long time not play this “game”… after several month not update my collection, last week some boy ask me about my collection and my suggestion ’bout this “game”.. after digging my burried stuff, reading and googling i found this site :
http://www.darknet.org.uk and bring me back to my lost site http://sectools.org/ .
after i read that blog and searching2 on thus site, i found that all my collection listed there, i didn’t notice that coz in long2 time ago i never read thus site.
after updating my collection, i re-write all my step for playing this kind of game:
- First Step : Discovering
- Overview :
- doing this step, u will try to finding the whole network, to map the network, to know the routing map, to know what behind the router machine, to know how clever the network administrator
- this step to uncover how large is the internal network, and the network map
- Tools:
- FoundStone Superscan4 (win32)
- IP Angry Scanner (win32)
- Nmap (nux+win32)
- GFI Languard (win32)
- Cheops NG (linux)
- SNMP-utils
- Second Step : Identifiying n Gathering Information
- Overview :
- after you know how large the network, the network map and the routing table, next thing to do is identifying and gathering information.
- this step needed to know the network more details, about the router information and firewall behind the router.
- also to let you choose your potensial target
- Tools:
- Nmap (nux+win32)
- Nessus (nux+win32)
- GFI Languard (win32)
- Cheops NG (linux)
- Third Step : Check The Target Vulneralbility
- Overview:
- after you know your target, u need to know more details about your target.
- the difference from previous step is this step is more to individual target rather to a whole network.
- Tools:
- Nmap (nux+win32)
- Nessus (nux+win32)
- GFI Languard (win32)
- Cheops NG (linux)
- Nikto
- Fourth Step : Execute the Stuff
- Overview:
- after gathering information about the target and it’s vulnerability, now is your turn to play the game
- choose your powerfull exploits (choose The Framework or Individual Exploit)
- remember, don’t use your own node to do this. find another node to jump to your target.
- Tools:
- Metasploit Framework
- Canvas
- Core Impact
- or Individual Exploits
- Fifth Step : Securing the Action
- Overview:
- after successfully break into the target, remember always choose a action which not leave an evidance can be use to track you down.
- suggestion: just bind a shell and create a listening port on target
- remember, don’t use your own node to do this. find another node to jump to your target.
- Tools:
- use TFTP protocol (tftp server + client) most OS support this protocol
- Sixth Step : Plant the stuff
- Overview:
- After Successfully get into your target, do what u want there, but always remember not do this on your node, find another jumper place to do this.
- Tools:
- Windows Registry => play fun with this stuff, just doing right thing with that , or u will crashing the target on next restart.
- Windows Registry + Windows Service => choose an usual name or general name to covering your track
- Root Kit for Linux, for this stuff i can’t tell much ’bout it, u can try to find it on the net
- Seventh Step :Covering the Action
- Overview:
- After Successfully get into your target, do what u want there, but always remember not do this on your node, find another jumper place to do this.
- remember, don’t use your own node to do this. find another node to jump to your target.
- don’t learn to hack, but hack to learn
i think this step is enough to play with this kind of “GAME”, do it for your own responsibility, i can’t guarantee for this stuff and this action.
_____
with loves, with efforts, with knowledges
knowing the best for ur best
__illuminator__