VulnHUB C0lddboxx-Easy: Walkthrough
Views: 4Enumeration Nmap
VulnLAB
Walkthrough – VulnHUB DC-1
Views: 17Enumeration Nmap scan Nmap scan reveals that the target is running a website based on Drupal CMS on port 80. Newer installs of Drupal by default block access to the CHANGELOG.txt and README.txt files, so we may need to do further enumeration. Although the target is running an older version of Drupal (7), these two files are not present … Read more
ATTACKING COMMONLY USED SERVICES: PART_03 Exploiting SMB
Views: 33Server Message Block (SMB) is a communication protocol created for providing shared access to files and printers across nodes on a network. Initially, it was designed to run on top of NetBIOS over TCP/IP (NBT) using TCP port 139 and UDP ports 137 and 138. However, with Windows 2000, Microsoft added the option to run SMB directly over TCP/IP … Read more
Helpful Websites
Views: 5Wordlists General Linux Kernel CVEs | All CVEs https://github.com/lucyoa/kernel-exploits Basic Linux Privilege Escalation – https://blog.g0tmi1k.com/2011/08/basic-linux-privilege-escalation/ Linux Privilege Escalation – https://github.com/swisskyrepo/PayloadsAllTheThings/blob/master/Methodology%20and%20Resources/Linux%20-%20Privilege%20Escalation.md Checklist – Linux Privilege Escalation – https://book.hacktricks.xyz/linux-unix/linux-privilege-escalation-checklist Sushant 747’s Guide (Country dependant – may need VPN) – https://sushant747.gitbooks.io/total-oscp-guide/content/privilege_escalation_-_linux.html Linux Privilege Escalation LinPeas – https://github.com/carlospolop/privilege-escalation-awesome-scripts-suite/tree/master/linPEAS LinEnum – https://github.com/rebootuser/LinEnum Linux Exploit Suggester – https://github.com/mzet-/linux-exploit-suggester Linux Priv Checker – https://github.com/sleventyeleven/linuxprivchecker PayLoadAlltheThings https://github.com/swisskyrepo/PayloadsAllTheThings
Hydra Cheat Sheet
Views: 213Hydra is a parallelized login cracker which supports numerous protocols to attack. It is very fast and flexible, and new modules are easy to add. This tool makes it possible for researchers and security consultants to show how easy it would be to gain unauthorized access to a system remotely. It supports: Cisco AAA, … Read more
Disclaimer
Views: 84Use of this blog means agreement to the following terms: 1. Information provided on this blog are for educational purposes only. The site is no way responsible for any misuse of the information. 2. This blog is all about Cyber Security covering both Offensive and Defensive security principles and technologies. 3. This blog is totally meant for … Read more
ATTACKING COMMONLY USED SERVICES: PART_03 Exploiting FTP
Views: 64By default, FTP service uses TCP port 21. However, it’s possible to modify the default port and run the ftp service using another TCP port. Basic FTP Commands Command Description ?/help print local help information append Append to a file ascii set ascii transfer type binary Set Binary transfer type bye/exit/quit Terminate ftp session … Read more
ATTACKING COMMONLY USED SERVICES: PART_01 Useful Commands
Views: 23Server Message Block (SMB) Windows – CMD line net use Connect to a File share \\192.168.45.29\ITSupport\ The command net use connects a computer to or disconnects a computer from a shared resource or displays information about computer connections. Windows CMD – DIR Displays a list of a directory’s files and subdirectories dir \\192.168.45.29\ITSupport\ Enumerate file shares … Read more