Join our site(forum) we focus on teaching people hacking,finding vulnderabilties in sites,software cracking etc.

COME JOIN US!!!!

and we are also a great hacker community!!!

kforum.co.nu

@SQLx1nj3ct10n great hacker community? Not even close. There is absolutely no intellectual discussion going on at all. More like script kiddies learning how to deface.

Excellent video! Nice work man.

nice work man wonder what exploit can be used on a windows vista SV2 ?

thanks

Lol thank you for the command. I knew it was Apt-get install I just couldn't figure out which "Nessus" it was. =)

sh: msfconsole: command not found <<< help!!! plz!!

when i run the ./msfconsole command it says bash: ./msfconsole no such file or directory

everytime i wanna create a database it says i need to install shit help

great how to to import nessus data into metasploit.

the dbcreate one?

SOMEONE KNOWS HOW TO MANUALLY INSTALL EXPLOITS? Please help, i cant find how to do it!

OK, I've got that error below solved, now when I run exploit it says: Exploit Exception: The connection time out. (10.0.0.4:445). So no session was created.

@EviousProductions how did you solve that previous problem?

@ziebesten The 'db_create' one, or the 'Exploit Exception'?

@EviousProductions The db_create one

@ziebesten you have to do: db_driver sqlite3

then do: db_connect /your/path/here.db

db_connect will make one, then connect for you all at once.

Great vid mate. Im learning metasploit at the moment.

My db_create command doesn't work. It says it has a call stack, and it couldn't connect to the host 127.0.0.1. Apparently the connection was refused. If you know what the problem is, your help would be appreciated a lot. Nice video though!

@EviousProductions have you disabled the firewall? Are you using a Virtual machine? Have you got the right IP?

@ziebesten I am on a virtualbox. Would using bt4 on the physical computer solve the problem?

@ziebesten actually I've downloaded the program to my host ubuntu machine, and it returns the same error.

@EviousProductions i think your using backtrack 4 r2. I have just downloaded this version and am getting the same error. my bt4 final works fine. So am stuck like you for the time being

tnx

I didnt understand how you installed Nessus :(

my computer thinks metasploit is a virus and i dont know if its safe or not PLEASE TELL ME!!!!!!!!!!

@planetoftheapez It's fine. It's just detecting the files metasploit uses to exploit remote systems.

msf > db_create /root/database.db //results in the following

"...createdb: could not conncet to database postgres: could not connect to server: no such file or directory" "Is the server running locally?...."

What did I do wrong? Is the syntax for db_create different in version 3.4?

@jcube001 I suggest you use db_drive sqlite3 command before trying to use msf with windows.

I get an error trying to inport a .nessus file. says "Cannot read NESSUS file". Im using Nessus 4.2. Can anybody help??

thanks for spending some time to answer to me mate...that helped me alot.. have a good summer

ok so when I open my shell, instead of the green text like yours, its red and says "bt ~ #" Why is this? and when I use the command to install nessus, it says "apt-get is not a command" Can anybody help?

@Sc0ttTay What version of Backtrack are you using?

@nulbytesecurity BT3

@Sc0ttTay copy and paste this: ~# apt-get install nessusd nesses

you have to right click on order to paste something into your command prompt because if you press control v it will make this weird symbol that i would excpect to be doss or unicode: ^V

I like how you implemented nessus and meterpreter/metasploit. I've always just scanned with nessus and tried to exploit with metasploits web feature. I'll be trying to learn meterpreter a lot more now because it seems like a better way to run exploits seeing how you have way more options. Good vid, I'll stay posted.

@dellthinker Yea, Meterpreter is really the best way to go with windows. It has a plethora of built-in features. (Spawn shells, transfer files, etc). About the metasploit web feature, I've never really cared for it. I just couldn't get it to work the way I wanted it to for some reason. Good luck.

@dellthinker I now this is a one year old comment I am replying to! meterpreter surely is useful to know, but now when BackTrack 5 is released you get Armitage to your metasploit! Which is a GUI for metasploit. It helps you out a lot!

Go check armitage out at there page fastandeasyhacking (.) com

Hak5 made a video on it too! Worth to check out..

[-] Handler failed to bind to ****

[*] Started reverse handler ***

[*] Connecting to the server...

[-] Exploit failed: The connection timed out (********).

[*] Exploit completed, but no session was created.

msf exploit(psexec) >

any ideas?please send me a priv message

@psydelia psexec is more of a feature than an exploit. It was put there on purpose to allow remote users to start a program. The problem you have is probably because that feature is turned off. You can either enable the feature (google it) or you can try a different exploit. Try using ms08-067_netapi on an unpatched XP SP2 box.

im completely noob at this but, when i type apt-get install nessusd nessus nothing happens, i just got the program and i dont know anything about it. what to do?

