Kioptrix

Default username: John Default Password: TwoCows2 NIKTO `Web Vulneribility Scanner` nikto -h target ip* i.e nikto -host url Findings Outdated Applications - Google common exploits for given Version Apache mod_ssl openssl mod_ssl vulnerable to a remote buffer overflow Little bit of Directory Busting DIRBUSTER Directory Busting / Finding Folders ALternatives: gobuster, dirb, ferox boster dirbuster& insert target url on Target URL section Check ‘Go Faster’ Check List based brute force Click browse, navigate to /usr/share/wordlists/dirbuster/ Select a list File extension: php,txt,zip choose the extension you want to look for Note: more extension more time START Tip: Dir Scan takes a while....

Default username: John Default Password: TwoCows2 Tips: Save your all Scans in text/image for future use Lets find our IP Start Virtual Machine ping 8.8.8.8 in your main OS terminal, this will give us ip of our target machine Now go to your main machine Kali run sudo arp-scan -l This will give us IP address - Mac Address and Vendor We are looking for our matching IP. or Azureware/VMware...

So our Journey of Hack starts here. We are going to install VMware to run our Vulnerable Machine Kioptrix. Download VMware or Virtual Box Download Kioptrix a ready made Vulnerable Machine provided by TCM-SEC from Vulnhub Now Import downloaded VM Image on your virtual engine. - Open - Default Username: john - Default password: TwoCows2