Visit SANS reading room, pauldotocm forums, irongeek's website, and yes remotexploit forum and irc grab a copy of BackTrack, and go crazy on the wiki.
My 0.02 Sent from my Verizon Wireless BlackBerry -----Original Message----- From: Vincent Lape <[email protected]> Date: Fri, 03 Apr 2009 13:59:40 To: PaulDotCom Security Weekly Mailing List<[email protected]> Cc: <[email protected]> Subject: Re: [Pauldotcom] pentest with physical access Might want to take a visit over to forums.hak5.org and visit the noob section. On Friday, April 03, 2009, at 12:41PM, "Milan ______" <[email protected]> wrote: > >First of all: apologizes for my bad english; it is not my native language. > >I need some help with a pen-test, while I have physical access to the network. >As a security-enthusiast, my boss asked my to do a pen-test and show the >vulnerabilities within their network. >Despite that I m not a pentester, I go for this challenge. >I know a little bit about this subject, and Im used to work with Linux >(Ubuntu). >Can someone point me in the right direction? > >I have physical access to the computers (normal user-account) with Windows XP >SP2. >The public computers have some restrictions (disabled cmd.exe, msconfig, >taskmanager) but I can open a command shell with a portable version of cmd.exe >on a pendrive. Also it was possible to run batch-files. And it is also >possible to run a portable registry editor. > >I gathered information with netstat, tasklist, net view, etc. >I should say that doing a pentest is much easier with this information en with >physical access to their computers/network. But I need some help after I did >some 'pentesting-things' > >With nmap I scanned the ports at their public IP, but they are all >closed/filtered. >The public computers within their network are behind a proxy, but the >computers from the employees have a direct access to the internet (no proxy). >I gathered some usernames, and used Hydra with a large wordlist to Brute Force >them. But not succeeded.Also tried to place a version of netcat on their >systemdrive, but that was not possible because of restrictions. > >What can I do more? I do not have experience with tools like metasploit, do I >need to learn more about this subject? Please point me in the right direction. > >Thanks in advance >Milan >_________________________________________________________________ >Express yourself instantly with MSN Messenger! Download today it's FREE! >http://messenger.msn.click-url.com/go/onm00200471ave/direct/01/ _______________________________________________ Pauldotcom mailing list [email protected] http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com _______________________________________________ Pauldotcom mailing list [email protected] http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
