Author: Hacking Tutorials

Microsoft Windows still holds the largest market share when it comes to operating systems for desktop computers, both for enterprise use and personal use. Therefore it is highly likely you will encounter a lot of Windows workstations and servers during your penetration testing training and career. On the other hand, most penetration testers mainly use Linux based distributions such as Kali Linux, Pentoo or Backbox. Therefor you need the ability to quickly compile Windows exploits on your Linux machine. The solution for this is: Mingw-w64. Mingw-w64 is a free and open source software development environment for creating Windows applications. Mingw-w64 was originally called Mingw32 which didn’t support the 64 bit architecture. In this tutorial we will be looking at how to use Mingw-64 to compile exploits for Windows on Kali Linux. Let’s start with installing Mingw-w64 on Kali Linux. Installing Mingw-w64 on Kali Linux Mingw-w64 is not installed by default…

In part 1 of the Hacking with Netcat tutorials we have learned the very basics of Netcat. Now it is time to dive deeper into the most popular and common usage of Netcat: Setting up bind shells and reverse shells. In this tutorial we will be learning about the difference between a bind shell and a reverse shell and how to use them. Quite often Netcat is not present on systems as it could be considered as a potential security issue. In these cases we will learn about how to use other tools and programming languages than Netcat which replaces some functionality to setup a reverse shell. Programming and script languages like Python, PHP, Perl and Bash are great alternatives. We will conclude this tutorial with how to use bind shells. In this tutorial we will be learning how to use Netcat for: Reverse shells Bind shells We will demonstrate…

Netcat is a great network utility for reading and writing to network connections using the TCP and UPD protocol. Netcat is often referred to as the Swiss army knife in networking tools and we will be using it a lot throughout the different tutorials on Hacking Tutorials. Most common use for Netcat when it comes to hacking is setting up reverse and bind shells, piping and redirecting network traffic, port listening, debugging programs and scripts and banner grabbing. In this tutorial we will be learning how to use the basic features from Netcat such as: Banner grabbing Raw connections Webserver interaction File transfers We will demonstrate these techniques using a couple virtual machines running Linux and through some visualization. The hacking with Netcat tutorials will be divided in the following 3 parts: Hacking with Netcat part 1: The Basics Hacking with Netcat part 2: Bind and Reverse shells Hacking with…

In this tutorial we will be hacking dRuby using a remote code execution vulnerability in the dRuby RMI server that is running on Metasploitable 2. dRuby is a distributed object system for Ruby and is written in Ruby. dRuby uses its own protocol and binds itself to a URI such as druby://example.com on port 8787. By default port 8787 is not scanned by Nmap since it is not included in the list of 1.000 common ports which are scanned by default when no additional port options are specified. Open port 8787 on Metasploitable 2 would remain unnoticed unless we would be using the -p- flag to scan all 65535 ports or use a port range which includes port 8787. This example shows us how important it is to always run a full port scan on a target when performing network enumeration. We could easily be missing crucial information which can…

In this tutorial we will be hacking Unreal IRCd service on Metasploitable 2. We will learn how to perform enumeration on network services and how to define and retrieve crucial information. Then we will be looking at how to perform code analysis and modify payloads using msfvenom before we execute the exploit. In order to retrieve more information about the Unreal IRCd service we need to connect to the IRC channel using an IRC client. We will start with installing the HexChat IRC client and connect to the IRC channel to see if we can get more information about this service. Such as the version number for example which could not be retrieved with Nmap. When we know which version of Unreal IRCd we are dealing with, we can continue with performing a vulnerability assessment. Then we will be exploiting the found vulnerabilities both manual and by using the Metasploit framework. From the Metasploitable enumeration tutorial we got the following information…

During the last 3 months it was more quiet than usual on Hacking Tutorials. In this period less tutorials and articles were publish on Hacking Tutorials but there was a very good reason for that. For the last 3 months I have followed Offensive Security’s Penetration testing with Kali Linux (PWK) course and got certified as OSCP. In this article I will be reviewing the courseware, the labs and the brutal 24 hour exam. We will also look at which prior knowledge would be beneficial during the course and how to get this knowledge. We will conclude this article with some tips and hints that helped me passing the exam. OSCP courseware and videos The Penetration testing with Kali Linux courseware contains a PDF file and instruction videos on all subjects. The course covers many different subjects such as passive and active information gathering with many different tools but also writing simple buffer…

In the upcoming Metasploitable 2 exploitation tutorials we will be exploiting the vulnerabilities we have found in the enumeration phase and the vulnerability assessment. We will be exploiting the found vulnerabilities both manually if that is possible and by using Metasploit. In this tutorial we will be exploiting VSFTPD v2.3.4 manually and with Metasploit. This particular VSFTPD exploit is pretty easy to exploit and is a great first start on the Metasploitable 2 box. Instead of quickly running Metasploit to exploit this vulnerability we will start looking at how the application is exactly vulnerable. Than we will analyse the source code, test it in a controlled environment and then exploit it on the Metasploitable 2 machine. This will help you to get a better understanding of the exploitation process and actually see what is happening and how. The end goal of exploiting vulnerabilities is ultimately to gain a root or…

In this tutorial we will be installing OpenVAS on Kali linux. OpenVAS is an advanced open source vulnerability scanner and manager and can save you a lot of time when performing a vulnerability analysis and assessment. Using an automated up-to-date vulnerability scanner in penetration test often helps you to find vulnerabilities which can be easily overlooked during a manual assessment. The OpenVAS scanner uses more than 47.000 Network Vulnerability Tests (NVTs) as of June 2016. In this tutorial we will be installing OpenVAS on the Virtual Kali Linux machine we’ve installed in an earlier tutorial. If you haven’t installed Kali Linux yet we recommend you to do that first. The OpenVAS installation process is rather straight forward but might need some explanation along the way. After the installation process is finished we will be scanning the Metasploitable 2 vulnerable machine we’ve installed earlier in the Metasploitable 2 installation tutorial for known vulnerabilities.…

A vulnerability assessment is a crucial part in every penetration test and is the process of identifying and assessing vulnerabilities on a target system. In this part of the tutorial we will be assessing the vulnerabilities available on the network side of the Metasploitable 2 virtual machine. We will be assessing the web applications on the Metasploitable 2 machine in a later tutorial. In the previous Metasploit enumeration and fingerprinting tutorial we’ve learned that the Metasploitable 2 machine contains a lot of vulnerabilities. We have collected valuable information about the target system which we will be using to find known vulnerabilities both on- and offline. Exploitation of these vulnerabilities will be demonstrated in the next exploitation tutorial. In this tutorial we will be looking at a few different ways to perform vulnerability analysis. We will be manually searching for exploits, use scanning tools like Nmap with scripts and we will be looking at the…

In this new Metasploit Hacking Tutorial we will be enumerating the Metasploitable 2 virtual machine to gather useful information for a vulnerability assessment. Enumeration in mathematics or computer science is referred to as listing a number of elements in a set. Enumeration in the hacking context is the process of retrieving usernames, shares, services, web directories, groups, computers on a network. This is also called network enumeration. During this process we will also collect other useful network related information for conducting a penetration test. An important part of the Metasploitable 2 enumeration process is the port scanning and fingerprinting process. Port scanning is used to probe a server or host for open TPC and UDP ports. Fingerprinting is the process of identifying the services connected to those ports. A very popular tool used for network enumeration, port scanning and fingerprinting is NMap (Network Mapper) which we will be using throughout this tutorial. We will also use…