1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Getting to enumerate? (Newbie)

Discussion in 'Ethical hacking' started by Ukuser, Aug 16, 2008.

  1. Ukuser

    Ukuser New Member

    Joined:
    Aug 16, 2008
    Messages:
    1
    Likes Received:
    0
    Trophy Points:
    0
    Hi Folks,

    I've just brought a book on Ethical hacking hoping to learn the art for penetration testing, however already I'm slightly confused.

    The chapter talks about scanning and getting as much info, and then jumps onto enumeration. But all the examples show Windows commands etc being executed on the LAN. What I don't get and I'm not sure if I've missed is how you actually get into the network / PC? How do you get to the point of actually being able to execute commands to do your enumeration?

    My second question leading on from that, is what if the server is part of a small LAN behind a NATed router? How do you see a LAN and equally as above connect to a specific machine to enumerate it?

    Any good tutorials/sites would also be gratefully appreciated.

    Thanks in advance,

    Newbie, UK
     
  2. SpOonWiZaRd

    SpOonWiZaRd Know what you can do.

    Joined:
    May 30, 2007
    Messages:
    747
    Likes Received:
    8
    Trophy Points:
    0
    Occupation:
    Network Engineer/Programmer
    Location:
    South Africa
    Well you obviously need admin privios on the target computer to give it commands that you want if you are not using a trojan on it. So they took the password hash and cracked it and then an open service on the server like Telnet or whatever, then used that port to establish a connection that can be used to give commands. Second one, you can see the internal network if you can see the Route Table, one of those routes in the table should contain the internal IP range.
     

Share This Page