Image
 
linkedin_logo.png rss_logo.jpg
twitter_logo.png youtube_logo.jpg
Latest Additions
 
EH-Net Login
Welcome Guest.






Lost Password?
No account yet? Register
Who's Online
We have 33 guests online
 
Advertisement

You are here: Home arrow Ethical Hacking Discussions and Related Certificationsarrow Network Pen Testingarrow Cheeeeeeeeeeese
EH-Net
May 21, 2013, 04:51:59 PM *
Welcome, Guest. Please login or register.
Did you miss your activation email?

Login with username, password and session length
News: Go back to The Ethical Hacker Network Online Magazine Home Page
 
   Home   Help Calendar Login Register  
Pages: [1]   Go Down
  Print  
Author Topic: Cheeeeeeeeeeese  (Read 14447 times)
0 Members and 1 Guest are viewing this topic.
some1
Guest
« on: March 21, 2010, 09:12:47 AM »

cheeeeeeeeeeeeeese
« Last Edit: March 24, 2010, 10:33:04 AM by some1 » Logged
Dengar13
Sr. Member
****
Offline Offline

Posts: 380



View Profile
« Reply #1 on: March 21, 2010, 12:27:10 PM »

Sorry to ask this, but did you get permission to do this?

By the way, welcome to this great forum!
Logged

A+, Net+, MCP, CEH
MCSE: Security/Messaging
MCSA: Security/Messaging
Former U.S. Marine and damn proud of it!
UNIX
Hero Member
*****
Offline Offline

Posts: 1235


View Profile
« Reply #2 on: March 21, 2010, 12:48:52 PM »

Dengar: pWnOS is similar to the de-ice discs, so no need to worry. Wink
Logged
Dengar13
Sr. Member
****
Offline Offline

Posts: 380



View Profile
« Reply #3 on: March 21, 2010, 12:51:22 PM »

D'oh!  Thanks!   Embarrassed
Logged

A+, Net+, MCP, CEH
MCSE: Security/Messaging
MCSA: Security/Messaging
Former U.S. Marine and damn proud of it!
Ketchup
Hero Member
*****
Offline Offline

Posts: 1021



View Profile
« Reply #4 on: March 21, 2010, 01:25:46 PM »

I would search for Debian SSH vulnerabilities.   My guess is your next attack has something to do with entropy.
Logged

~~~~~~~~~~~~~~
Ketchup
xXxKrisxXx
Hero Member
*****
Offline Offline

Posts: 512



View Profile
« Reply #5 on: March 21, 2010, 02:13:15 PM »

Just hinting here. I think I saw a webmin exploit on milw0rm Wink may want to attack there first.
Logged

eCPPT, GCIH, OSCP, OSWP
Ketchup
Hero Member
*****
Offline Offline

Posts: 1021



View Profile
« Reply #6 on: March 21, 2010, 02:32:37 PM »

When you ran that sploit, did you also download the RSA keys by HD Moore?
Logged

~~~~~~~~~~~~~~
Ketchup
Ketchup
Hero Member
*****
Offline Offline

Posts: 1021



View Profile
« Reply #7 on: March 21, 2010, 07:25:46 PM »

That's exactly what I was talking about.   I would try the 1024 bit keys as well.  The exploit is essential a brute force attack on the limited key-verse of a vulnerable Debian OpenSSH system.
Logged

~~~~~~~~~~~~~~
Ketchup
j0rDy
Hero Member
*****
Offline Offline

Posts: 590


View Profile
« Reply #8 on: March 22, 2010, 04:22:12 AM »

as far as i know there are more ways of getting in. another hint: try some default configuration vulnerabilities!
Logged

ISC2 Associate, CEH, ECSA, OSCP, OSWP

earning my stripes appears to be a road i must travel alone...with a little help of EH.net
zeroflaw
Full Member
***
Offline Offline

Posts: 208



View Profile
« Reply #9 on: March 22, 2010, 05:13:39 PM »

I've been wanting to have a shot at this, but I every time I want to download the links expire or something. Does anyone know where to download pWnOS?
Logged

ZF
xXxKrisxXx
Hero Member
*****
Offline Offline

Posts: 512



View Profile
« Reply #10 on: March 22, 2010, 05:38:15 PM »

Download pWnOS:
Part1: http://www.mediafire.com/?ec3hmlzuyzy
Part2: http://www.mediafire.com/?yngwzqkxmin
Part3: http://www.mediafire.com/?htmqm3dzgya

Source:
http://heorot.net/forums/viewtopic.php?f=21&t=149&sid=54b791d5958c65048ae2e24b082b8b25&start=30p
Logged

eCPPT, GCIH, OSCP, OSWP
digitalcliff
Newbie
*
Offline Offline

Posts: 4


View Profile
« Reply #11 on: March 22, 2010, 10:44:08 PM »

You are on the right track with the 5720.py exploit. Use it to bruteforce a ssh into one of the accounts you found from webmin. Once you have ssh access, there is a nice local priv exploit to get you root.
Logged
j0rDy
Hero Member
*****
Offline Offline

Posts: 590


View Profile
« Reply #12 on: March 23, 2010, 03:48:19 AM »

You are on the right track with the 5720.py exploit. Use it to bruteforce a ssh into one of the accounts you found from webmin. Once you have ssh access, there is a nice local priv exploit to get you root.

this is more then enough to own the box Wink
Logged

ISC2 Associate, CEH, ECSA, OSCP, OSWP

earning my stripes appears to be a road i must travel alone...with a little help of EH.net
zeroflaw
Full Member
***
Offline Offline

Posts: 208



View Profile
« Reply #13 on: March 23, 2010, 05:24:46 AM »


Doh! I only checked the first 2 pages of that thread. Thanks Cool
Logged

ZF
Pages: [1]   Go Up
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.18 | SMF © 2013, Simple Machines
Joomla Bridge by JoomlaHacks.com
Valid XHTML 1.0! Valid CSS!
Page created in 0.076 seconds with 23 queries.
 
Exclusive Deal

sansfire13_245x90_cw90.jpg
SANSFIRE 2013
June 15 - 22

5% Off w/ Code: EHN_5

SANS Deals 4 EH-Netters
5% OFF Any SANS Course in Any Format!
Coupon Code: EHN_5 Including SANS Rocky Mountain 2013 & SANS Boston 2013
Polls
Compared to this year, 2013 will be:
 
Recent Forum Topics
EH-Net News Feeds
Latest Additions
 
         
Advertisement

© 2013 The Ethical Hacker Network
Joomla! is Free Software released under the GNU/GPL License.