Sign in


Subconsciously all theses years I’ve been preparing myself for a career in Cybersecurity , and have created a small reference library of books .

Red Team Field Manual

The Hacker…


Disclaimer the following information is to be used for educational purposes only. I am not responsible for how you used this information.

Was watching a Network Chuck video about using a social engineering tool called blackeye ,link to his video . For some reason the link to the GitHub page in his video didn’t work so I did quick a google and found that there was version 2 , at this link. The tool creates fake login pages and allows you to host them on a local machine with ngrok.

I download it and as with a lot of hacking tools you sometimes come across teething problems. It wasn’t outputting the ngrok.io URL for the victim to click on.

I did a…


A while back I switched from using Virtual box to Virtual machine manger(virt-manager) which used to manger KVM virtual machines , it was recommend by my cousin . While KVM is classed as a type 2 hypervisor it acts like acts like a type1 hypervisor , so when I started studding for the CompTIA cyber security analyst I deiced to set myself a challenge and create the virtual lab environment using virt-manager.

My host Operating System is Ubuntu , so to install it I did a simple :

To launch , just type virt-manager, if your looking for the icon…


I just passed the eLearnSecurity Junior Pentester (eJPT). The exam itself was so much fun it did not feel like an exam . I completed the accompanying free course from INE the Penetration Testing Student (PTS) last week and then bought my voucher from the eJPT , which was received this week . You are given 72 hours to complete the exam , plenty of time . I decided I would take the exam over a Thursday, Friday and Saturday .Everything …


This is the the week, well more specifically Thursday, I got my voucher for the eLearnSecurity eJPT yesterday and today I’ve written out a plan of attack it has 3…


Greenbone Security maintains OpenVAS now called Greenbone Security Manage (GSM) they have a Virtual Machine called Greenbone Security Manager TRIAL (GSM TRIAL) , you download the .ova file. Once launched you can log on the web management system an preform a scan . I’m used Virtual-box.

  1. Download the OVA .
  2. In Virtual box import the OVA

File -->Import Appliance

3.Once imported check the networking setting.

Right click --> Settings -->Network

4. Set the adapter to the one your using .

5. Launch the VM.

6. Logon with user name: admin, password: admin , note the IP address at the top…


This was the first box I did

Phase 1: Recon

  • IP Address :10.10.10.95
  • Host Name : Jerry

Phase 2: Scanning

Nmap scan report for 10.10.10.95
Host is up (0.073s latency).
Not shown: 65534 filtered ports
PORT STATE SERVICE VERSION
8080/tcp open http Apache Tomcat/Coyote JSP engine 1.1
|_http-favicon: Apache Tomcat
|_http-server-header: Apache-Coyote/1.1
|_http-title: Apache Tomcat/7.0.88
Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
Device type: general purpose
Running (JUST GUESSING): Microsoft Windows 2012|2008|7|Vista (91%)
OS CPE: cpe:/o:microsoft:windows_server_2012 cpe:/o:microsoft:windows_server_2008:r2 cpe:/o:microsoft:windows_8 cpe:/o:microsoft:windows_7::-:professional cpe:/o:microsoft:windows_vista::- cpe:/o:microsoft:windows_vista::sp1
Aggressive OS guesses: Microsoft Windows Server 2012 (91%), Microsoft Windows Server 2012 or Windows Server 2012 R2…


Phase 1: Recon

  • IP Address: 10.10.10.40
  • Host Name:Blue

Phase 2: Scanning

Nmap

nmap -A -T4 10.10.10.40

Using the “-A ” parameter enables OS and service detection , while the “-T4” enables faster execution

Nmap scan report for 10.10.10.40
Host is up (0.075s latency).
Not shown: 65526 closed ports
microsoft-ds (workgroup: WORKGROUP)
49152/tcp open msrpc Microsoft Windows RPC
49153/tcp open msrpc Microsoft Windows RPC
49154/tcp open msrpc Microsoft Windows RPC
49155/tcp open msrpc Microsoft Windows RPC
49156/tcp open msrpc…

Phase 1: Recon

  • IP Address: 10.10.10.3
  • Host Name:Lame

Phase 2: Scanning

Nmap

nmap -A -T4 <ipaddress>

Using the “-A ” parameter enables OS and service detection , while the “-T4” enables faster execution

21/tcp  open  ftp         vsftpd 2.3.4
|_ftp-anon: Anonymous FTP login allowed (FTP code 230)
| ftp-syst:
| STAT:
| FTP server status:
| Connected to 10.10.14.13
| Logged in as ftp
| TYPE: ASCII
| No session bandwidth limit
| Session timeout in seconds…

mach1982

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store