Friday, March 8, 2013

Penetration Test pWnOS v2.0 with Armitage

Posted by at Friday, March 08, 2013 Read our previous post

Penetration Test pWnOS v2.0 with Armitage




  • Get root... Win!

pWnOS v2.0 is a Virutal Machine Image which hosts a server to pratice penetration testing. It will test your ability to exploit the server and contains multiple entry points to reach the goal (root). It was design to be used with WMWare Workstation 7.0, but can also be used with most other virtual machine software.

Configuration & Setup:
  • Configure your attacking platform to be within the network range

For example the ip of with the netmask of is what I statically set my BackTrack 5 network adapter to.

  • VMWare's Network Adapter is set to Bridged Network Adapter

You may need to change VMWare's Network Adapter to NAT or Host-Only depending on your setup

The server's ip is staticaly set to

Server's Network Settings:
  • IP:
  • Netmask:
  • Gateway:
Version History:

v2.0 - 07/04/2011 - Pre-Release copy for initial testing

Source: pWnOS_v2.0.7z/pWnOS v2.0/pWnOS_INFO-v2_0.txt



  • Insecure File Handling
  • Password In Plain Text
  • Reused Credentials
  • SQL Injection
  • Unrestricted Upload of File with Dangerous Type


pWnOS_v2.0.7z (Size: 286 MB)



Netdiscover -r #Scan SubNetwork for Taget
ifconfig eth0 #Set Local Ip
armitage #Start Armitage

Set Local ip
Add Taget Ip
Start Nmap Quick Scan

//Http Dirbrute
cd /pentest/web/dirb #Change Working Dir
./dirb #Start Dirbrute

Check Blog website

Search on Armitage for Simple Php Blog Vuln.
Exploit the Blog and get a shell.
ls /
ls /var
cat /var/mysqli_connect.php #Read Config & Save Password
cat /var/www/mysqli_connect.php #Read 2-Config & Save Password
Open any txtfile Put the 2 password into it,
Search ssh_login
Select passwordfile and use the file with the 2 saved passwords we have found.
Write username to Brute = root
Press Start and wait.......
w000t we are lucky and got root ;)
Done ...... ;)

Have pfun .....

1 comment:

  1. BlueHost is ultimately one of the best web-hosting company with plans for any hosting needs.


[#] iNFO [#]

All the information provided on this site is for educational purposes only.
The site and it's author is in no way responsible for any misuse of the information.
©2012 Security is just an Illusion is powered by Blogger - Template designed by Stramaxon - Best SEO Template