EvilZone
Hacking and Security => Hacking and Security => : L0rd_M@dness April 02, 2013, 02:40:43 AM
-
I'm a noob in hacking. It's true.
I just started learning metasploit, but I want to try it out hands on and I need a target IP. While I could just setup a LAN and hack myself, I want to learn how to find a target first.
What's this technique actually called (Target hunting?) How do I do this? How can I learn more about it?
-
You mean "information gathering" about a system or a person ? Check those links
Hacking Fundamentals Chap.1 Information Gathering By: Evox (https://forum.intern0t.org/offensive-guides-information/1308-hacking-fundamentals-chap-1-information-gathering-evox.html)
INFORMATION GATHERING (http://www.social-engineer.org/framework/Social_Engineering_Framework#PART_II:_INFORMATION_GATHERING)
-
Yes, yes that's awesome! Thank you!
-
If you have money you can watch excellent courses at
thehackeracademy
or
Security Tube (MANY free videos here)
-
The Iron Geek (ugly website :( ) posted some links few weeks ago just for this, take a look here: http://www.irongeek.com/i.php?page=security%2Fdoxing-footprinting-cyberstalking
-
hackademy.us
this is a prefect place to practice..
Its free aswell
all these servers are build to be hacked by the owner! so its legal!
Good luck.
-
thanks everyone. I was just looking for "Information Gathering" which gexxos answered, but I also found lots of resources for learning hacking in general which is awesome.
<3 evilzone. thanks again guys.
-
A quick note; no piece of information is useless. Whilst researching a target you're bound to find information that, at the time, you may not deem useful. Don't discard it until you're done. Afterward, destroy everything(or securely store it...be paranoid).
-
Profiling, or fingerprinting I believe. nsa.gov "go big or go home" :P
-
You wana hack someone with metasploit,ok.
1.Did you try to hack other computer with metasploit in your LAN,or if you dont have other computer you can set up wmware,did you do anything of that?
if you done 1.:then you ready to do it over internet,you need to open a port on your router,its called port forwarding so
victim can connect to you evil genius.Watch some tutorials,when you shure you do it right feel free to send me your evil.exe i will run it and if you did it right you will got your session.
-
Thanks Xires and noob for the awesome tips.ok so I learned some basics about metasploit and how the pentesting and exploitation process works and stuff. I also learned a bit about info gathering with nmap. I can collect IP addresses in LAN and find the open ports.
I have a LAN available with all the machines running win7 (not updated) so in order to be able to do anything on them, I need an exploit which takes advantage of a win7 flaw. (or several exploits, which I'll test one by one)
So... how do I find such thing? Do i just go to exploit-db and search for "windows 7 exploit"?
-
yep that can help, not all known exploits are in metasploit. there is however a good number of windows exploits in metasploit already. its a long shot but you can set metasploit to use postgresql and use db_nmap to scan your LAN then use db_autopwn. that all takes some in depth knowledge of metasploit but its not overly complicated. One good bet with out of date systems is browser autopwn.
-
yep that can help, not all known exploits are in metasploit. there is however a good number of windows exploits in metasploit already. its a long shot but you can set metasploit to use postgresql and use db_nmap to scan your LAN then use db_autopwn. that all takes some in depth knowledge of metasploit but its not overly complicated. One good bet with out of date systems is browser autopwn.
Using autopwn takes some in-depth knowledge of metasploit... Seems legit.
-
Using autopwn takes some in-depth knowledge of metasploit... Seems legit.
^ lol :) +1
-
Using autopwn takes some in-depth knowledge of metasploit... Seems legit.
I'm too noob to use autopwn... Also too noob to realize that autopwn is the best method for being detected and will leave a bunch of signatures on the target box... I just don't like it so I'll pass.
I can find windows exploits, but they're called CVE-a098v09a8dsf0a, i don't know how to use this on metasploit.
Basically, I don't know how to figure out what module is associated with that CVE exploit?
...
Also somebody said exploit-db doesn't have all exploits?
Where else could I search for exploit?
...
Also for future reference, this video really helped me a lot (+the rest of the series by the same guy): [size=78%]http://www.youtube.com/watch?v=THxLX1gdZys (http://www.youtube.com/watch?v=THxLX1gdZys)[/size]
-
I'm too noob to use autopwn... Also too noob to realize that autopwn is the best method for being detected and will leave a bunch of signatures on the target box... I just don't like it so I'll pass.
I can find windows exploits, but they're called CVE-a098v09a8dsf0a, i don't know how to use this on metasploit.
Basically, I don't know how to figure out what module is associated with that CVE exploit?
...
Also somebody said exploit-db doesn't have all exploits?
Where else could I search for exploit?
...
Also for future reference, this video really helped me a lot (+the rest of the series by the same guy): [size=78%]http://www.youtube.com/watch?v=THxLX1gdZys (http://www.youtube.com/watch?v=THxLX1gdZys)[/size]
using metasploit in general will leave traces no matter wat exploit you use but for lab environments its fine. there are tons of guides and junk out there on how to set all that up, you can do it! :D as for other places to get exploits, you can check out [size=78%]http://www.1337day.com/ (http://www.1337day.com/)[/size] there are other places but most are invite only. a note on cves, just because there is a cve for a vulnerability does not mean there is a working exploit for it, and you can search by cve at exploit-db which can be helpful.