view the video online:http://blip.tv/jac0bn3t/de-ice-1-120-1-0b-disk-3-5440393
download video: http://blip.tv/file/get/Jac0bn3t-deice112010bdisk3504.mp4
what i have use :
*OS:backtrack 5 and DE-ice 1.20 Disk3
*camtasia studio recorder and editor
*all other sofware user can be found on backtrack
*before i have found the results i have try a lote of exploits and tools
*i have love the this distro because you need your braine
*hacking steps:
*the attacker scan for open ports using nmap
*then scann for ports servers version
*the attacker try to connect to the remote ssmtp server using telnet "telnet 192.168.1.20 25"
*now from this ssmtp server we gonna found info aboute the admin user
*we go the the http home page we found the email of the admin
*but the attacker tinke wath's the rong whit the default email adresse ?? ; well the email adresse name is too long lets try to short it
*the attacker short it and the way has really wokt for him so now we need we have the admin name and we need the password so since there is no vuln over the other ports he gonna brute force the ssh using hydra and a default word list(can be found on backtrack greetz for darkc0de.lst)
*so we found a usename: csadmin and a password: rocker
*still connect to ssh its the easy part "ssh csadmin@192.168.1.20"
nots :
the password "rocker" at the last of the word list so i have idite the words list
Music used : B-Complex - Beautiful Lies