Pentest Lab Preparation ~ Installing Windows XP

Okay, lets make some preparation to setup our Penetration Testing Lab.

In this tutorial I use Virtualbox 4.1, Ubuntu-10.04-desktop-i386, Windows XP Professional SP3 and Backtrack 5r1 of course..

Lets get started.

1. Open your Virtualbox


2. Click New
3. The welcome screen will appear, just click “Next”


4. Give the name as you wish. I named this “Windows XP”. Then choose the OS Type. Because we want to Install windows xp first make your choice same as the picture below. After that click “Next” Continue Reading


Introduction to “Meterpreter”

Meterpreter (meta-interpreter), is an advanced payload included in the Metasploit Framework. In my opinion this is the best payload ever. It can upload/download victim’s files, read stored password hashes, keylogging, and even run a vnc server on the victim’s machine.

Meterpreter compatible with most of the exploit and auxiliary on metasploit. Making it the most sophisticated and the most used payload by pentesters and hackers. The way that it accomplishes this is by allowing exploit developers to write their own extensions in the form of shared object (DLL) files that can be uploaded and injected into a running process on a target computer after exploitation has occurred. Continue Reading


Social Engineering ~ Definition and Tool

In this post I’ll explain about the definition of social engineering and the tools to do it. Although its only a little and not in detail, but I think its enough to help you understand better about Social Engineering.

Lets talk about vulnerability first.
Vulnerability, is a weak point that exist on a system. This vulnerability is not only on the hardware and software, but also on the environment, the network and also the administrator/user. Social Engineering is the technique to attack the human vulnerability, usually the biggest vulnerability that exist on the human is the Low Security Awareness. Continue Reading