Linux as a Target in Penetration Testing and Vulnerability scan and found Vulnix Guide weaknesses proactive penetration testing be verified with respect to safety is one of the most important results. Here intended to identify weaknesses and use them along with possible false-positives, and the importance of extracting a much higher target level of authorized access to, ensuring thus the capabilities of malicious attackers is to provide a simulation. This blog notes, home chef corporate environments, although much more limited compared to Windows systems, though with an area of database, middleware and so on. on Linux systems often preferred for example how to perform a penetration test can be addressed. The first target for Linux systems in the process of infiltration into the system in a way that is to get right of entry. After completion of this process is intended to improve the rights of existing users. For example, the core (kernel) versions of weakness that allows the determination of examining the rights to upgrade and if you have the rights to be accessed using the root is one of the most classic way. Vulnix distribution to be studied here, has been released on 10.09.12 on the specific openings is hosting an educational Ubuntu distribution. General characteristics can be obtained from the connection, are provided below the image. CTF applications can be considered as the main aim of this image in the / root directory to access the contents of the file is located under the trophy. home chef Architecture: x86 Format: home chef VMware (vmx & VMDK) RAM: 512MB Network: NAT Size: 194mb - 7zip issued Appearance: 820MB Virgin Backtrack5r3 for testing on Linux distributions and tools will be used. BT5 can access the link to the image. Vulnix case after it has been compressed image obtained and VMware Workstation on the File> Open in the menu after specifying the path Vulnix.vmx run. Or you can open the file directly by double-clicking.
Here to be considered is that the network connection is left in NAT mode. Therefore, if you specify what network the host computer Vulnix NAT network that the network will automatically IP. To see that this network subnet Workstation on which to Edit> Virtual Network Editor as follows: a screen that can be seen after connection is sufficient.
In our example, home chef obtains home chef an IP address from the range Vulnix image shows 192.168.1.0/24. According to our environment is ready to follow the classical steps we can begin to leak test. 1 Discovery and IP / Port Scanning Nmap using the tool in this step which Vulnix get the IP address of the image and will be determined on the open ports serving. For this out BT5 nmap scanning parameters can be calibrated as follows. root @ agguvenlig is: ~ # nmap-h-s - top-ports 1000-T4-O - open after scanning 192.168.1.0/24 screenshot is as follows.
2 Services out to gather information. VRFY SMTP command can be used on the SMTP server on the server can be used to identify the presence of current users. The command used as follows. If the user exists on the system 252 response will be returning a 550 response can not be found. home chef root @ agguvenlig is: ~ # telnet hedef_ip_adre geçersiz_kullanıcı_a VRFY has had 25 VRFY geçerli_kullanıcı_a a sample of results is as follows (IP value varies according to the present Vulnix server):
This process home chef automatically using a specific dictionary within Metasploit to perform the auxiliary / scanner / smtp / smtp_en module used. msf> home chef use auxiliary / scanner / smtp / smtp_en my msf auxiliary (smtp_en I)> set rhosts 192.168.1.101 msf auxiliary (smtp_en I)> run
b. FINGER another service that can be used to gather information on the system that appears to be clear is the finger service. This service is available to users on a Linux system that offers information is a service home chef that could be dangerous. The control is done manually agguvenlig root @: ~ # finger-l-p vulnix@192.168.1.101 command is executed. If the finger package installed on the system will be an error as below. In this case, (the network adapter will be adjusted to the Internet after) package must be loaded finger (IP value varies according to the present Vulnix server):
Thus, by running the command Finger vulnix give users information on the shape of the finger service is as follows with. Results shell running on the user's system that are seen to be possible.
Note: Due to weakness resulting in the SMTP service home chef user name (root, backup, bin, and daemon) is obtained the same results when tested. To automate this process with the help of a dictionary, a command set can be used as follows. In this way, the user name within the entire dictionary with the finger service on the target system, whether there is explored. root @ agguvenlig is: ~ # cat / opt / metastasis
No comments:
Post a Comment