Metasploitable is a kind of vulnerable Linux virtual machine image for penetration testing. It is Debian 32bit based operation system, and ready for usage without any configuration... It contains some payloads, encoder, exploit tools in it.
You can have a search on https://www.vulnhub.com/ or you can directly download the latest version from the following link: https://www.vulnhub.com/entry/metasploitable-2,29/
Do not forget to activate PAE/NX feature on the virtual environment under the System/Processor options.
Keep up-to-date:
Do with the sudo user:
apt upgrade
apt install metasploit-install
Let the attack begin!
5 Ekim 2013 Cumartesi
3 Ekim 2013 Perşembe
Kali Linux: first things to do after installation
Adding mirros:
Open the terminal as sudo user and;
apt update
apt upgrade
Mirrors will be added automaticly after above operations...
If you are facing keyboard issue(I am usually facing, because of the usage of *.ova virtual images), you may want to change the keyboard settings. to do this, you can use following instruction;
setxkbmap tr
***"tr" for turkish...
One more tricky thing, to use kali in virtual box in full screen mode, appyl following instructions too;
apt install virtual box
You will see a list of available extensions, install below item;
apt install virtualbox-guest-x11
The name of this item may change depanding on the virtualbox version, year, etc... just to know there is a possibility for full screen mode, you may need additional search on the internet...
2 Nisan 2013 Salı
ARP Poisoning
nmap or netdiscover super fine way to determine the ip addresses in the LAN. I assume that we already passed the getting information part...
ARP --> to see the IP addresses+MAC addresses that we already have communication...
wireshark --> a nice tool to see the traffic...
to activate forwarding: echo 1 > /proc/sys/net/ipv4/ip_forward
ping target
arpspoof [-i interface] [-t target] [-r host]
arpspoof -i eth0 -t 192.168.1.XXX -r 192.168.1.1
ARP --> to see the IP addresses+MAC addresses that we already have communication...
wireshark --> a nice tool to see the traffic...
to activate forwarding: echo 1 > /proc/sys/net/ipv4/ip_forward
ping target
arpspoof [-i interface] [-t target] [-r host]
arpspoof -i eth0 -t 192.168.1.XXX -r 192.168.1.1
24 Mart 2013 Pazar
List of TCP and UDP port numbers
1 TCP Port Service Multiplexer (TCPMUX)
5 Remote Job Entry (RJE)
7 ECHO
18 Message Send Protocol (MSP)
20 FTP -- Data
21 FTP -- Control
22 SSH Remote Login Protocol
23 Telnet
25 Simple Mail Transfer Protocol (SMTP)
29 MSG ICP
37 Time
42 Host Name Server (Nameserv)
43 WhoIs
49 Login Host Protocol (Login)
53 Domain Name System (DNS)
69 Trivial File Transfer Protocol (TFTP)
70 Gopher Services
79 Finger
80 HTTP
103 X.400 Standard
108 SNA Gateway Access Server
109 POP2
110 POP3
115 Simple File Transfer Protocol (SFTP)
118 SQL Services
119 Newsgroup (NNTP)
137 NetBIOS Name Service
139 NetBIOS Datagram Service
143 Interim Mail Access Protocol (IMAP)
150 NetBIOS Session Service
156 SQL Server
161 SNMP
179 Border Gateway Protocol (BGP)
190 Gateway Access Control Protocol (GACP)
194 Internet Relay Chat (IRC)
197 Directory Location Service (DLS)
389 Lightweight Directory Access Protocol (LDAP)
396 Novell Netware over IP
443 HTTPS
444 Simple Network Paging Protocol (SNPP)
445 Microsoft-DS
458 Apple QuickTime
546 DHCP Client
547 DHCP Server
563 SNEWS
569 MSN
1080 Socks
For more details: https://en.wikipedia.org/wiki/List_of_TCP_and_UDP_port_numbers
5 Remote Job Entry (RJE)
7 ECHO
18 Message Send Protocol (MSP)
20 FTP -- Data
21 FTP -- Control
22 SSH Remote Login Protocol
23 Telnet
25 Simple Mail Transfer Protocol (SMTP)
29 MSG ICP
37 Time
42 Host Name Server (Nameserv)
43 WhoIs
49 Login Host Protocol (Login)
53 Domain Name System (DNS)
69 Trivial File Transfer Protocol (TFTP)
70 Gopher Services
79 Finger
80 HTTP
103 X.400 Standard
108 SNA Gateway Access Server
109 POP2
110 POP3
115 Simple File Transfer Protocol (SFTP)
118 SQL Services
