Having a Taste of Being a Hacker

0. Outline

1. Are you a hacker, pentester, or either?

1.1 White, Grey, Black Hat, Which One Are You?

1.2 Things a Pentester Might Miss

Figure 1.1 The common phases of pentest.

1.3 Some Tools You Might Have Heard

Figure 1.2 Kali Linux Desktop.

1.4 Before Proceeding

2. Information Gathering

2.1 Preparation

2.2 Conventional Way

2.3 Using Tools

2.3.1 What Most Don’t Know in Using Google

Figure 2.1 Trying Google The Different Way.

2.3.2 Ping

Figure 2.2 Ping metasploit.com in Linux terminal.

2.3.3 Who is, Dig, Host, Nslookup

Figure 2.3 Dig, host, and nslookup on metasploit.com.
#####################################################################################

root@kali:/home/fajarpurnama# torsocks whois metasploit.com



Whois Server Version 2.0



Domain names in the .com and .net domains can now be registered

with many different competing registrars. Go to http://www.internic.net

for detailed information.



Domain Name: METASPLOIT.COM

Registrar: MARKMONITOR INC.

Sponsoring Registrar IANA ID: 292

Whois Server: whois.markmonitor.com

Referral URL: http://www.markmonitor.com

Name Server: DELL.NS.CLOUDFLARE.COM

Name Server: RICK.NS.CLOUDFLARE.COM

Status: clientDeleteProhibited http://www.icann.org/epp#clientDeleteProhibited

Status: clientTransferProhibited http://www.icann.org/epp#clientTransferProhibited

Status: clientUpdateProhibited http://www.icann.org/epp#clientUpdateProhibited

Updated Date: 25-nov-2015

Creation Date: 10-jun-2003

Expiration Date: 10-jun-2020



>>> Last update of whois database: Mon, 14 Dec 2015 14:06:20 GMT <<<



For more information on Whois status codes, please visit

https://www.icann.org/resources/pages/epp-status-codes-2014-06-16-en.



NOTICE: The expiration date displayed in this record is the date the

registrar's sponsorship of the domain name registration in the registry is

currently set to expire. This date does not necessarily reflect the expiration

date of the domain name registrant's agreement with the sponsoring

registrar. Users may consult the sponsoring registrar's Whois database to

view the registrar's reported date of expiration for this registration.



TERMS OF USE: You are not authorized to access or query our Whois

database through the use of electronic processes that are high-volume and

automated except as reasonably necessary to register domain names or

modify existing registrations; the Data in VeriSign Global Registry

Services' ("VeriSign") Whois database is provided by VeriSign for

information purposes only, and to assist persons in obtaining information

about or related to a domain name registration record. VeriSign does not

guarantee its accuracy. By submitting a Whois query, you agree to abide

by the following terms of use: You agree that you may use this Data only

for lawful purposes and that under no circumstances will you use this Data

to: (1) allow, enable, or otherwise support the transmission of mass

unsolicited, commercial advertising or solicitations via e-mail, telephone,

or facsimile; or (2) enable high volume, automated, electronic processes

that apply to VeriSign (or its computer systems). The compilation,

repackaging, dissemination or other use of this Data is expressly

prohibited without the prior written consent of VeriSign. You agree not to

use electronic processes that are automated and high-volume to access or

query the Whois database except as reasonably necessary to register

domain names or modify existing registrations. VeriSign reserves the right

to restrict your access to the Whois database in its sole discretion to ensure

operational stability. VeriSign may restrict or terminate your access to the

Whois database for failure to abide by these terms of use. VeriSign

reserves the right to modify these terms at any time.



The Registry database contains ONLY .COM, .NET, .EDU domains and

Registrars.

Domain Name: metasploit.com

Registry Domain ID: 98973533_DOMAIN_COM-VRSN

Registrar WHOIS Server: whois.markmonitor.com

Registrar URL: http://www.markmonitor.com

Updated Date: 2015-11-24T21:21:32-0800

Creation Date: 2003-06-09T23:53:17-0700

Registrar Registration Expiration Date: 2020-06-09T23:53:17-0700

Registrar: MarkMonitor, Inc.

