Hi Folks, I've just brought a book on Ethical hacking hoping to learn the art for penetration testing, however already I'm slightly confused. The chapter talks about scanning and getting as much info, and then jumps onto enumeration. But all the examples show Windows commands etc being executed on the LAN. What I don't get and I'm not sure if I've missed is how you actually get into the network / PC? How do you get to the point of actually being able to execute commands to do your enumeration? My second question leading on from that, is what if the server is part of a small LAN behind a NATed router? How do you see a LAN and equally as above connect to a specific machine to enumerate it? Any good tutorials/sites would also be gratefully appreciated. Thanks in advance, Newbie, UK
Well you obviously need admin privios on the target computer to give it commands that you want if you are not using a trojan on it. So they took the password hash and cracked it and then an open service on the server like Telnet or whatever, then used that port to establish a connection that can be used to give commands. Second one, you can see the internal network if you can see the Route Table, one of those routes in the table should contain the internal IP range.