Attack | Defense — Pivoting II Walkthrough

Network Topology

We have a switch between us and the first target. Followed by another switch between target A and target B.

Enumeration

We start with our nmap scan to get an idea of what might be open on this subnet.

Command:
nmap -p- 192.141.250.2

Our results:

Using curl command we identified the version of V-CMS

The V-CMS 1.0 is vulnerable to unauthenticated file upload and code execution vulnerability, The Metasploit exploit/linux/http/vcms_upload module can be used to exploit this vulnerability.

The flag.txt file was located on the root directory.

The IP address of the network adapter eth1 is 192.39.151.2

We used the autoroute to route the traffic through 192.39.151.2

We used the portscan module to identify the open ports in 192.39.151.3

We used the vsftp backdoor exploit to access the machine 192.39.151.3 and captured the flag from root directory

--

--

--

Self-learner |Bug Hunter|

Love podcasts or audiobooks? Learn on the go with our new app.

Pushing Left, Like a Boss — Part 8: Testing

Digital rights defenders around the world are under attack

Ola Bini

FBI puts farms on notice: cyber attack risks are more than theoretical

OWASP’s new Top 10: Help for securing your web applications

CRODO analogue Program(Grasping THE Second Epoch)

Nightlife and the Deep, Dark Web

Cybercrimes with Confusion Matrices

{UPDATE} Monkey Town Hack Free Resources Generator

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Akash c

Akash c

Self-learner |Bug Hunter|

More from Medium

The day the IoT died

What is the Kaira Network?

Back in Shape #2: Coffee out, Ginger Tea in

I’ve grown old with the city.