Hacking 101 Network Attack Network Scan & Map

Metasploit – Lab

Metasploit is an open source platform for vulnerability research, exploit development, and the creation of custom security tools. In this lab, we’re going to be using Metasploit to attack the Metasploitable2 VM. Preqreq – have a local Kali instance and Measploitable2 VM running. https://hack.technoherder.com/vm-setup-kali-metasploitable2/ Activities Part 1 – Getting Started Update Kali: Start the Kali […]

Database Network Attack

PostgreSQL – 5432 – TCP

Login into postgres -U user-h host-d database \l      – list databases\c  [DataNase Name]    – connect to database\dt   – list datatables\q   – quit/exit program\du  – list users List of roles Role name Attributes postgres Superuser, Create role, Create DB, Replication, Bypass RLS webapp Superuser SELECT current_setting(‘is_superuser’); Auth Trust Open the file […]

Network Attack

Spoofing LLMNR, NBT-NS, mDNS/DNS and WPAD and Relay Attacks

Network protocols LLMNR, NBT-NS, and mDNS Microsoft systems use Link-Local Multicast Name Resolution (LLMNR) and the NetBIOS Name Service (NBT-NS) for local host resolution when DNS lookups fail. Apple Bonjour and Linux zero-configuration implementations use Multicast DNS (mDNS) to discover systems within a network. These protocols are unauthenticated and broadcast messages over UDP; thus, attackers […]

Network Attack

SSH – 22 – TCP

Basic Information SSH or Secure Shell or Secure Socket Shell, is a network protocol that gives users a secure way to access a computer over an unsecured network.Default port: 22 SSH servers: SSH libraries (implementing server-side): Enumeration Banner Grabbing Automated ssh-audit ssh-audit is a tool for ssh server & client configuration auditing. https://github.com/jtesta/ssh-audit is an […]