Registrar IANA ID: 292

Registrar Abuse Contact Email: abusecomplaints@markmonitor.com

Registrar Abuse Contact Phone: +1.2083895740

Domain Status: clientUpdateProhibited (https://www.icann.org/epp#clientUpdateProhibited)

Domain Status: clientTransferProhibited (https://www.icann.org/epp#clientTransferProhibited)

Domain Status: clientDeleteProhibited (https://www.icann.org/epp#clientDeleteProhibited)

Registry Registrant ID:

Registrant Name: Domain Admin

Registrant Organization: Rapid7

Registrant Street: 100 Summer Street, 13th Floor

Registrant City: Boston

Registrant State/Province: MA

Registrant Postal Code: 02110

Registrant Country: US

Registrant Phone: +1.6172471717

Registrant Phone Ext:

Registrant Fax: +1.6175076488

Registrant Fax Ext:

Registrant Email: domains@rapid7.com

Registry Admin ID:

Admin Name: Domain Admin

Admin Organization: Rapid7

Admin Street: 100 Summer Street, 13th Floor

Admin City: Boston

Admin State/Province: MA

Admin Postal Code: 02110

Admin Country: US

Admin Phone: +1.6172471717

Admin Phone Ext:

Admin Fax: +1.6175076488

Admin Fax Ext:

Admin Email: domains@rapid7.com

Registry Tech ID:

Tech Name: Domain Admin

Tech Organization: Rapid7

Tech Street: 100 Summer Street, 13th Floor

Tech City: Boston

Tech State/Province: MA

Tech Postal Code: 02110

Tech Country: US

Tech Phone: +1.6172471717

Tech Phone Ext:

Tech Fax: +1.6175076488

Tech Fax Ext:

Tech Email: domains@rapid7.com

Name Server: dell.ns.cloudflare.com

Name Server: rick.ns.cloudflare.com

DNSSEC: unsigned

URL of the ICANN WHOIS Data Problem Reporting System: http://wdprs.internic.net/

>>> Last update of WHOIS database: 2015-12-14T06:06:39-0800 <<<



The Data in MarkMonitor.com's WHOIS database is provided by MarkMonitor.com for

information purposes, and to assist persons in obtaining information about or

related to a domain name registration record. MarkMonitor.com does not guarantee

its accuracy. By submitting a WHOIS query, you agree that you will use this Data

only for lawful purposes and that, under no circumstances will you use this Data to:

(1) allow, enable, or otherwise support the transmission of mass unsolicited,

commercial advertising or solicitations via e-mail (spam); or

(2) enable high volume, automated, electronic processes that apply to

MarkMonitor.com (or its systems).

MarkMonitor.com reserves the right to modify these terms at any time.

By submitting this query, you agree to abide by this policy.



MarkMonitor is the Global Leader in Online Brand Protection.



MarkMonitor Domain Management(TM)

MarkMonitor Brand Protection(TM)

MarkMonitor AntiPiracy(TM)

MarkMonitor AntiFraud(TM)

Professional and Managed Services



Visit MarkMonitor at http://www.markmonitor.com

Contact us at +1.8007459229

In Europe, at +44.02032062220



For more information on Whois status codes, please visit

https://www.icann.org/resources/pages/epp-status-codes-2014-06-16-en



root@kali:/home/fajarpurnama#

#####################################################################################

2.3.4 The Harvester

Figure 2.4 Using the harvester on metasploit.com.

3. Scanning

3.1 Port Scanning

Figure 3.1 Scanning With NMAP.

3.2 Vulnerability Scanning

Figure 3.2 Vunerability Scanning with Openvas.

4. Exploitation and Maintaining Access

4.1 Exploitation

4.2 Maintaining Access

Mirror

this blog contains all my articles licensed under creative commons attribution customized sharealike (cc-by-sa) where you can sell but mention the open one here

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store