-

 EXPLOITING VULNERABILITIES


LEARNING :

It is always important to update the software we are using, since every update of a software may not have major changes but have some minor patches which may fix these vulnerabilities and reduce the cyber risk.

As a system admin it is always recommended to harden operating system as per the standard operating architecture.

example of IRCD  running on unix machine with out a proper patch can give a back door to hacker. 


following lab simulates how a vulnerability in unrealIRCD can be exploited by an attacker.




steps involved::

step one:::
                  - using metasploit framework
-search unrealircd (to check if any exploit is present)                     




step 2::
                  -use the exploit
                 

                   - set rhost (remote/target host ip )
                    
  step 3:
             -look for the available payloads and select one.
                    
                     -here i wanted reverse shell and hence selected that payload
                     -set lhost (local host )
                        



step 4:

       Now run the exploit!!

             you will get the shell access.

                       


    


















Comments

Post a Comment

Popular posts from this blog

-
Image
  My OSCP Journey: OSCP Certified At First Attempt (90 Points) It all began in August 2022 when I achieved a significant milestone in my cybersecurity journey by passing the Red Hat Certified System Administrator (RHCSA) exam. This achievement not only provided me with a strong foundation in Linux but also fueled my passion for diving deeper into the world of cybersecurity. Around the same time, I found myself holding a voucher for the CompTIA Cybersecurity Analyst (CySA+) exam, which I knew was another crucial step in my career progression. I was determined to continue building my expertise in cybersecurity. However, my true adventure towards the Offensive Security Certified Professional (OSCP) certification didn't officially kick off until November 23, 2023. That's when I made the decision to invest in the OSCP Learn One subscription package, which granted me one year of access to the OSCP labs and two exam attempts. It was an exciting but challenging journey that awaited me....
Read more
-
Image
  PXE Network Boot #Preboot Execution Environment, used to load operating system over a network connection. #PXE network boot is achieved through several network protocols, which includes: TFTP, DHCP,IP,HTTP/NFS, etc. #Now lets begin building our environment(here I used ubuntu(Focal) as my pxe-server). #STEP 1 :) #First lets install the required packages: sudo apt-get install isc-dhcp-server tftpd-hpa syslinux pxelinux apache2 -y #Download the ISO file as well.(here I tried to install ubuntu-server(20.04) over network.) #here syslinux is for the bios files, pxelinux for the pxelinux.0 file. #STEP 2 :) #Configure tftp base folder: mkdir /tftpboot rsync -av /usr/lib/syslinux/modules/bios/{menu.c32,libutil.c32,ldlinux.c32,libcom32.c32}  /tftpboot mkdir /tftpboot/pxelinux.cfg touch /tftpboot/pxelinux.cfg/default mkdir /tftpboot/ubuntu mount -o loop,ro /PATH_TO_ISO /tftpboot/ubuntu #add this in /etc/fstab - so that the mount persists  reboot. /PATH_TO_ISO /tftpboot/ubuntu ...
Read more
-
Image
  CHAT ROOM WITH END-TO-END-ENCRYPTION  USING SOCKET PROGRAMMING PYTHON LEARNING: Socket programming Understanding TCP  Diffe hellman key exchange Encryption Tkinter Threading  What is  one way function?   There is no inverse  to this type of functions             Eg -     5 mod 2 =1 11 mod 2 = 1 25 mod 2 = 1 Any odd no. mod 2 = 1                Therefore, there are infinite possibilities  of odd numbers.                Hence, even if we  know remainder and divisor we cannot say what is dividend. (here we are not                   involving quotient, hence it is not possible to find the dividend .) Note: this is modulus property (g**A mod p)**B mod p =. (g**B mod p)**B mod p = (g **(A*B) mod) p mod p The same thing is done in diffe hellman key e...
Read more