a remote shell using Jill, iis5hack or dcomexploit
    > - You end up as NT Authority/SYSTEM in all cases, therefore
    > you can add yourself as an administrator
    > - connect to the admin$ share using your new credentials
    > - dump the SAM file with pwdump3
    > - crack some hashes using john
    > - copy winvnc to system32
    > - add your vnc password to the remote registry
    > - install and start winvnc remotely
    > - start a VNC session
    [...]
    > -----Original Message-----
    > From: raza sharif [mailto:raza@raza.demon.co.uk]
    > Sent: Friday, June 11, 2004 6:42 AM
    > To: pen-test@securityfocus.com
    > Subject: Hacking Demo and Test Lab
    >
    >
    >
    > Hi Folks ,
    >
    >
    >
    > Im doing some advanced Hacking Demos for management and also
    > Corporates etc.

  • Next message: Pablo Sisca: "Re: Hacking Demo and Test Lab"