Browse Library
Sign In Start Free Trial
Close icon Search icon
Account
Browse Library Sign In Start Free Trial

Add to playlist

Create a Playlist

Modal Close icon
You need to login to use this feature.
  • Book Overview & Buying Penetration Testing with BackBox
  • Table Of Contents Toc
Penetration Testing with BackBox

Penetration Testing with BackBox

By : Stefan Umit Uygur
4 (9)
Buy this Book
close
close
Penetration Testing with BackBox

Penetration Testing with BackBox

4 (9)
By: Stefan Umit Uygur
Buy this Book

Overview of this book

Table of Contents (15 chapters)
close
close
close
Penetration Testing with BackBox
Icon
Penetration Testing with BackBox
Credits
Icon
Credits
About the Author
Icon
About the Author
About the Reviewers
Icon
About the Reviewers
www.PacktPub.com
Icon
www.PacktPub.com
Preface
Icon
Preface
Lock Free Chapter
1
Starting Out with BackBox Linux
Icon
Starting Out with BackBox Linux
Icon
A flexible penetration testing distribution
Icon
The organization of tools in BackBox
Icon
Services
Icon
Update
Icon
Anonymous
Icon
Extras
Icon
Completeness, accuracy, and support
Icon
Links and contacts
Icon
Summary
2
Information Gathering
Icon
Information Gathering
Icon
Starting with an unknown system
Icon
Proceeding with a known system
Icon
Summary
3
Vulnerability Assessment and Management
chevron up
Icon
Vulnerability Assessment and Management
Icon
Vulnerability scanning
Icon
False positives
Icon
Summary
4
Exploitations
Icon
Exploitations
Icon
Exploitation of a SQL injection on a database
Icon
Exploiting web applications with W3af
Icon
Summary
5
Eavesdropping and Privilege Escalation
Icon
Eavesdropping and Privilege Escalation
Icon
Sniffing encrypted SSL/TLS traffic
Icon
Password cracking
Icon
Summary
6
Maintaining Access
Icon
Maintaining Access
Icon
Backdoor Weevely
Icon
Summary
7
Penetration Testing Methodologies with BackBox
Icon
Penetration Testing Methodologies with BackBox
Icon
Information gathering
Icon
Summary
8
Documentation and Reporting
Icon
Documentation and Reporting
Icon
MagicTree – the auditing productivity tool
Icon
Summary
1
Index
Icon
Index

False positives

Now we have the substantial vulnerabilities report generated by OpenVAS for the target system. It is ready to be analyzed and we will be going through high-level and medium-level vulnerabilities we mentioned earlier. We will be commenting them all in order to be able to classify whether they are false positives or not.

The following is the list of high and medium vulnerabilities:

Port summary for 192.168.136.35

Service (Port)

Threat

domain (53/tcp)

High

ms-wbt-server (3389/tcp)

High

mysql (3306/tcp)

High

blackice-alerts (8082/tcp)

Medium

general/tcp

Medium

http (80/tcp)

Medium

sunproxyadmin (8081/tcp)

Medium

Let's go through a single high-level alert by summarizing the threat type with the associate common vulnerability scoring system (CVSS) and the further details given by the scan report.

  • High-level vulnerabilities:

    • CVSS: 9.3, NVT: Dnsmasq Remote Denial of Service Vulnerability

    • CVSS: 6.4, NVT: Microsoft RDP Server Private Key Information Disclosure Vulnerability...

CONTINUE READING
83
Tech Concepts
36
Programming languages
73
Tech Tools
Icon Unlimited access to the largest independent learning library in tech of over 8,000 expert-authored tech books and videos.
Icon Innovative learning tools, including AI book assistants, code context explainers, and text-to-speech.
Icon 50+ new titles added per month and exclusive early access to books as they are being written.
Penetration Testing with BackBox
End of Section 3
Next Section
notes
bookmark Notes and Bookmarks search Search in title playlist Add to playlist font-size Font size

Change the font size

margin-width Margin width

Change margin width

day-mode Day/Sepia/Night Modes

Change background colour

Close icon Search
Country selected
Close icon Your notes and bookmarks

Confirmation

Modal Close icon
claim successful
Order Page Read Now

Buy this book with your credits?

Modal Close icon
Are you sure you want to buy this book with one of your credits?
Close
YES, BUY

Submit Your Feedback

Modal Close icon
Modal Close icon
Modal Close icon