Category: Persecure
-
Pivoting with Ligolo-ng
Pivoting from an external network to an internal network can seem quite daunting, especially for those who are new to the field of cybersecurity. In this article, I’ll explore how leveraging a tool Ligolo-ng can significantly ease this transition. However, understanding why pivoting is necessary and how it works with the required endpoints is crucial…
-
Docker Basics 1
Docker is a tool for containerization, enabling you to run applications in isolated environments. In this blog, we’ll cover the basics of Docker commands and demonstrate how to run a static website on your local host while binding it to a specific port. docker pull downloads container images from a registry to your local system.…
-
Phishing email Playbook
I ventured into creating a phishing email playbook for a SOC, leveraging the NIST framework. Developing SOC playbooks can be challenging, requiring meticulous attention to detail. It’s hard to fathom the complexity that awaits when tackling even more advanced playbooks. Preparation Phase During the preparation phase, the goals are twofold: firstly, to ensure that the…
-
Attacktive Directory
99% of Corporate networks run off of AD. But can you exploit a vulnerable Domain Controller?
-
PNPT : Black Pearl
Overview Enumeration Run nmap scan to find for open ports. Run a gobuster scan to find for hidden directories. Port 80 /secret DNS Enumeration /navigate Foothold Use metasploit to gain a shell. Transfer linpeas to find more clues. Seems like we can exploit some permissions. Privilege escalation Check GTFObins for SUID exploits. Root is gained.
-
PNPT : Dev
Overview Enumeration Run nmap scan to find for open ports. Web enumeration Port 80: Run a gobuster scan to find for hidden directories. Port 8080: In the website at port 80 there is directory where we are able to find a config.yml file. This contains some creds that we can keep later. In the webserver…
-
PNPT : Academy
Overview Enumeration Run nmap scan to find for open ports. Run a gobuster scan to find for hidden directories. Port 80 FTP Enumeration Crack the hashed password Foothold Login to the academy page with the cred found and upload a reverse shell. View the config file to find creds for the administrator. Privilege escalation Edit…
-
Kioptrix 1
Overview Enumeration Run nmap scan to find for open ports. Port 80 & 443 Run a vulnerability scan with Nikto Start directory enumeration with dirbuster. SMB Enumeration Search for exploits Samba exploit https://www.rapid7.com/db/modules/exploit/linux/samba/trans2open/ Exploitation By metasploit Exploitation failed. Use a different payload. Root shell is gained. Exploitation by manual method
-
Ping sweep script
A ping sweep is a network scanning technique used to discover which IP addresses are active and can be reached by a particular device or network. During a ping sweep, a device sends a series of Internet Control Message Protocol (ICMP) echo requests to a range of IP addresses. If an IP address is active…
-
CSIT’s CNY 2023 Mini Challenge
Download the file unzip it and head into the folder. Since it use you can use dir /r command. I noticed that some of the hidden files have unique number from the beginning. I use the sort command to find those unique files. From here I open up each file manually to find hidden clues.…
-
BTLO : Phishing Analysis
A user has received a phishing email and forwarded it to the SOC. Can you investigate the email and attachment to collect useful artifacts? Challenge Submission Who is the primary recipient of this email? (1 points) What is the subject of this email? (1 points) What is the date and time the email was sent?…