PWB Day 1

DHCP:


Dynamic host configuration protocol.

Server: Sends configuration to clients who ask for it. It assigns Ip address,default route and DNS server config to the client.
Client: asks for the configuration to the client.
Use
>ifconfig -a

for knowing all the interfaces.

To get the network configurations use
> dhclient <interface>
e.g. dhclient eth0

SSHD:

to start sshd daemon first set the keys using:

>sshd-generate

then start the ssd daemon :
>/etc/init.d/sshd start

ATFTPD

opens the tftpd daemon
>atftpd --daemon --port 69 /tmp

VNCServer
>Vncserver

PenTest With Backtrack- Day1

- Had already download a 64bit VMware Backtrack which i am running on my laptop using a VMware player.
- Changed password of my vmware based machine.
- Downloaded course videos and course content
- Not yet registered to the forums.
- Read the first chapter

From the first chapter:

- Will have to prepare a formal PenTest (PTR now on) report.
- First chapter tells tools are available in path of the Backtrack (BT now). Backtrack is basically customized ubuntu linux. Also the directory /pentest has a lot of pentest related tools.

Lets see the directory inside it individually:
a)backdoors:  It has
-3proxy
-iodine
-ptunnel
-web which has webshell and weevly
All these are backdoor programs where iodine uses dns requests to bypass a firewalled setup and ptunnel uses icmp echo requests to similar tasks. Web shell gives a jsp based page to have access to root on a webserver. Weevly works similarly

b)Bluetooth: It has two bluetooth penetration softwares. Bluediving and bluemaho.
c) Cisco: It has tools to pen test cisco devices. Lot of tools there. I guess need to read in more detail.
d)database: It has tools for sqlinjection and other sql kungfu for databases like MSsql oracle etc.
e)enumeration: It has tools for enumerating vulnerabilty using various points of interaction like dns, googlescan, tcp
f) exploits: It has list of tools which use know exploits against softwares and devices.
g) forensics: Forensics tools.Loads and loads for different scenarios.
h) fuzzers: fuzzing tools. Fuzzing is random data strings input to a tool with aim to crash it or test.
k)libs: tools to input data into lib calls etc
l)misc: misc toolss
k) miscellaneus:- misc tools again
l) passwords: password crackers
k)python: has python examples
m)reporting : unsure about it
n)reverse-engineering: reverse engineering tools
o)rfid: has one rfid tool
p)scanners: different scanners based on different protocols
q) snifferes: different packet sniffers
r) Stressing: giving stress :P tools for DOS.
s)telephony: related to telephony (mobile mostly) tools
t)tunneling: couple of data tunneling softwares (tcp through udp etc)
u)VOIP: a lot tools related to voip
v)web: a lot tools for web vulnerability scan and other toools
w)window-binaries: for scanning sniffing cracking etc
x)wireless: wireless crackers kismet, aircrack etc.