< All Advanced Penetration Testing Notes

rspeight10 | Advanced Penetration Testing | Module 5 - Vulnerability Discovery/Scanning

By: rspeight10 | Related Course: Advanced Penetration Testing | Published: May 16, 2017 | Modified: May 16, 2017
Join Cybrary

Notepadmetaploit "Auxiliary"

msfconsole

service postgresel start

service metaploit start

use auxiliary/scanner/ftp/anonymous

set RHOST file:/root/livehosts.txt

cat classscn.gnmap

cat classcan.gnmap| grep Up

cat classcan.gnmap| grep Up | cut -d ” ” .f 2

cat classcan.gnmap| grep Up | cut -d ” ” .f 2

 

use exploit/windows/smb/ms08_067/netapi

show options

set rhost 192.168.1.76

check

 

 


NotepadVulnerability "Zervit"

Zervit

Zervit Dir Listing

192.168.1.76:3232

192.168.1.76:3232/index.html?

 


NotepadWebApp

Tomcat

Apache

Jboss

Powermgmt

MySQL -h 192.168.1.76

https://192.h

https://192.168.1.76/webdev

cavdaver http://192.168.1.76/webdev

xampp 1.7.2

wampp

xampp

//192.168.1.76/phpmyadmin (brings up MySQL gui)

Apache 192.168.1.80

192.168.1.80./tomcat

dirbuster (OWASP DIRBUSTER Bruteforce)

dirbuster – (tool used for guessing passwords)

nikto -h https://192.168.1.76, looks for webapps, finds known vulnerabilities, COTS

192.168.1.80/tiwiki

 

 


< All Advanced Penetration Testing Notes
Join Cybrary

Our Revolution

We believe Cyber Security training should accessible for everyone, everywhere. Everyone deserves the OPPORTUNITY to learn, begin and grow a career in this fascinating field. Therefore, Cybrary is the world's largest community where people, companies and training come together to give everyone the ability to collaborate in an open source way that is revolutionizing the cyber security educational experience.

We recommend always using caution when following any link

Are you sure you want to continue?

Continue
Cancel