I finally completed “th3 pwn3d zit3″ test site, this is the complete site in which users can test their web applications testing skills, as well as an example on how to filter your input and securing your code in web applications, you may have seen part of the site in a previous post “Hacker Challenge: pwn3d the login form”, the other part of the site is the main page in which I added a search form for searching the content of the site, and of course also has different vulnerabilities.“th3 pwn3d zit3″

Ok, by now you probably now how much I enjoy hacking, ehm, ehm…sorry!, pentesting. Well for this tutorial I will be pentesting MS SQL Server with SQLat, Freetds, and Cain. Database store and provide access to information and information is power. Sensitive data such as bank account numbers, credit reports, and lots of other important information can be obtained from an insecure database, in this tutorial I will try to explain basic technology about MSSQL, like default install as well as demonstrate tools and techniques that can be use to exploit MSSQL server.

Read the rest of this entry »

In this tutorial, I show how easy is to intercept clear text password off the network, with cain’s men in the middle (MITM) attack. Cain & Abel is a password recovery tool for windows OS, it allows to recover password off the network by sniffing for later cracking using dictionary, brute force and cryptanalysis attack.
click here to view tutorial

This video shows how to gain access to an unpatched windows xp system, for this demonstration I use the Metasploit framework from the Backtrack live CD, and the Microsoft RPC DCOM exploit, with the win32_reverse payload to gain a reverse shell on the remote box, also I’ll be using PWDump4 to dump the password hashes on the remote system for later cracking with John….this is a good example why system update is so important.
click here to view tutorial

In this video I show how to gain access to a remote windows box, using Hydra GTK launching a dictionary attack against FTP server.
click here to view the tutorial

This is a demonstration of how easy is to sniff a remote computer internet connection in real time, for this I will be using open source tools like ettercap and dsniff’s webspy, because in a real world scenario all computer in a network are connected to a switch, network traffic is not redirected to every port on the switch therefore in order to see the traffic between our victim computer and the gateway, I need to implement ettercap’s ARP cached poisoning to successfully capture data between the two host.
click here to watch the video