Showing posts with label Hacking Tutorial Begginer to advanced. Show all posts
Showing posts with label Hacking Tutorial Begginer to advanced. Show all posts

Hacking Tutorial Beginner to advanced - Setting up a penetration testing lab

To setup a penetration testing lab, First you need the following things.....



  1. Virtual Box - virtualbox.org


    2. *Go to downloads

    For more details about the virtual box installation visit here.

    Download and extract the file...

    >Now open virtual box and click on 'New'

    >Name: Metasploitable 2
      Type: Linux
      Version: Debian 64 bit

    >Click Create


    >Click Create(you can select more file size but 8 GB is good)

    >Now go to settings
    select Storage
    select Metasploitable 2.vdi
    Click on the Red rounded button in the bellow pic

    >select 'choose a virtual hard disk file'
    then select our downloaded file
    >Then Open it

    >In System-Processor-Enable PAE/NX
    >OK
    >then start your virtual machine

    >Metasploitable VM is ready
    >Login with msfadmin as username and password

    Now your Pen testing lab is ready...
    Check any pen testing tool with with Metasploitable without breaking the law. Stay legal

    All my next tutorials will be done with this tool.
    Stay tuned




    by

    Server-Side Attack Tutorial-VSFTP


    we already know how to use metasploit and how to gather information using Nmap/Zenmap. If you don't know please read my tutorials about Meatasploit and Nmap.

    In this tutorial I'am introducing a simple server side attack. This tutorial is only for educational purpose do not use it illegally.

    I'am using the Metasploitable VM as target machine.If you don't know about Meatasploitable then please visit my previous posts about it.

     Open Metasploitable Virtual Machine

    Virtual machine metasploitable
    Start metasploitable

    starting metasploitable virtual machine
    Metasploitable VM
    Type metasploitable login ID and Password

    As default both are "msfadmin"

    Metasploitable Login
    Now our target (Server) is redy.

    We are using our Kali machine to attack the target server as usual.

    Open Kali machine.

    Kali Virtual Machine
    Kali Login
    My kali machine

    Our attacking machine is ready now we want to gather informations about our target machine for that we only need the IP of the target machine.If you are attacking a site you can get the IP of the target using the command " ping <site URL>"

    ifconfig in metasploitable
    Here our target IP is 10.0.2.4. 

    To get the IP. You need to type the following command in Metasploitable machine

    ifconfig

    After getting the IP we need to get the information about the target. For Information Gathering we can use Nmap. To make it easier I'm using Zenmap (Graphical interface of Nmap).

    Kali terminal
    To open Zenmap simply type zenmap on your terminal window.

    Opening zenmap in terminal
    sudo su

    zenmap

    Zenmap

    Put the target IP in Target and click scan.

    Read more »
    by
    Subscribe to: Posts (Atom)