-
May 25th, 2010, 06:58 PM
#11
Originally Posted by dinowuff
You should be able to use a reverse payload, set LHOST to the IP of your router (external) and forward LPORT to your host. Or just use a bind payload if the target is not firewalled.
I think...
You could always use Meterpreter for key logging purposes; however, I don't think that is what you are looking for.
This is exactly right. Although, if your target has a firewall/router, it will limit the exploits you can use for your attack. There would have to be port forwarding set up to allow you to attack specific vulnerabilities. You would most likely have to involve user-interaction. [opening an attachment, plugging in a USB key, visiting a malicious site, etc.]
One other suggestion, is to make use of port 80. Most firewalls don't block outbound port 80, so it will just blend in with other web traffic. If the sysadmin sees port 4444 in the logs, it would probably throw up a red flag.
\"Those of us that had been up all night were in no mood for coffee and donuts, we wanted strong drink.\"
-HST
-
May 26th, 2010, 04:57 AM
#12
@ the OP:
Obviously Metasploit is a powerful tool. However, all Metasploit tutorials that I've seen are based on using Metasploit from within a subnet.
Hey fellah! you have to start somewhere, and they (Metasploit) went for the core?
Who knows what will happen in the next 12~18 months?
In the meantime, I see my friends have given you some possibly useful
alternatives?
Good Luck!
-
May 27th, 2010, 07:30 PM
#13
Firewalking is your friend.
\"Ignorance is bliss....
but only for your enemy\"
-- souleman
-
May 28th, 2010, 04:53 AM
#14
So is Hydra, Hping, and IPSorcery
-
June 4th, 2010, 03:01 PM
#15
diffrence
Originally Posted by CyberB0b
Just wanted to mention that this is not a hacking site.
the difference between a hacker and a security expert is choice of what to do with the knowledge gained and or how you gain the knowledge in the first place
Last edited by romanticcowboy; June 4th, 2010 at 03:10 PM.
Reason: more true of a statement
-
June 4th, 2010, 03:52 PM
#16
Originally Posted by romanticcowboy
the difference between a hacker and a security expert is choice of what to do with the knowledge gained and or how you gain the knowledge in the first place
I have to disagree with that.
I use coffee in a way it was not designed. I use it to capture facebook chats. In essence I have hacked coffee.
I use wireshark and nmap to test my firewall rules. Meaning I use these tools as they were designed to be used.
Hacking is more about getting something to perform in a way that it was not designed to do.
of course that is just my opinion.
09:F9:11:02:9D:74:E3:5B 8:41:56:C5:63:56:88:C0
-
June 4th, 2010, 07:08 PM
#17
Originally Posted by dinowuff
I have to disagree with that.
I use coffee in a way it was not designed. I use it to capture facebook chats. In essence I have hacked coffee.
I use wireshark and nmap to test my firewall rules. Meaning I use these tools as they were designed to be used.
Hacking is more about getting something to perform in a way that it was not designed to do.
of course that is just my opinion.
I sort of view hacking like I view martial arts... you can use the skillset for good purposes or evil purposes. Hacking isn't necessarily about breaking into systems, or wreaking havoc... we have other words for that... words like criminal, or malicious...
It is kind of like lockpicking. You don't want a criminal with lockpicking skills coming around your house... but if you lock yourself out, you call a locksmith, because he/she is a reputable person with the same skillset.
\"Those of us that had been up all night were in no mood for coffee and donuts, we wanted strong drink.\"
-HST
-
June 4th, 2010, 10:17 PM
#18
Nah, it's like a Butcher Knife; You can slit a throat or build a meal
-
June 5th, 2010, 02:06 PM
#19
[kung fu music playing]
"Master - how does one defend against the syn attack"?
"grasshopper - to learn encapsulation, one must first learn ip structure".
[\kung fu music playing]
09:F9:11:02:9D:74:E3:5B 8:41:56:C5:63:56:88:C0
-
June 5th, 2010, 05:28 PM
#20
*Punches through a solid brick Wall* Buahahahaha!
Similar Threads
-
By HTRegz in forum Network Security Discussions
Replies: 8
Last Post: May 26th, 2006, 03:03 PM
-
By LudakoT in forum IDS & Scanner Discussions
Replies: 4
Last Post: March 23rd, 2006, 04:43 AM
-
By Irongeek in forum The Security Tutorials Forum
Replies: 18
Last Post: November 20th, 2005, 10:31 PM
-
By KuiXing-2005 in forum IDS & Scanner Discussions
Replies: 2
Last Post: February 22nd, 2005, 12:51 AM
-
By MAD_M@T in forum Newbie Security Questions
Replies: 14
Last Post: April 24th, 2003, 06:06 PM
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|