Confusion generally prevails while hacking an infrastructure that is not integrated with Active directory. Lateral movement is generally dependent on password spraying and common vulnerability availability. This blog will touch upon IT Operators tools - Puppet and Ansible - that is used to automate the process of managing these non-domain systems as well as cover the topic on how a hacker (or pentester) could utilize these tools to laterally move in the environment.
Just another writeup for another boot2root Vulnhub Challenge. This one is great to test out different types of exploitation techniques.
Part of the OSCP preparation VMs from vulnhub, Kioptrix is a boot to root challenge series. While travelling 6 hours in an intercity bus, without any access to internet, I took upon myself to attempt solving as many Kioptrix levels as possible. Turns out it was super hard with the enormous number of errors I faced during compilation of any of the exploits that I wanted.
Generally ISPs have been very ignorant towards their security, resulting in requirement of the government to enforce policies that would be required ISPs and Telecom Operators to provide the end users a secure and a private communication network. However, due to issues with money, ISPs prefer to relax on most of the security issues or end up hiring firms with external consultants with no idea on how to secure a Telecom Infrastructure. This is the exact reason people would require to audit their own ISPs and make a note of the vulnerabilities. The specific configurational vulnerabilities that would be mentioned in this blog results in not only of an attacker to gain credentials to access internet, but he is also capable of doing crazy number of things while sitting on the same network. The network of this ISP has been the same for more than 2 years now.
The concept of Plug and Prey: Malicious USB Devices device by Irongeek at Shmoocon, bad usb by Karsten Nohl at Blackhat or the Rubber ducky by Hak5, these are super interesting concepts that are leveraged at every Red Team enagement that is conducted by a Red Team Operator. Any such exploitation requires good amount of social engineering. I recommend people should have exhausted every possible trick in the book to compromise from the external network of the organization before attempting to breach physical security.
A new night, and a new virtual image to break. Hah! Sound fun.
We begin Hackday Albania, the usual way, by setting up Virtual box, on host-only mode.
We launch our nmap with the following command1n0tty@c0ffee$ nmap -A 192.168.56.101
Just another attempt on trying a different UI for blogging, I have chosen Alpha-Dust theme on Hexo. While I hope to port the contents from my older blog, would not mind if people visited that to check out my blog.
Most of the blog will be filled with my experience with respect to hacking of all types. You can reach me anytime on Twitter or via mail