Presentation is loading. Please wait.

Presentation is loading. Please wait.

Enumeration The First Step.

Published byOswin Burns Modified over 7 years ago

Similar presentations

Presentation on theme: "Enumeration The First Step."— Presentation transcript:

1 Enumeration The First Step

2 Agenda Clerical Stuff Pentest / Scope? The HackLab Networking Basics
Basic Host Discovery Nmap Moving Forward

3 What's a pentest? Scope? White hat Paid to hack people
Black box vs White (clear) box Scope? The "things" you're supposed to test In our case: the game, and definitely not AU_WiFi

4 Hack-Lab auctf / auctf_5ghz !!auctf2016 VPN: Next Week

5 Points of Interest 10.0.2.0/24 - The Player Network
File Server Overseer /24 - The Scope Important boxes get reset every 24 hours so don't bother

6 Networking Basics IP: 192.168.1.124 Netmask: 255.255.255.0
Gateway: Subnet Packet IP Address Ports Router

7 Networks == Onions Telnet TCP / UDP Ping ARP MAC

8 Ping ICMP – Layer 3 Most basic host discovery option
ping –c

9 Tracert Traces routes Good for information gathering / troubleshooting
traceroute tracert google.com

10 ARP Address Resolution Protocol Sits between layer 2 and layer 3
Hardware Addresses <=> Internet Addresses arp -a

11 Host Discovery With ARP
Arp-scan / netdiscover Limited to subnet, so we can only scan /24 sudo arp-scan /24 -I wlan0 sudo netdiscover -r /24 -i wlan0

12 Port Scanning Probing ports and analyzing responses
Open vs Closed vs Filtered Looking for attack vectors

13 Common Ports Secure vs Insecure SSH vs Telnet SFTP vs FTP vs TFTP

14 nmap The Go-To port scanning / host discovery utility nmap 10.0.1.16
nmap /24 --exclude nmap –p /24 nmap –sV

15 OS Detection Can be used to determine more info nmap –v –A 10.0.1.0/24
xprobe xx Sometimes totally breaks

16 GUI Alternatives Gives you an easier to look at overview
Not possible to do when sshing into our network Zenmap Sparta

17 Other Scanning Stuff Mass-Scan Shodan.io
Snmpwalk / finger enumeration / etc Nessus Scanning

18 Next Steps Can't do much without knowing where you're going
Nmap scanning is integral to metasploit / armitage Once you know services and ports you can move towards exploitation

19 Contacts, Website, Mailing List, etc...
| | Auctf.github.io #auctf on auburnacm.slack.com Goo.gl/HjJW7u - Mailing List

Download ppt "Enumeration The First Step."

Similar presentations

Introduction to Networking Andrew Hamilton TJ IT Technician.

Introduction to Networking Andrew Hamilton TJ IT Technician.
Cisco 2 - Routers Perrine. J Page 14/30/2015 Chapter 10 TCP/IP Protocol Suite The function of the TCP/IP protocol stack is to transfer information from.

Cisco 2 - Routers Perrine. J Page 14/30/2015 Chapter 10 TCP/IP Protocol Suite The function of the TCP/IP protocol stack is to transfer information from.
Network Mapping  Identify Live Hosts  Determine running Services TCP Port Scanning UDP Port Scanning Banner Grabbing ARP Discovery  Identify Perimeter.

Network Mapping  Identify Live Hosts  Determine running Services TCP Port Scanning UDP Port Scanning Banner Grabbing ARP Discovery  Identify Perimeter.
Precept 3 Host Configuration 1 Peng Sun. What TCP conn. running? Commands netstat [-n] [-p] [-c] (Linux) lsof -i -P (Mac) ss (newer version of netstat)

Precept 3 Host Configuration 1 Peng Sun. What TCP conn. running? Commands netstat [-n] [-p] [-c] (Linux) lsof -i -P (Mac) ss (newer version of netstat)
Hacking Exposed 7 Network Security Secrets & Solutions Chapter 2 Scanning 1.

Hacking Exposed 7 Network Security Secrets & Solutions Chapter 2 Scanning 1.
System Security Scanning and Discovery Chapter 14.

System Security Scanning and Discovery Chapter 14.
Controlling access with packet filters and firewalls.

Controlling access with packet filters and firewalls.
Chapter 2 Internet Protocol DoD Model Four layers: – Process/Application layer – Host-to-Host layer – Internet layer – Network Access layer.

Chapter 2 Internet Protocol DoD Model Four layers: – Process/Application layer – Host-to-Host layer – Internet layer – Network Access layer.
Defining Network Protocols Application Protocols –Application Layer –Presentation Layer –Session Layer Transport Protocols –Transport Layer Network Protocols.

Defining Network Protocols Application Protocols –Application Layer –Presentation Layer –Session Layer Transport Protocols –Transport Layer Network Protocols.
Click to edit Master subtitle style Chapter 17: Troubleshooting Tools Instructor:

Click to edit Master subtitle style Chapter 17: Troubleshooting Tools Instructor:
Networking in a Linux Environment Pete Eby Dan Thomas Robert Zurawski.

Networking in a Linux Environment Pete Eby Dan Thomas Robert Zurawski.
Penetration Testing.

Penetration Testing.
Penetration Testing Edmund Whitehead Rayce West. Introduction - Definition of Penetration Testing - Who needs Penetration Testing? - Penetration Testing.

Penetration Testing Edmund Whitehead Rayce West. Introduction - Definition of Penetration Testing - Who needs Penetration Testing? - Penetration Testing.
IST 228\Ch3\IP Addressing1 TCP/IP and DoD Model (TCP/IP Model)

IST 228\Ch3\IP Addressing1 TCP/IP and DoD Model (TCP/IP Model)
LINUX Security, Firewalls & Proxies. Course Title Introduction to LINUX Security Models Objectives To understand the concept of system security To understand.

LINUX Security, Firewalls & Proxies. Course Title Introduction to LINUX Security Models Objectives To understand the concept of system security To understand.
1 Figure 5-4: Drivers of Performance Requirements: Traffic Volume and Complexity of Filtering Performance Requirements Traffic Volume (Packets per Second)

1 Figure 5-4: Drivers of Performance Requirements: Traffic Volume and Complexity of Filtering Performance Requirements Traffic Volume (Packets per Second)
Ana Chanaba Robert Huylo

Ana Chanaba Robert Huylo
Guide to MCSE 70-270, Second Edition, Enhanced1 Windows XP Network Overview Most versatile Windows operating system Supports local area network (LAN) connections.

Guide to MCSE , Second Edition, Enhanced1 Windows XP Network Overview Most versatile Windows operating system Supports local area network (LAN) connections.
Network Protocols. Why Protocols?  Rules and procedures to govern communication Some for transferring data Some for transferring data Some for route.

Network Protocols. Why Protocols?  Rules and procedures to govern communication Some for transferring data Some for transferring data Some for route.
Karlstad University Introduction to Vulnerability Assessment Labs Ge Zhang Dvg-C03.

Karlstad University Introduction to Vulnerability Assessment Labs Ge Zhang Dvg-C03.

Similar presentations

Ads by Google