pwnOS with Metasploit, Nmap, Nessus and Exploit-DB.com
Good evening and welcome to my demonstration of pwnOS - http://forums.heorot.net/viewtopic.php?f=21&t=149 pwnOS is a kind of training Ubuntu server image for exploit testing, much like Metasploitable or De-ICE. There are a couple of vulnerable services that I have discovered so far, one is an out of date Webmin install, the same Debian Weak SSL ciphers used on Metasploitable (slightly annoying :-( ) and a vulnerable Linux kernel. In the following tutorial I show you how to go from "boot to root" in around 10 - 20 minutes. Firstly we'll kick of the show with some information gathering; the image is installed on a box on my 10.50.60.0 network, so we'll start with a full /24 scan. followed by a Nessus vulnerability scan of the said image. Then we look at exploitation, the some privilege escalation and finally poc (proof of concept). I found this a lot easier that Metasploitable and was able to get root access in around 2 hours, which did annoy me slightly but still hats off to bond00 at http://heorot.net; its a good training exercise. If you have any questions feel free to comment on http://defensive-attack-formation.net. d3m0n35
pwnOS
Metasploit
Nmap
Nessus
and
Exploit-DB.com
d3m0n35
dem-ones
Channels:
Ubuntu Linux
Added: 280 days ago by
nate
Views: 40247 |
Comments: 0
Not yet rated
Nessus 4.4 on GnackTrack Install
The GnackTrack IRC channel is open irc.freenode.net, in channel #gnacktrack
Nessus
4.4
GnackTrack
Install
gnome
backtrack
Channels:
Gnome Linux Desktop
Added: 282 days ago by
nate
Views: 100 |
Comments: 0
Not yet rated