119 Newsgroup (NNTP)
137 NetBIOS Name Service
139 NetBIOS Datagram Service
143 Interim Mail Access Protocol (IMAP)
150 NetBIOS Session Service
156 SQL Server
161 SNMP
179 Border Gateway Protocol (BGP)
190 Gateway Access Control Protocol (GACP)
194 Internet Relay Chat (IRC)
197 Directory Location Service (DLS)
389 Lightweight Directory Access Protocol (LDAP)
396 Novell Netware over IP
443 HTTPS
444 Simple Network Paging Protocol (SNPP)
445 Microsoft-DS
458 Apple QuickTime
546 DHCP Client
547 DHCP Server
563 SNEWS
569 MSN
1080 Socks
For more details: https://en.wikipedia.org/wiki/List_of_TCP_and_UDP_port_numbers
22 Mart 2013 Cuma
Shell - Linux structure
Application programs: Mail-FTP-DBMS, etc...
Shell: Interaction btw user and OS.
Kernel: Hearth of OS. Bridge btween hardware and user interface. I/O, processes
Hardware: CPU-GPU-Harddisk-etc. physicall
*-----
We can access to the shell via terminal. Terminal is not the shell, just a kind of emulator...
to see version of the shell type below command on terminal;
echo $SHELL
to see kernel;
uname
for more information regarding kernel;
uname - a
19 Mart 2013 Salı
Linux commands
command -parameter+argument
touch --> creates a file(touch afile)
echo linux > afile --> type a text to target file
cat -->shows the content of the mentioned file(cat afile)
echo dontoverwrite >> afile (> overwrites, >> does not overwrite)
head --> first 8 rows
tail --> last 8 rows
more --> read line by line by pressing enter(press Ctrl+C to break more)
pwd --> where I am exactly?
ls --> shows the content of the folder you are in
ls - ln --> shows the content of the entire directory with the permission rights
cd --> jump upper level
cd +arg --> jump to folder arg
mkdir +arg --> creates a new folder named arg
rmdir +arg --> deletes the folder arg(same as command: rm)
cp --> copy a file(cp sourceFile targetFileWithNewName)
cp -r --> copy a folder(cp -r sourceFolder targetFolderWithNewName)
mv --> cut a file(mv file targetFolder)
mv --> addition of cur functionality, also changes the name of a file(mv file newName)
find --> search function. (find Folder)
locate --> same as find command.
man --> manual for the commands(man grep)
help --> similar with the man.(grep --help)
grep --> find for a spesific pattern in a file
touch grepsample
echo test > grepsample
echo test2 >> grepsample
cat grepsample
cat grepsample | grep 2
useradd -m -g groupname -G othergroupnames -s shell username --> add new user
useradd -m -g users -G audio, video -s /bin/bash lorem
cat /etc/group --> shows user groups
ls - ln --> shows the content of the entire directory with the permission rights
chmod -7 fileName --> Removes the rights for the current user
chmod -77 fileName --> Removes the rights for the current user group
chmod -777 fileName --> Removes the rights for the others
chmod +7 fileName --> Gives rights for the current user
chmod +77 fileName --> Gives rights for the current user group
chmod +777 fileName --> Gives rights for the others
ps aux --> whole active processes
ps -au(userName) --> active processes for the userName
ps -aux | grep processName --> active processes list which contaion processName
kill -9 processId --> kills process
killall processName --> kills all processes
.deb packages
dpkg -i packageName --> install package
dpkg -r packageName --> remove package
dpkg -l --> show installed packages
apt installer
apt update --> updates the package list from repositories
apt apgrade --> upgrades whole packages in your local
apt search packageName --> searchs a package from repository
apt install packageName --> installs a package
apt remove packageName --> removes a package
touch --> creates a file(touch afile)
echo linux > afile --> type a text to target file
cat -->shows the content of the mentioned file(cat afile)
echo dontoverwrite >> afile (> overwrites, >> does not overwrite)
head --> first 8 rows
tail --> last 8 rows
more --> read line by line by pressing enter(press Ctrl+C to break more)
pwd --> where I am exactly?
