Stapler Walkthrough

I started the box with a netdiscover scanNetdiscover -r 192.168.0.0/24 The VM picked up an ip address of 192.168.0.134 Let’s scan it with nmapnmap -sV -Pn -vv -T4 -A -p- 192.168.0.134 –script=auth,brute,discovery,exploit,vuln -oN 192.168.0.134nmap.scan Found some open portsFTP & SSHTCP DNS WebserverMysql with an interesting banner And another webserver SMB enum found a couple shares … Continue reading "Stapler Walkthrough"

Read More

Pwn_init Walkthrough

First I ran netdiscover -r 192.168.0.0/24 Then an nmap scan: nmap -sV -Pn -vv -T4 -A -p- 192.168.0.133 –script=auth,brute,discovery,exploit,vuln -oN 192.168.0.133nmap.scanFound a few open ports: Info about the http server, looks like we found a login form And some additional pages to try RPC info MYSQL info, looks like we got blocked from connecting to … Continue reading "Pwn_init Walkthrough"

Read More

Kioptrix 1 Walkthrough

Kioptrix 1 VulnHub VM Walkthrough I started with box with a netdiscover scan, found the IP was 192.168.0.130 netdiscover -r 192.168.0.0/24 Then ran an nmap scan and discovered some open ports nmap -sV -Pn -vv -T4 -A -p- 192.168.0.130 –script=auth,brute,discovery,exploit,vuln -oN 192.168.0.130_nmap.scan SSH version Apache version, some OS info and mod_ssl/openssl version An open rcp port … Continue reading "Kioptrix 1 Walkthrough"

Read More

SickOS1.2 Walkthrough

I started this box with a net discover command to find it’s IP, 192.168.0.106 (102 is SickOS1.1) I ran an nmap scan against the host: nmap -sV -Pn -vv -T4 -A 192.168.0.106 –script=auth,brute,discovery,exploit,vuln -oN 192.168.0.106_nmap.scan My scan found 2 open ports, ssh and port 80OpenSSH 5.9[1 Debian Lighttpd 1.4.28, PHP versioning and more info Linux kernel … Continue reading "SickOS1.2 Walkthrough"

Read More