Tag: red team
Purple Team Exercises: Bureaucrat
Purple Team Exercises: Kif
Fristileaks Walkthrough
Started the box with a netdiscover, we have an IP of 192.168.0.139 Then an nmap scan: nmap -sV -Pn -vv -T4 -A -p- scan_ip –script=auth,brute,discovery,exploit,vuln -oN $ip/$ip_.nmap.scan Nmap only found 1 open tcp port: 80, with a default dir I browsed to the webpage, but didn’t find anything of interest Then checked the robots.txt I … Continue reading "Fristileaks Walkthrough"
Read MoreVulnOSv2 Walkthrough
I started this box with a netdiscover scan, revealing it had an IP of 192.168.0.138 Nmap scan found some open ports SSH Webserver with a root dir Port 6667 Went to the website to reveal, how nice 🙂 After clicking on the link, it takes me too the web app I browsed around the site, … Continue reading "VulnOSv2 Walkthrough"
Read MoreKioptrix VM3
Started the host with a netdiscover scan Found some open portsSSHHTTP Found some login pages I browsed to the web port to find a web app: I clicked through the pages, then got to the login page Lets take a step back and see if there’s an associated vulnerabilities with the lotuscms applicationI found some … Continue reading "Kioptrix VM3"
Read MoreKioptrix2014- Walkthrough
I started this box with a netdiscover nmap scan found some ports I browsed to port 80 to findChecking the page source gives us our next clue Let’s browse to “pChart2.1.3…” I then looked up exploits associated with pchart In the first link, I followed the directory traversal vuln instructions And received a output of … Continue reading "Kioptrix2014- Walkthrough"
Read MoreKioptrix 2 Walkthrough
Kioptrix 2 VulnHub Walkthrough I started this box with a netdiscover scan It found that it was ip 192.168.0.131 netdiscover -r 192.168.0.0/24 Discovered some open ports SSH info Apache webserver with version and OS info Some info over https Looks like this sites running php We also have a cups server And a mysql server … Continue reading "Kioptrix 2 Walkthrough"
Read MoreMr. Robot Walkthrough
Started the scan of this box with netdiscover -r 192.168.0.0/24. Found the mr. Robot IP: 192.168.0.107 Found a couple ports open And a “closed” ssh service More info on port 80 Looks like we’re dealing with a wordpress site with a number of plugins enabled And similar findings on port 443 I started on the … Continue reading "Mr. Robot Walkthrough"
Read MoreSickOS1.2 Walkthrough
I started this box with a net discover command to find it’s IP, 192.168.0.106 (102 is SickOS1.1) I ran an nmap scan against the host: nmap -sV -Pn -vv -T4 -A 192.168.0.106 –script=auth,brute,discovery,exploit,vuln -oN 192.168.0.106_nmap.scan My scan found 2 open ports, ssh and port 80OpenSSH 5.9[1 Debian Lighttpd 1.4.28, PHP versioning and more info Linux kernel … Continue reading "SickOS1.2 Walkthrough"
Read More