So you’ve managed to get root on a linux virtual machine, congrats! However this isn’t where the fun stops. From here you can access the files containing the usernames and their hashed passwords. These files are known as the passwd and shadow files. They can be combined into one file using the unshadow tool so […]
One of the more common services open to exploitation is Netbios / SMB or Samba service. During a pen test where do you go from here?
So you have found an installation of wordpress on your vulnerable virtual machine. What next? WPScan In your browser copy the address of the wordpress installation. At the terminal in Kali type the following: wpscan –url http://172.16.195.202/wordpress/ –enumerate Replace the URL with the URL of the vulnerable wordpress installation. Once the scan has been completed […]
So you have run an Nmap scan and you have open port 21 that has been identified as being ftp. What next? Run the NMap scan using the -A flag. This will tell you if the ftp allows anonymous login. The very simplest command you can enter at the prompt is: ftp 172.16.195.202 Replace the […]
So you’ve got your lab setup and you’ve been over to Vulnhub.com and you’ve downloaded a vulnerable virtual machine such as Kioptrix 1.1. You have managed to install the VM into your favourite hypervisor such as Virtual Box or VMWare and get it booted. You are presented at this stage with a login screen for […]
So you have booted up your vulnerable VM, found the IP address and run NMap to find the open services and ports. You have found a web server running on port 80 (http) or 443 (https). You load the IP address or domain in your browser but all you find are some default webserver pages […]
I started my journey to become a pen tester about a year ago. I began working in IT as a software tester about two years ago. Prior to this I was a special needs teacher for 17 years with a specialism in science. I know. What the hell am I doing? Well I actually really […]