I use nmap to scanning ip target
#nmap -v -A -T4 192.168.43.130
the result is os running and some service that running so port was discovered
service that running is openssh,apache,samba and webmin
2. Next is Vulnerability Assessment, you can use nessus and or exploitdb console
use nessus to find out the level of risk, from many service that are run I chose webmin to exploit
I use exploitdb to know some exploit code. open exploitdb console and try to searchsploit webmin
#./searchsploit webmin
3. Next, chose and use exploit code from the result searchcploit
attack ip target using command such as command on screenshot above and follow the command format
4. attack ip target using that exploit code
i'll use john the ripper to encript that password content
copy file content to clipboard
open john the ripper console and type #gedit
paste file content and save on john folder directory
5. Run that file on john the ripper console
process was running, wait for several minutes to get the result
CMIIW
Tidak ada komentar:
Posting Komentar