ls --> shows the content of the folder you are in
ls - ln --> shows the content of the entire directory with the permission rights
cd --> jump upper level
cd +arg --> jump to folder arg
mkdir +arg --> creates a new folder named arg
rmdir +arg --> deletes the folder arg(same as command: rm)
cp --> copy a file(cp sourceFile targetFileWithNewName)
cp -r --> copy a folder(cp -r sourceFolder targetFolderWithNewName)
mv --> cut a file(mv file targetFolder)
mv --> addition of cur functionality, also changes the name of a file(mv file newName)
find --> search function. (find Folder)
locate --> same as find command.
man --> manual for the commands(man grep)
help --> similar with the man.(grep --help)
grep --> find for a spesific pattern in a file
touch grepsample
echo test > grepsample
echo test2 >> grepsample
cat grepsample
cat grepsample | grep 2
useradd -m -g groupname -G othergroupnames -s shell username --> add new user
useradd -m -g users -G audio, video -s /bin/bash lorem
cat /etc/group --> shows user groups
ls - ln --> shows the content of the entire directory with the permission rights
chmod -7 fileName --> Removes the rights for the current user
chmod -77 fileName --> Removes the rights for the current user group
chmod -777 fileName --> Removes the rights for the others
chmod +7 fileName --> Gives rights for the current user
chmod +77 fileName --> Gives rights for the current user group
chmod +777 fileName --> Gives rights for the others
1 = execute, 2 = write, 4 = read, 7 total
ps aux --> whole active processes
ps -au(userName) --> active processes for the userName
ps -aux | grep processName --> active processes list which contaion processName
kill -9 processId --> kills process
killall processName --> kills all processes
.deb packages
dpkg -i packageName --> install package
dpkg -r packageName --> remove package
dpkg -l --> show installed packages
apt installer
apt update --> updates the package list from repositories
apt apgrade --> upgrades whole packages in your local
apt search packageName --> searchs a package from repository
apt install packageName --> installs a package
apt remove packageName --> removes a package
add apt repository repName --> adds a repository
*---
df --> displays harddisk configurations
fdisk -arg --> harddisk configurations
free --> ram
cat /proc/meminfo --> ram snapshot
vmstat --> CPU
top --> CPU with more details
*---
netstat
netstat -t --> list of tcp connections
netstat -u --> list of udp connections
netstat --route --> route table, gateway, genmask
netstat -s --> network statistics
ifconfig --> network details, ip address, mac, etc.
*---
df --> displays harddisk configurations
fdisk -arg --> harddisk configurations
free --> ram
cat /proc/meminfo --> ram snapshot
vmstat --> CPU
top --> CPU with more details
*---
netstat
netstat -t --> list of tcp connections
netstat -u --> list of udp connections
netstat --route --> route table, gateway, genmask
netstat -s --> network statistics
ifconfig --> network details, ip address, mac, etc.
Kaydol:
Kayıtlar (Atom)
-
Why do we need to change status of a request? Let's imagine, you have a workbench request and you already relased linked task in it.... -
Metasploitable is a kind of vulnerable Linux virtual machine image for penetration testing. It is Debian 32bit based operation system, and r...
-
* DATA : * ls_object_identity TYPE borident , * lo_gos TYPE REF TO cl_gos_document_service . * ls_object_identi...