View previous topic :: View next topic |
Author |
Message |
carloscnm1 n00b
Joined: 11 Nov 2018 Posts: 1
|
Posted: Sun Nov 11, 2018 1:31 am Post subject: Pentoo no Network manger ? |
|
|
Hi, I need to install pentoo for a gym test.
In this test I will have to find out the username and password of a Windows XP system.
I am new to pentoo and would like some help.
After installing pentoo in a virtual machine (Virtual Box), I realized that it did not have the network manager.
would have some way of pulling that network manager.
and could you please point me app for that purpose? |
|
Back to top |
|
|
Muso Veteran
Joined: 22 Oct 2002 Posts: 1052 Location: The Holy city of Honolulu
|
Posted: Sun Nov 11, 2018 6:50 am Post subject: Re: Pentoo no Network manger ? |
|
|
carloscnm1 wrote: | Hi, I need to install pentoo for a gym test.
In this test I will have to find out the username and password of a Windows XP system.
I am new to pentoo and would like some help.
After installing pentoo in a virtual machine (Virtual Box), I realized that it did not have the network manager.
would have some way of pulling that network manager.
and could you please point me app for that purpose? |
Just use the cli tools.
How are you supposed to find the user name and password? Are you supposed to hack the windows box? If so you'll need to do a unicornscan of all TCP ports first
(x.x.x.x = ip)
Code: | unicornscan -p 1-65535 x.x.x.x |
With the ports listed, run nmap against those :
Code: | nmap -sC -sV -p (all listed ports separated by a comma) -oN nmap x.x.x.x |
Once you have the results from nmap, carefully examine what it says. Being XP, more than likely the SMB protocol will be the likely entry point. Run searchsploit against all results.
Also, run enum4linux against the ip of the XP box.
If you're going to be lazy and use metasploit, make sure that postgresql is running first
If it is running some type of webserver, see if there are any input fields you can play with. Check the various sqli tricks, and if you don't know then just run :
This route will take more time... a lot more time.
Here's a quick sqli cheat sheet
Use burp if you know what you're doing with the url (assuming there is one) just to save yourself time. Foxyproxy addon for your browser is perfect for burpsuite. _________________ "You can lead a horticulture but you can't make her think" ~ Dorothy Parker
2021 is the year of the Linux Desktop! |
|
Back to top |
|
|
|
|
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum
|
|