Sleuthkit Exercise – Report

Ok i'm back again for share my report about Sleuthkit Unallocated Extraction & Examination.

first about sleuthkit, we must installation sleuthkit, simple installation we can find tutorial from google..in there we can get tutorial about how to steps installation sleuthkit.

SleuthKit is a collection of shell program for forensic analysis,

SleuthKit, in general, consists of two parts, namely the file system and media tools
management tools. File system is useful tool to analyze the file system.

ok we go to my report, lets see the picture...

sorry my packet internet exhausted, so i will post pict report tomorrow....i'm so sorry for that

Categories: IS2C

introduction computer forensik

+ What Is Computer Forensic ?

Computer forensics is to explain the state of digital artifacts.

The term digital artifact can include a computer system, storage media (such as a hard disk or CD-ROM), electronic document (eg an email message or JPEG image) or even a sequence of packets transferred over a computer network. The straightforward explanation can be as clear "what information is here?" and detailed as "how the sequence of events that led to the present situation"

+ What Is Unllocated Space ?
Unallocated Space usually called as "Free Space", is a logical space on hard drive that the operating system. The space not be used by the operating system before formated, the opposite of Unallocated Space commonly called as Allocated Space. The Allocated space is used by operating system for write the data or file.

+ What Is Slack Space ?

Slack space is the empty space that is in use by the file, but the space is used, it is not spent entirely for storing data. resulting in slack space.

Categories: IS2C

Hacking DVWA for get Root

ok, now we will try hacking dvwa for get access root os linux..ok lets go to the steps ;)

+ Create backdoor with weevely
open the terminal, and write the command and run virtual box metasploit os

we generate the file with the name "weevely.py

ok time to open browser and login dvwa, dvwa address "192.168.56.101/dvwa" in here im using security DVWA "High"

+ Upload the backdoor and bypass DVWA proteck with DVWA
ok, now time to upload file weevely.py on DVWA.....look the pict bellow

opppsss we get trouble, but its ok !! calmdown and please drink coffe for make ur enjoy ...:D
see the picture....

ok now we open Burp Suite and make sure "intercept is on" and dont forget to see options for get address interface "127.0.0.1:8080" and we go to browser mozzila for setting preferance browser, we must choise "Manual proxy configuration"

ok next steps we will see Burp Suite again....:) look this report on burp suite and edit filename:="fargothen.php.jpg"....and now backdoor upload successfully...YiiiipppYY....;)

Now time to connect backdoor with virtualbox ;)

and now virtualbox connect with backdoor.....

+ Access Rooting
Now, I will search available user on target virtualbox.






















Ok we use medusa for get id and password target..

-h for host, -u for username, -P for path wordlist, -e for option password, ns for blank password n username  same as password, -M for module..

next step we must exploit linux karnel, i use udev file for exploit. but i need script for exploit karnel linux...how can i get the script ? we must download the script and compiler file.c to udev...
ok now after get file.c and time to compiler file, look the steps

if u follow the step, now back to virtualbox metasploit and make komputer listen, look the picture

after make computer target listen, we have need PID for run udev, how can we must get PID ? ok look the picture, and now we know PID is 2356

now we run udev with PID

and yiiiipppppiiii.......time to get access root....:D

Categories: IS2C

Laboratory hacking with a attack vector that advance scheme

Attack Vactor Scheme involving several hacking techniques, here I use two ways to gain access to the target computer.

We will do the buffer overflow hacking technique on BigAnt server, The following is an explanation
- Install applications BigAnt server on the komputer target and run the application hacking on the lab

- We will make and send fuzzer to the application containing the value to make crash
- If successful then the target will be opportunities for remote start
- Below is fuzzer to be sent to the target application

- If it works then we obtain the permissions on the same target

Next, we will perform metasploit hacking techniques

- We need IG on target, now i will try to get IG use nessus, look the pick IG with nessus.

- After open terminal and write msfconsole

- Next step we will need list exploit for get file target, write show exploit

- The next step will be to determine which exploit we use

- Show us the options to see the contents of the file

- The next step we make LHOST, LPORT, RHOST

- And it's time to exploit

- Checking results

Categories: IS2C

Try to Expliot Easy RM

After a few days I tried to exploit the easy RM application and having problems,but now I will try to explain how to exploit easy RM application using perl language in Backtrack...
Ok, this is step by step......

Categories: IS2C

Buffer Overflow Direct RET Method and How To Exploit WarFTP

Okay, now we will learn a little about the direct  returns method, and how to exploit application warftp.
lets see, what we need next ?

- Backtrack 5
- Metasploid Framework
- VirtualBox Windows XP Sp2
- Fuzzer
- OllyDbg
- WarFTP
- If you need a coffe, please make for a more relaxed..;)

Ok lets go to the steps,

Categories: IS2C

Advance Information Gathering With MALTEGO

What Is Maltego ?? :)

Maltego is a program that can be used to determine the relationship of information

between : domains, DNS names, netblocks, ip address, people and many other (appropriate method on the entity).

Categories: IS2C