Any good Hackers here?

Status
Not open for further replies.
AllThingsSacred said:
What exactly are you testing for? A simple nmap scan should show up certain vulnerabilities, particularly if you are using an older version of Microsoft IIS or an older version of Apache [which, I might add, is archaic and dangerously insecure in some cases].

I would personally be doing some of the following; a port-scan for vulnerabilities, then use some tool like plink to open an SSH tunnel into your machine, perform a privilege escalation exploit and give myself full rights in the SYSTEM usergroup i.e. have complete control of the machine.

That is assuming you are running Windows, if you are running UNIX I would look for things like the MySQL daemon, Apache [which as I have said is open source and not greatly secure], and any other open ports you may have to give myself access to the server.
Click to expand...


This is a "Can you hack the box" test. I have Nmap and other scanning tools in house. They all fail. Besides, scanning don't do anything but tell you tid bits of information that you "Might" be able to use, but scanning is just that.....scanning. You don't breach security just by seeing what ports are open on a machine. I have used PStools on the inside of the network, and we completely shut it down. PStools is worthless against the box. Nmap, SuperScan, Advanced Lan Scanner are a few I have tried thus far. Even if able to retireve stuff like what OS is running on it, that still gives nothing by way of actually hacking into the box. I need people to actually try to break into the box.

I need people to try what you just said (perform a privilege escalation exploint and gain full control over the machine)....That is if you can. I need best foots forward here, hit it with your best shot.

It's running Windows by the way.
 
We are picking up traffic all over, but I'm not sure if it's anyone here unless they confirm that they have been hitting it. So far, nothing has happened to the box.
 
i just got into my schools server, such an easy way, cant believe i never thought of it before. basically i did some naughty stuff :eek:
 
i just got into my schools server, such an easy way, cant believe i never thought of it before.
Click to expand...


2 questions.

1.) how did you get in?

2.) Do you have admin status on the server?
 
Status
Not open for further replies.

Similar threads

R
any dell XPS buffs here?
Replies
5
Views
2K
raverx3m
R
P
VMware vs Hyper V
Replies
8
Views
1K
zahra batool
Z
D
Who needs SSL security software?
Replies
3
Views
2K
markanderson
markanderson
M
How to control Siemens LOGO PLC through mobile network (4G, 5G...)?
Replies
1
Views
931
Antonio Turner
A
XWrench3
TO GROUND, OR NOT TO GROUND. THAT IS THE QUESTION.....
Replies
6
Views
1K
PP Mguire
PP Mguire
Back
Top Bottom