Friday, January 27, 2012

Using Nessus For Vulnerability Analysis and Xploitdb for Exploitation

11:41 AM    No comments

1. Scan host that have been connected to the network by using zenmap
2. Define the target for the vulnerability analysis.
3. Open Nesuss by typing https://127.0.0.1:8834/ at the browser address bar
4, Create new case and type the address of the target..
5. Click Launch Scan

6. Choose which service that have high severenity



7. Click it for detail information

8.  Open xploitdb in Apps-Exploitation Tools-Open Source Exploitation-Expoit-DBexpoitdb-directory.
9. Search the exploit script by typing  ./searchsploit openssh to search explotaion script for openssh

10. Define which one will be used
11. For example we will use 2444.sh fo DoS Exploit, see the detail script by typing

cat platforms/multiple/dos/2444.sh
 

12. You will see, how to run this script 
( #
# usage: script <hostname>)

13. Type ./2444.sh 192.168.1.145


0 komentar:

Post a Comment