Skip to main content

Posts

Snort Challenge - The Basics

Rules Ive Used # This file intentionally does not come with signatures.  Put your local # additions here. # alert icmp any any <> any any (msg: "IP ID 35369 Found"; id:35369; sid: 1000001; rev:1) # log tcp any any <> any any (msg: "ALL SYN FLAGS"; flags:S;  sid: 1000001; rev:1;) # log tcp any any <> any any (msg: "ALL SYN FLAGS"; flags:P,A;  sid: 1000001; rev:1;) # log ip any any <> any any (msg: "SAME-IP IN IP"; sameip; sid:1000001; rev:1;)#This was not used in the first snort, they only wanted the next 2 rules, which showed less dups log udp any any <> any any (msg: "SAME-IP IN TCP"; sameip; sid:1000001; rev:1;) log tcp any any <> any any (msg: "SAME-IP IN UDP"; sameip; sid:1000002; rev:1;)  Snort Params: Some Sniffer mode parameters are explained in the table below; Parameter Description -v Verbose. Display the TCP/IP output in the console. -d Display the packet data (payload). -e Display
Recent posts

How To SSH File Transfer

Remember SCP Just use SCP Linux  Download $ scp -r user@ssh.example.com:/path/to/remote/source /path/to/local/destination Upload  $ scp -r /path/to/local/source user@ssh.example.com:/path/to/remote/destination  https://stackabuse.com/copying-a-directory-with-scp/     Windows local(win)->remote(unix): scp -P 1688 "D:\MEGA\ps.key" nick@192.168.88.242:/home/nick/ps.key remote->local (copy from remote host): scp -P 1688 nick@192.168.88.242:/home/nick/ps.key "D:\MEGA\ps.key" https://unix.stackexchange.com/questions/92715/can-i-transfer-files-using-ssh

Network Services

Network Services https://tryhackme.com/room/networkservices 3. Enumerating SMB Conduct an nmap scan of your choosing, How many ports are open? running nmap 10.10.197.190 results in PORT STATE SERVICE 22/tcp open ssh 139/tcp open netbios-ssn 445/tcp open microsoft-ds MAC Address: 02:21:CD:94:98:F5 (Unknown) Show/Hide What ports is SMB running on? 139/445 Show/Hide this is the known default values for SMB Let's get started with Enum4Linux, conduct a full basic enumeration. For starters, what is the workgroup name? WORKGROUP Show/Hide looking at the rest of the info from enum4linux -a 10.10.197.190 ill summarize here ========================== | Target Information | ========================== Target ........... 10.10.197.190 RID Range ........ 500-550,1000-1050 Username ......... '' Password ......... '' Known Usernames .. administrator, guest, krbtgt, domain admins, root, bin, none =================================================

Bandit 24 Over The Wire

Lessons Learned writing bash scripts that can brute force pins Logging in On a kali vm/ linux machine Type: ssh bandit24@bandit.labs.overthewire.org -p 2220 UoMYTrfrBFHyQXmg6gzctqAwOmw1IohZ Completing The Challenge The Goal: A daemon is listening on port 30002 and will give you the password for bandit25 if given the password for bandit24 and a secret numeric 4-digit pincode. There is no way to retrieve the pincode except by going through all of the 10000 combinations, called brute-forcing. The Solution: create a file in the /tmp folder, fill in the folder with the following: for ((i=1000; i < 10000; i++)); do         echo "UoMYTrfrBFHyQXmg6gzctqAwOmw1IohZ $i" done | nc localhost 30002 In this code i looked up for loops, but i ended up looking up what to do to get a for loop on netcat, someone gave an answer with no context on Stack Overflow and it was the first result. a much better link is http://www.softpanorama.org/Scripting/Shellorama/Control_structures/pipes_i

Bandit 23 Over The Wire

Lessons Learned understanding more complicated bash scripts and writing bash scripts to take advantage of automated processes Logging in On a kali vm/ linux machine Type: ssh bandit23@bandit.labs.overthewire.org -p 2220 jc1udXuA1tiHqjIsL8yaapX5XIAI6i0n  Completing The Challenge The Goal: A program is running automatically at regular intervals from cron , the time-based job scheduler. Look in /etc/cron.d/ for the configuration and see what command is being executed. The Solution: bandit23@bandit:~$ cat /etc/cron.d/cronjob_bandit24 @reboot bandit24 /usr/bin/cronjob_bandit24.sh &> /dev/null * * * * * bandit24 /usr/bin/cronjob_bandit24.sh &> /dev/null bandit23@bandit:~$ cat /usr/bin/cronjob_bandit24.sh #!/bin/bash myname=$(whoami) cd /var/spool/$myname echo "Executing and deleting all scripts in /var/spool/$myname:" for i in * .*; do     if [ "$i" != "." -a "$i" != ".." ];     then         echo "Handling $i"        

Bandit 22 Over the Wire

Lessons Learned understanding more complicated bash scripts Logging in On a kali vm/ linux machine Type: ssh bandit22@bandit.labs.overthewire.org -p 2220 Yk7owGAcWjwMVRwrTesJEwB7WVOiILLI Completing The Challenge The Goal: A program is running automatically at regular intervals from cron , the time-based job scheduler. Look in /etc/cron.d/ for the configuration and see what command is being executed. The Solution: bandit22@bandit:~$ ls /etc/cron cron.d/       cron.hourly/  crontab        cron.daily/   cron.monthly/ cron.weekly/   bandit22@bandit:~$ ls /etc/cron cron.d/       cron.hourly/  crontab        cron.daily/   cron.monthly/ cron.weekly/   bandit22@bandit:~$ ls /etc/cron.d/ cronjob_bandit15_root  cronjob_bandit22  cronjob_bandit24 cronjob_bandit17_root  cronjob_bandit23  cronjob_bandit25_root bandit22@bandit:~$ cat /etc/cron.d/cronjob_bandit23 @reboot bandit23 /usr/bin/cronjob_bandit23.sh  &> /dev/null * * * * * bandit23 /usr/bin/cronjob_bandit23.sh  &> /dev/null ba

Bandit 21 Over The Wire

Lessons Learned reading other peoples bash scripts Logging in On a kali vm/ linux machine Type: ssh bandit21@bandit.labs.overthewire.org -p 2220 gE269g2h3mw3pwgrj0Ha9Uoqen1c9DGr Completing The Challenge The Goal: A program is running automatically at regular intervals from cron , the time-based job scheduler. Look in /etc/cron.d/ for the configuration and see what command is being executed. The Solution: bandit21@bandit:~$ ls /etc/cron.d/ cronjob_bandit15_root  cronjob_bandit17_root  cronjob_bandit22  cronjob_bandit23  cronjob_bandit24  cronjob_bandit25_root bandit21@bandit:~$ cat /etc/cron.d/cronjob_bandit22 @reboot bandit22 /usr/bin/cronjob_bandit22.sh &> /dev/null * * * * * bandit22 /usr/bin/cronjob_bandit22.sh &> /dev/null bandit21@bandit:~$ cat /usr/bin/cronjob_bandit22.sh #!/bin/bash chmod 644 /tmp/t7O6lds9S0RqQh9aMcz6ShpAoZKF7fgv cat /etc/bandit_pass/bandit22 > /tmp/t7O6lds9S0RqQh9aMcz6ShpAoZKF7fgv bandit21@bandit:~$ cat /tmp/t7O6lds9S0RqQh9aMcz6ShpAoZKF7fgv Yk