Attack | Defense — Pivoting II Walkthrough

Network Topology

We have a switch between us and the first target. Followed by another switch between target A and target B.

Enumeration

We start with our nmap scan to get an idea of what might be open on this subnet.

Command:
nmap -p- 192.141.250.2

Our results:

Using curl command we identified the version of V-CMS

The V-CMS 1.0 is vulnerable to unauthenticated file upload and code execution vulnerability, The Metasploit exploit/linux/http/vcms_upload module can be used to exploit this vulnerability.

The flag.txt file was located on the root directory.

The IP address of the network adapter eth1 is 192.39.151.2

We used the autoroute to route the traffic through 192.39.151.2

We used the portscan module to identify the open ports in 192.39.151.3

We used the vsftp backdoor exploit to access the machine 192.39.151.3 and captured the flag from root directory

--

--

--

Self-learner |Bug Hunter|

Love podcasts or audiobooks? Learn on the go with our new app.

The Five Myths About Medical Device Cybersecurity

🕵🏻‍♂️ New Airdrop: Mega Helium

{UPDATE} Music Tiles - Piano Tiles Go Hack Free Resources Generator

Best Password Managers (2021)

How Virtual Private Network Is Changing the Online Security Game

Airdrops of $FREE

Meterpreter shell as a 32 & 64 Bit DLL

OAuth2.0 Simplified —  Basic understanding about OAuth

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Akash c

Akash c

Self-learner |Bug Hunter|

More from Medium

CAPITALB AMA Recapitulation- Sandwich Network

INTRODUCTION TO SMARTLINK: Vision, Ethos & Update

Introducing HederaExplorer

The role of token economics in innovating in senior care