OSCP | wirem0nster's infosec log

Doctor

Dec 10, 2020 TJNull's List

Introduction: Recon 1# nmap -sS -sV -sC -T4 -oN nmap.doctor.txt 10.10.10.209 2Starting Nmap 7.91 ( https://nmap.org ) at 2020-12-22 14:19 EST 3Nmap scan report for 10.10.10.209 4Host is up (0.015s latency). 5Not shown: 997 filtered ports 6PORT STATE SERVICE VERSION 722/tcp open ssh OpenSSH 8.2p1 Ubuntu 4ubuntu0.1 …

Granny

Dec 10, 2020 TJNull's List Metasploit Windows

Introduction: The “granny” is a windows box and very similar to the “grandpa” box in terms of the exploits and privesc. You will be exploiting an IIS CVE to gain initial access to the machine, then migrate your process and use one of the many possible exploits to do a privilege escalation. Recon …

Legacy

Dec 10, 2020 TJNull's List SMB

Introduction: Recon 1# nmap -sS -sC -sV -T4 -oN nmap.legacy.txt 10.10.10.4 2Starting Nmap 7.91 ( https://nmap.org ) at 2020-12-22 12:13 EST 3Nmap scan report for 10.10.10.4 4Host is up (0.012s latency). 5All 1000 scanned ports on 10.10.10.4 are filtered 6 7Service detection performed. Please report any incorrect …

Mango

Dec 10, 2020 TJNull's List NOSQL Injection Mongo SUID

Mango is a very well crafted machine and I really enjoyed working on this machine as it presents lot of learning opportunities. Enumeration is the key on this box and also some scripting knowledge will be required. Recon Lets kick off the namp scan - 1# nmap -sS -sC -sV -O -T4 -oN mango.htb.nmap.txt 10.10.10.162 …

nibbles

Dec 10, 2020 TJNull's List

Introduction: Recon eneloop@kinetic:…/hackthebox/nibbles/data$ sudo nmap -sS -sC -sV -T4 -O -oN nmap.nibbles.txt 10.10.10.75 [sudo] password for eneloop: Starting Nmap 7.91 ( https://nmap.org ) at 2021-02-13 14:58 EST Nmap scan report for 10.10.10.75 Host is up (0.014s latency). Not shown: 998 closed ports PORT …

nineveh

Dec 10, 2020 TJNull's List

Introduction: Recon eneloop@kinetic:…/hackthebox/nineveh/data$ sudo nmap -sS -sC -sV -T4 -O -oN nmap.nineveh.txt 10.10.10.43 [sudo] password for eneloop: Starting Nmap 7.91 ( https://nmap.org ) at 2021-01-18 18:33 EST Nmap scan report for 10.10.10.43 Host is up (0.014s latency). Not shown: 998 filtered ports …

Optimum

Dec 10, 2020 TJNull's List

Introduction: Recon 1# nmap -sS -sV -sC -T4 -O -oN nmap.optimum.txt 10.10.10.8 2Starting Nmap 7.91 ( https://nmap.org ) at 2020-12-24 09:56 EST 3Nmap scan report for 10.10.10.8 4Host is up (0.014s latency). 5Not shown: 999 filtered ports 6PORT STATE SERVICE VERSION 780/tcp open http HttpFileServer httpd 2.3 …

passage

Dec 10, 2020 TJNull's List

Introduction: Recon nmap -sS -sC -sV -T4 -O -oN nmap.passage.txt 10.10.10.206 Starting Nmap 7.91 ( https://nmap.org ) at 2021-01-09 18:21 EST Nmap scan report for 10.10.10.206 Host is up (0.015s latency). Not shown: 998 closed ports PORT STATE SERVICE VERSION 22/tcp open ssh OpenSSH 7.2p2 Ubuntu 4 (Ubuntu Linux; …

scriptkiddie

Dec 10, 2020 TJNull's List

Introduction: Recon eneloop@kinetic:…/hackthebox/scriptkiddie/data$ sudo nmap -sS -sV -sC -T4 -O -oN nmap.scriptkiddie.txt 10.129.73.101 Starting Nmap 7.91 ( https://nmap.org ) at 2021-02-07 10:59 EST Nmap scan report for scriptkiddie (10.129.73.101) Host is up (0.014s latency). Not shown: 998 closed ports PORT …

shocker

Dec 10, 2020 TJNull's List

Introduction: Recon root@kinetic:…/hackthebox/shocker/data# nmap -sS -sC -sV -T4 -Pn -O -oN nmap.shocker.txt 10.10.10.56 Host discovery disabled (-Pn). All addresses will be marked ‘up’ and scan times will be slower. Starting Nmap 7.91 ( https://nmap.org ) at 2021-01-23 21:15 EST Nmap scan report for …