Linux - Software This forum is for Software issues.
Having a problem installing a new program? Want to know which application is best for the job? Post your question in this forum. |
Notices |
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
Are you new to LinuxQuestions.org? Visit the following links:
Site Howto |
Site FAQ |
Sitemap |
Register Now
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
|
 |
|
11-18-2004, 09:54 PM
|
#16
|
LQ Newbie
Registered: Nov 2004
Location: Dagenham, Essex, UK
Distribution: Slackware 10.0
Posts: 17
Original Poster
Rep:
|
Quote:
Originally posted by predator.hawk
I'd setup a fake exploitable server to work on . Then i'd proble nmap it, use say a classic ssh hole and gain access. All of this done within a local network . as for the boot stuff, you can just hack up a bootsplash theme and you should be fine.
|
THis was aan idea.. but it means setting up a machine ( Non of wich i have are free) and setting up the network..
if push comes to shove ide have to do this.. but im trying to simulate it if possible.. saves time, and fucking about..
plus i have about 1 min to sho the whole prosedure..
|
|
|
11-18-2004, 11:13 PM
|
#17
|
Senior Member
Registered: Dec 2003
Location: Shelbyville, TN, USA
Distribution: Fedora Core, CentOS
Posts: 1,019
Rep:
|
Here's some stuff:
Code:
#!/bin/bash
#
echo "> nmap 172.16.1.2"
echo "Starting nmap 3.70 ( http://www.insecure.org/nmap/ ) at 2004-11-18 21:59 CST"
sleep 1
echo "Initiating SYN Stealth Scan against 172.16.1.2 [1660 ports] at 21:59"
sleep 1
echo "Discovered open port 22/tcp on 172.16.1.2"
sleep 1
echo "The SYN Stealth Scan took 2.26s to scan 1660 total ports."
echo "For OSScan assuming that port 22 is open and port 1 is closed and neither are firewalled"
echo "Insufficient responses for TCP sequencing (1), OS detection may be less accurate"
echo "Host 172.16.1.2 appears to be up ... good."
sleep 1
echo "Interesting ports on 172.16.1.2:"
echo "(The 1659 ports scanned but not shown below are in state: closed)"
echo "PORT STATE SERVICE"
echo "22/tcp open ssh"
sleep 1
echo "Device type: general purpose"
echo "Running: Linux 2.4.X|2.5.X|2.6.X"
echo
echo
sleep 1
echo "Nmap run completed -- 1 IP address (1 host up) scanned in 2.592 seconds"
echo
sleep 2
echo "> myExploiter"
echo "breaking into server..."
sleep 3
echo "Entry Gained!"
sleep 3
echo "Need password:"
sleep 1
You probably want to bust that up into 2 scripts. The nmap simulation and the fake exploit. I didn't do anything near authenic but you can kind of see how to do that. By the way, to run that save that code in a file and on the command line do a chmod +x filename and the ./filename
Last edited by benjithegreat98; 11-18-2004 at 11:14 PM.
|
|
|
11-19-2004, 06:58 AM
|
#18
|
LQ Newbie
Registered: Nov 2004
Location: Dagenham, Essex, UK
Distribution: Slackware 10.0
Posts: 17
Original Poster
Rep:
|
Thanx Benji,
that looks great.. with a bit of tweaking ill get that runing...
Where can i find the basic command list or How-TO for this...
i remeber when writing in BASIC (ok im going back now... ya woundt believe i was 17)
how do i give an input command.... for instance
echo "Enterpass", Input p$
is that correct or is there another way to do it... i know its written like basic but i only language i know.. (:S:S)
Added in:: whats the command to clear the screen.. i know its CLS of CLEAR in basic... what is it in bash???
Added:: Ok i know i spell bad.. Seems Clear does work
Last edited by NeoRage; 11-19-2004 at 08:36 AM.
|
|
|
11-19-2004, 10:07 AM
|
#20
|
LQ Newbie
Registered: Nov 2004
Location: Dagenham, Essex, UK
Distribution: Slackware 10.0
Posts: 17
Original Poster
Rep:
|
cheerz..
what im doing atm is making the GUI in flash..
Basically a login screen ad then the file manager system..
the linux console will basically simulate the hack..
what i wanna do is using the bash scripts. make it look like im actially giving the system varible to hack with.. so it dosnt look like im runnimng a pre configured script.. and am actallr running a program..
so far its looking good...
thanx..
|
|
|
11-19-2004, 10:28 AM
|
#21
|
Senior Member
Registered: Dec 2003
Location: Shelbyville, TN, USA
Distribution: Fedora Core, CentOS
Posts: 1,019
Rep:
|
One more thing about the realism.....
The ip address that I used in there is an IP that you would use if you were already on the network of the targeted computer. If you are already on the network then you can safely use 192.168.*.* or 10.*.*.* or 172.16.*.* - 172.31.*.*
If you are going across the net you have to use another IP address where the each of the 4 numbers is between 0 and 255.
BUT......
I've never seen a movie or TV show that used a real IP address. They will make one of the number greater than 255 (like 264 or so). This is similar to using the 555 telephone numbers like they do on TV. Otherwise you are giving out some inocent person's IP and they are likely to get attacked. If you are using one of the above internal IP addresses then you can use a real one of those.
And to answer how to simulate how to clean up your traces, don't actually show it. Just use a verbal cue to say the guy is doing it.
|
|
|
11-19-2004, 10:58 AM
|
#22
|
LQ Newbie
Registered: Nov 2004
Location: Dagenham, Essex, UK
Distribution: Slackware 10.0
Posts: 17
Original Poster
Rep:
|
Yeah.. i know what ya mean...
i just randomly typed in an ip addy. lol
also to get round the cleanup im just making a Bash Script that basicly says its cleaning up the logs.. and just random file locations..
|
|
|
11-19-2004, 11:02 AM
|
#23
|
Senior Member
Registered: Dec 2003
Location: Shelbyville, TN, USA
Distribution: Fedora Core, CentOS
Posts: 1,019
Rep:
|
Oh, ok. Most log files are located in /var/log/ if that helps.
|
|
|
11-19-2004, 11:39 AM
|
#24
|
LQ Newbie
Registered: Nov 2004
Location: Dagenham, Essex, UK
Distribution: Slackware 10.0
Posts: 17
Original Poster
Rep:
|
Chrz..
|
|
|
11-19-2004, 01:14 PM
|
#25
|
Member
Registered: Sep 2002
Location: Novi Sad, Vojvodina
Distribution: Slackware, FreeBSD
Posts: 386
Rep:
|
Just use real tools out there.
There is Nessus vulnerability scanner with nice gui, plethora of exploits.
Get older vulnerable version of Linux, some exploit, run it, film it....
Much easier then learning shell scripting, plus it would be real... 
Check http://packetstormsecurity.nl for exploits
|
|
|
11-19-2004, 02:09 PM
|
#26
|
Member
Registered: Nov 2004
Distribution: FC1, Gentoo, Mdk 8.1, RH7-8-9, Knoppix, Zuarus rom 3.13
Posts: 98
Rep:
|
Quote:
Originally posted by AxeZ
Just use real tools out there.
There is Nessus vulnerability scanner with nice gui, plethora of exploits.
Get older vulnerable version of Linux, some exploit, run it, film it....
Much easier then learning shell scripting, plus it would be real...
Check http://packetstormsecurity.nl for exploits
|
I agree with AxeZ.
I was gonna post some advice but what's the point. What is real and what people want to see isn't even on the same bell curve.
-b
|
|
|
All times are GMT -5. The time now is 12:47 PM.
|
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
|
Latest Threads
LQ News
|
|