Craft
nmap scans show open ports on 22, 443, 6022. Lets start with port 443.
Port 443 generates a web page about craft beer.
After poking around on the site and inspecting the elements of the page, there are two notable links to check out.
https://api.craft.htb/api/
https://gogs.craft.htb/
Added both of those sites ...
Lynda - Git Essential Training
https://www.lynda.com/Git-tutorials/Git-Essential-Training
0: Introduction
1: What is Git
2: Installing Git
git help log
3: Getting Started
Most often accessed
.git/config
Add every change that’s been made
git add .
Add commit message after adding the changes
git commit -m
...
Jarvis
Port 80 and 64999. Port 80 hosts a bootstrap website. Port 64999 shows I’ve been banned for 90 seconds page. I don’t think that part of true as my scans were still running but we’ll note this down for now.
nikto scans shows that there is a phpmyadmin being hosted on port 80 and the version can be found at: http://jarvis/phpmyadmin/Chan...
Writeup
Ports show 22 and 80 being opened. Port 80 hosts this weird page with ascii art on the home page. Scanning using dirbuster or dirsearch is useless as it bans my IP. Although my nmap scan managed to find a robot.txt file that contains a disallowed entry for /writeup/ directory.
Visiting the page doesn’t yield much information besides previo...
Swagshop
Initial scans show swagshop is hosting a web server on port 80. Upon investigation, it’s running Magento version 1.9x after digging deep into the xml files and cross referencing using Google.
Source file: http://10.10.10.140/skin/frontend/default/default/css/styles.css
Version confirmation: https://magento.stackexchange.com/questions/6...
Luke
Port scans show TCP ports 21, 22, 80, 3000, 8000 are open.
The FTP service allows anonymous FTP access so I checked that out. It doesn’t contain any useful files besides a .txt file from a user about setting up a web server access for demonstration purposes.
The SSH service isn’t useful to us right now, we just keep that in m...
Bastion
Initial scan show port 139 and 445 is open which means there might be an open SMB share available for mount.
smbclient //10.10.10.134/Backups
There are two .vhd files that could be useful for us. Instead of downloading it on our system, we can mount it directory using guestmount. This part could take awhile as the conn...
The Practice of Network Security Monitoring
Currently reading
Amazon Link
1: NSM Rationale
Does NSM prevent intrusions?
Short answer is no because prevention eventually fails.
All organizations will suffer breaches in some form
The way you have to look at it is this, determined adversaries will inevitably breach...
48 post articles, 6 pages.