Description:
Tags: tools ,
Disclaimer: We are a infosec video aggregator and this video is linked from an external website. The original author may be different from the user re-posting/linking it here. Please do not assume the authors to be same without verifying.
Hi I wanted to firstly say great video... very clearly written and informative.
I had one quick question though, towards the end of the video you appeared to easily log into the second victims webserver. Was that because you knew the password or did you use some sql in the password edit box as an sql injection attack?
cheers.
As always, a great video, the only question once again is that of the lab environment set up. Any help in that direction will greatly help.
Also, we all are eagerly waiting for the tutorials on Wireless security and hacking, nmap, dns spoofing, web application security, SQL injection, etc..
Will highly appreciate if you can create and load this up.
Thanks!
Excellent video, once again. I second the poster above me- SQL injection and web application security would be greatly appreciated.
Also, as these scenarios get more complicated, would it be possible for you to attach a short document or description on each as to how you set it up? I have a few machines that I would like to set up this sort of scenario with, but not sure how I'd do it, exactly. Here's something like what I had in mind:
Server1: WinXPsp2-- MySQL, PHP, Apache on XAMPP--ip: 10.10.10.150 (static)
Server2: WinServer03-- ie6 w/ Java x.y-- NIC1: 10.10.10.100 NIC2: 192.168.1.100
Router: IP-192.168.1.1, 192.168.1.x subnet, 255.255.255.0 netmask
Attacker: BT4-- ip 192.168.1.5 (static)
Great video. Thank you very much.
Thanks again for the great vids.
Another great megaprimer! Thanks for sharing all of this! o/
Thanks for the effort Vivek !!
Thanks for all the comments guys! We have launched a SecurityTube Metasploit Framework Expert Certification today:
http://www.securitytube.net/smfe
The first 25 signups will receive discounted seats! Please hurry :)
Para conhecer o metasploit mais a fundo visite o fórum Amantes do Metasploit, lá você vai encontrar muito material em português
http://www.amantesdometasploit.com.br
Nice job boss remain bless......
Hi,
A quick question:
What's the need to setup a port forward if you have already setup a route to the end host. All traffic for the destination address will traverse the meterpreter connection if the route command is configured. Wouldn't setting up a port forward be redundant ?
Thanks, and kudos on the videos.
Cheers.