In this article on Hacking Tutorials we will be looking at a new penetration testing course priced at only $99,- offered by a newcomer on the block: The Virtual Hacking Labs. The Virtual Hacking Labs & Hacking Tutorials offer a full penetration testing course that includes access to an online penetration testing lab for practical training. The penetration testing lab contains 30 vulnerable machines that can be used to practice penetration testing techniques and tools in a safe way. All vulnerable machines and scenarios are based on real life scenarios as you would encounter on real company networks. After completing the courseware and the lab machines the student will have a good understanding of basic penetration testing techniques and practical experience applying these techniques. Penetration Testing Courseware The penetration testing course and the virtual labs are targeting both beginning and experienced penetration testers. The courseware covers subjects like enumeration, vulnerability assessments and exploitation from the ground up…
Author: Hacking Tutorials
Eternalromance is another SMBv1 exploit from the leaked NSA exploit collection and targets Windows XP/Vista/7 and Windows Server 2003 and 2008. In the last hacking tutorial we have demonstrated how an unauthenticated attacks can exploit a Windows 7 target that is vulnerable to Eternalblue using Fuzzbunch, DoublePulsar and Empire. In this tutorial we will demonstrate how to exploit a Windows 2003 R2 SP2 Enterprise installation using the Eternalromance exploit in Fuzzbunch. The exploit process is pretty similar to Eternalblue except that we have to use DoublePulsar to generate shellcode that will be used by the Eternalromance exploit. Any other shellcode than DoublePulsar will not work and causes a BSOD. Before we start with exploiting Eternalromance we will be looking at the lab setup that we will be using throughout the tutorial. Then we will use a Metasploit auxiliary module to check if the target has been patched or not. Finally…
In this tutorial we will be exploiting a SMB vulnerability using the Eternalblue exploit which is one of the exploits that was recently leaked by a group called the Shadow Brokers. Eternalblue exploits a remote code execution vulnerability in SMBv1 and NBT over TCP ports 445 and 139. At the time of writing it targets a wide range of Windows operating systems, from Windows XP up to Windows Server 2012. The currently available exploits do not target Windows 10 and Windows Server 2016 but most likely will in the near future when they are being modified. Eternalblue is just one of the Windows exploits that was leaked to the public on Friday 14 April by the Shadow Brokers. The eternal ‘series’ cover a lot more exploits such as Eternalromance, Eternalchampion and Eternalsynergy all targeting recent Windows operating systems. To configure and execute the exploits against vulnerable targets there is an exploit framework…
In this article we will be looking at an alternative for installing Kali Linux on a dedicated machine or a local Virtual Machine: Kali Linux in the Cloud. Cloud based computing has become increasingly popular over the last years, also in the field of penetration testing. Instead of installing Kali Linux on local resources, it can be deployed on a VPS almost instantly and saves the time and trouble from installation. The Kali Linux desktop in the cloud can be accessed remotely over remote desktop software such as VNC, web based interfaces or No Machine. You can choose to buy a VPS and install your favourite penetration testing distribution or you can buy a pre-installed, fully configured and optimized Kali Linux VPS from a dedicated hosting provider. In this article we will be testing and comparing different options starting with a hosting provider offering the pre-configured VPS machines. OneHost Cloud & Security At the time of writing there’s only…
In this tutorial we will be looking at how to exploit an authenticated command execution vulnerability in Wing FTP Server 4.3.8 and how to fix this security issue. Authenticated command execution vulnerabilities allow an authenticated attacker to execute arbitrary commands on the target system. In this situation the vulnerability is still ‘protected’ by an authentication layer because the vulnerability resides in the administrator panel. Unauthenticated command execution vulnerabilities are way more dangerous as they reside in publicly accessible places and can be exploited by anyone without authentication. Before we are going to analyse and exploit this vulnerability we will first have a look at Wing FTP Server in general and its extensive list of features. Wing FTP server Wing FTP server is multi-protocol enterprise grade file server with a lot of features that runs on multiple platforms such as Windows, Linux, Mac OSX and Solaris. The file server supports many protocols: FTP,…
In part 3 of the Hacking with Netcat tutorial series we will be looking at some more advanced techniques. As we know by now Netcat is also called the Swiss army knife of networking tools. Swiss army networking tools should be able to do a lot more than making raw data connections and shells. Therefore we have to look at some advanced features too. In this tutorial we will learn how to pipe Netcat output to files and applications and how network pivoting with Netcat works. In this tutorial we will be looking at a couple different scenario’s where we will be using Netcat to pivot connections. Pivoting network connections is useful when a target host is on a network that is not directly accessible from the attack box’s network. In this situation we can compromise a host that has access to both networks and pivot connections through this host.…
CAINE stands for Computer Aided Investigative Environment and is a live Linux distribution that offers a complete forensic environment. Caine 8.0 has a nice graphical user interface and contains a lot of digital forensic tools to aid in the process of digital investigation. Including some tools to report the results of your digital investigation. The latest version is Caine 8.0 which is based on Ubuntu 16.04 64 bit and was released in late 2016. In general I am a big fan of Kali Linux which also includes a fair share of digital forensic tools. But since I want to learn about some specific digital forensic techniques I decided to go for a Linux distribution focused on forensics only and write a small tutorial about it. I also prefer to use virtual machines instead of live CD’s as they’re easier to manage and maintain. In this tutorial we are going to…
In the Hacking with Netcat part 2 tutorial we have learned how to work with reverse shells and bind shells in Netcat. As we’ve learned from this tutorial these shells are cmd or Bash shells bound to Netcat using the -e option or reverse shells setup with Bash, Python, PHP or any other (scripting) language. The reverse shell gives us control over the target host in the context of the user who initiated the shell. This is great stuff but what if you want to run local Metasploit privilege escalation exploits on the target? Or Metasploit post exploitation modules and maybe use Meterpreter’s port forwarding functionality? In this case we would need to switch from Netcat to Metasploit and upgrade the shell to a Meterpreter session. In this hacking tutorial we are going to upgrade a Netcat shell to a Meterpreter shell in 3 simple steps. First we will use the multi handler module in Metasploit…
One of the most common and oldest security vulnerabilities in software are buffer overflow vulnerabilities. Buffer overflow vulnerabilities occur in all kinds of software from operating systems to client/server applications and desktop software. This often happens due to bad programming and the lack of or poor input validation on the application side. In this article we will look at what a buffer overflow exactly is, how they work and how they can become serious security vulnerabilities. We will also look at what happens when a buffer overrun occurs and mitigation techniques to minimize their harmful effects. What is a buffer overflow? A buffer overflow is a situation where a running program attempts to write data outside the memory buffer which is not intended to store this data. When this happens we are talking about a buffer overflow or buffer overrun situation. A memory buffer is an area in the computer’s memory (RAM)…
In less than 2 weeks we will welcome 2017 and we can look back at a great 2016 for Hacking Tutorials. Since the start of Hacking Tutorials.org in early 2015 the number of visitors and hacking tutorials has grown a lot. In a couple days we will welcome visitor number 1.000.000! This number is far beyond our expectations when we have started this website. In 2016 we have expanded the tutorial sections with Metasploit tutorials, Networking Tutorials, exploit tutorials and we have made a start with reviewing hacking courses. The first hacking course we have followed and reviewed was Offensive Security’s OSCP course. OSCP was a great experience and is a course I will definitely recommend to anyone who’s serious about getting in the field of penetration testing and ethical hacking. Let’s have a look what’s on the agenda for hacking tutorials 2017. Hacking Tutorials 2017 – Mission and Vision At this moment we are very busy with the plans for…