@MetalAddicted666 download it from the site

lol skiddie

I would not rely on the repositories being up to date as you speak of.

ive got metasploit working but not nessus

nessus wont run and metasploit is a .run wtf? :( (ubuntu 9.10, gnome, compiz)

Thanks a shitload dude! nmap was a pain in the ass but Nessus is like the Jesus of scanners !

Nessus and msf are beastly. Getting a shell on an xp machine is very easy but Im not having much luck getting into my Vista pc =[

im trying this on a computer in my house which is windows vista. port 455 is open with the exploit "/windows/smb/psexec". i went through all the steps, bus metasploit said "FAILED - the remote host has only provided us with guest priveleges." what should I do? the username is set as "Administrator" and there is no password set

maybe vista has tighter security by default for the remote connections. i know they fixed a lot of things from xp to vista, regarding all the remote holes.

maybe the provided exploit is specific for xp2, so the commands to get the same thing for vista are slightly different.

just ideas; i haven't looked at it properly.

that was pretty awesome dude keep coming!

reverse_tcp

could bypass firewall

What do you mean "make sure there are no firewalls on the target?" What are you going to do, tell a client that you can't fully test his security unless he kills his firewalls?

Cookiect2003, you obviously wouldn't ask them to shut off their firewall. However, I told people to do this because, if not, I would get a ton of comments about how it isn't working for them. Also, putting a decent firewall in place will mitigate this attack (unless, of course, you start opening ports).  The thing with most "clients" is that they are a business. You have a much higher chance of finding open ports (i.e. for a webserver) than with a home user.

Cool, thanks for the response. I have a test network setup in the next room I'm trying to exploit. I can gain a shell without a firewall, managed to gain a shell with firewall once, I'm still a student and have only just started my network training. I can crack wep with mac filtering and wpa with a weak key. Still new at metasploit.

so by "machine" you mean computer right..? so are you connecting to another "machine" will they detect you?? if you are connecting to another "machine"?

MrTechies, I am referring to another computer. It is always possible to be detected (especially with this approach). However, since I don't condone any type of illegal activity, I would recommend you just play around on your local network so that you will never have any problems being "detected."

So for all the people out there that dont already have nessus, This is a good tutorial, but he forgot to add that to connect to the nessus server to actually load the plug ins. You have to run the command nessus-adduser other wise it will throw an error, and you will not be able to load the plugins.

wetwurX13, thanks for posting this information.

is it really necessary to use the db_import_nessus_nbe or can you just use nessus to find the vulnerabilities then just use the db_add_host command? i might be doing something wrong, i found a site with two medium level vulnerabilities and tried to import the nbe to metasploit but i don't know if it worked and when I tried to do autopwn it said there were no exploits.

The idea behind the "db_import_nessus_nbe" command is it tells Metasploit EXACTLY what is exploitable. I would recommend you play around with Metasploit until you find something that works for you. Also, you can find a written copy of this video on my blog (in the description).

Hailz....

my nessus fails after update the plugins why is this any help?

I have a problem with my BackTrack4, the internet won't work!

I have a Broadcom 440x ethernet card.

I have searched and googled but I have not find an answer, maybe you know something that could work?

btw really nice video! 5/5

broadcom is a bad choice for security testing, I'd suggest something with an atheros chipset, 500x maybe...

Backtrack 4 starts with networking off by default. "/etc/init.d/networking start" should fix the problem for you.

Your vid rocks dude.

just one question, dose the Auto-Pwn option in Fast-track actually work ? and Ive never had any success at all !!! or must i do it the manual way every time. ?

5 stars dude! thats freakin awesome!

great tutorial!

btw what screen recorder did you use?

Hey, he used Camtasia studio

I used "recordmydesktop."

You could actually do the same thing with Nmap.

I mean granted you don't have the pretty graphical with Nessus? But you can create a log.

db_nmap > /raddah/raddahradddah/raddah.r­addah

Nessus is much better than nmap for exploiting with Metasploit. Nessus will tell you (and Metasploit) exactly what is exploitable on the system, whereas Nmap will only tell Metasploit what ports are open and (possibly) the service name / version. Run a few tests with using either Nessus or Nmap. You will probably see that, when Metasploit exploits from a Nessus scan, far less exploits are tried than with a Nmap scan.

very Good, congratulations!!!

Good video. If only you explained why, and what those commands do--are for. Again, good video.

I have a text version of the video on my blog. It goes into far more detail. I urge you to check it out and if you still don't get the information you want, you can leave a comment on the blog or email me.

Wow thx for this video

i hope you make more of this videos

keep your good work!

Well, I'd have to say that the quality looks great. Don't have much else to say: the only reason I post here is because nulbytesecurity drags me in here by the toenails and and forces me against my will to say something.

But seriously, great video.

totally agree

yea, what he said

Hey saolthedarkone, thanks for commenting. Got any suggestions for a future video?

hey nulbyte, Great Video,... currently sitting on BT3 about to download the BetaBT4 ... lol this is not my connection,.. great vid btw again ;-)

C'mon guys! Only one comment and it's SPAM...