INDEX

299

for open X11 servers, 54–56
overview, 36–37
phase of PTES, 3
using results in Autopwn tool, 56
for valid SMB logins, 51–52

vulnerable services, identifying, 259–260

W

WEBATTACK_EMAIL

 flag

OFF

 option, 136

ON

 option, 136, 142

web attack vectors, 142

client-side web exploits, 146–148
Java applet attack, 142–146
man-left-in-the-middle attack, 150
multi-attack vector, 153–157
tabnabbing attack, 150
username and password harvesting, 

148–150

web jacking attack, 151–152, 153154

WebDAV, 127–128

webdav_scanner

 module, 125

web jacking attack, 151–152, 153–154

Web Jacking Attack Method

 option, SET 

main menu, 151, 154

web server, configuring on 

Windows XP, 269

Website Attack Vectors

 option, SET 

main menu, 144, 147, 149

website clone, 148–149, 152
Weidenhamer, Andrew, 163
Werth, Thomas, 142
White, Scott, 163
white hat test, 4

whois

 lookups, 16–17

WIDEOPENWEST 

service provider, 17

Win2k8, 282
Windows, Task Manager, 117
Windows APIs, manipulating with

 

Railgun add-on, 97

Windows authentication, MSSQL 

Bruter, 168

Windows Components Wizard, 269
Windows debug 64KB restriction, 172
Windows Firewall, Windows XP, 269
Windows login credentials, 46
Windows Management Interface 

(WMI), 269

Windows UAC, 248, 249, 283

Windows virtual machine, scanning, 21
Windows XP, 76–82

attacking MS SQL, 76–78
brute forcing MS SQL server, 78–79
exploitation for, 64–68

nmap 

scan against, 19

scanning for ports with 

nmap

, 76

scanning only one system, 27
as target machine, 269–274

configuring web server on, 269
creating vulnerable web applica-

tion, 271–272

MS SQL server on, 269–271
updating Back|Track, 272–274

xp_cmdshell, 79–80

windows/meterpreter/reverse_tcp

 

payload, 246

windows/shell_reverse_tcp

 payload, 100

windows/smb/ms08_067_netapi 

exploit, 

59, 67

windows/smb/psexec

 module, 84–85

wireless attack vector, 160–161
wireless card, 179
WMI (Windows Management 

Interface), 269

WScript file, 157

WSCRIPT HTTP GET MSF Payload

 option, 

SET main menu, 158

X

X11 servers, vulnerability scanning for, 

54–56

x86/shikata_ga_nai

 encoder, 13, 103

x90

, Intel x86 architecture, 112

xCCs

 breakpoints, 208

xp_cmdshell

 stored procedure, 79–80, 

166, 169, 172, 186, 187, 188, 
255, 257

xspy

 tool, 55–56

XSS (cross-site scripting) 

vulnerability, 150

xterm

 window, 256

Z

Zate, 49
zero-day vulnerability, Adobe Flash, 

110, 146