One day in May 2017, computers all around the world suddenly shut down. A malware called WannaCry asks for a ransom. The epidemic suddenly stops, because a young, British researcher finds a killswitch, by accident.
Sunday, October 27, 2019
Tuesday, October 15, 2019
Avoid Lagging VirtualBox Guest With Linux
You may found Linux VirtualBox guest lagging on audio with video playback and slow performance on the whole guest. The culprit is audio driver that you even do not believe in.
Set the audio controller to "Intel HD Audio" and driver to "ALSA Audio Driver" to solve the problem on Ubuntu Host. I well tested this setting on the following environments :
(1) Ubuntu Desktop 19.04 Host with Ubuntu Desktop 19.04 Guest
(2) Ubuntu Desktop 19.04 Host with Kali Linux Rolling Guest
(3) MacOS Catalina Host with Ubuntu Desktop 19.04 Guest (CoreAudio and Intel HD Audio)
That's all! See you.
Set the audio controller to "Intel HD Audio" and driver to "ALSA Audio Driver" to solve the problem on Ubuntu Host. I well tested this setting on the following environments :
(1) Ubuntu Desktop 19.04 Host with Ubuntu Desktop 19.04 Guest
(2) Ubuntu Desktop 19.04 Host with Kali Linux Rolling Guest
(3) MacOS Catalina Host with Ubuntu Desktop 19.04 Guest (CoreAudio and Intel HD Audio)
That's all! See you.
Saturday, October 12, 2019
bossplayersCTF : 1
Aimed at Beginner Security Professionals who want to get their feet wet into doing some CTF's. It should take around 30 minutes to root.
Download : https://www.vulnhub.com/entry/bossplayersctf-1,375/
Difficulty : Beginners
Format : OVA (VirtualBox)
To find the IP address of the box in the network by running nmap.
Further scan all ports of the box.
The website is running on port 80.
Check the source code of the page and found a hash at the bottom of the page.
Suspected that the hash is base64 decoded. Try to decode it.
After the decoding, the result is "workinprogress.php". Let's browse it.
The page says that "test ping command". Let's test it for "cmd" parameter.
The command is executed. To pawn a reverse shell.
To find if there is any file with sticky bit.
The result is "find". Try to privilege escalation.
Decode the "root.txt". Root is dancing!
After thought
It is a traditional Capture The Flag (CTF) box with base64 decode and sticky bit searching. Recommended.
Samiux
OSCE OSCP OSWP
October 12, 2019, China, Hong Kong
Friday, October 11, 2019
Hacker Fest 2019
The machine was part of Martin Haller workshop for Hacker Fest 2019 at Prague. There are two ways to exploit it.
Download : https://www.vulnhub.com/entry/hacker-fest-2019,378/
Difficulty : Beginners
Format : OVA (VirtualBox)
To find the IP address of the box in the network by running nmap.
Further scan all ports of the box.
Solution #1
There is a webmin running on port 10000 with SSL. The version is 1.890. This version is vulnerable to remote command execution by a backdoor as root (http://www.webmin.com/exploit.html).
To launch Metasploit.
Select "exploit/unix/webapp/webmin_backdoor".
Run "exploit" and got root.
However, you cannot go to other directories.
Run "shell" to get an interactive shell.
Go to "/root" and got the "flag.txt". Root is dancing!
Solution #2
It is running a Wordpress site at port 80.
Run "wpscan" to check. Since I do not have API token, the vulnerabilities cannot be shown.
It reports "wp-google-maps" plugin is out of date. The version may be 7.10.02 as "wpscan" do not sure. This plugin may be vulnerable to SQL injection with CVE-2019-10692 (https://www.cybersecurity-help.cz/vdb/SB2019040604?affChecked=1).
Launch Metasploit.
Select "auxiliary/admin/http/wp_google_maps_sqli".
Run "run" and got the hash of the "webmaster" account.
To brute force the password of "webmaster" with "john" and "rockyou.txt". Then got the password.
Then login to the box with "ssh" with the getting username and password. To privilege escalation with "sudo" and got the "flag.txt". Root is dancing!
After thought
It is a real case scenario and without tricky like Capture The Flag (CTF). Recommended.
Samiux
OSCE OSCP OSWP
October 11, 2019, China, Hong Kong
Tuesday, October 08, 2019
HOWTO : Install Metasploit Framework 5.0.53 on Ubuntu Desktop 19.04
Install dependencies :
Download the installer :
Run the installer :
Initialize the msfdb :
or
You may need to answer two questions about setting up web version of Metasploit Framework.
Run the Metasploit Framework :
or
Stop database :
That's all! See you.
sudo apt -y install curlDownload the installer :
curl https://raw.githubusercontent.com/rapid7/metasploit-omnibus/master/config/templates/metasploit-framework-wrappers/msfupdate.erb > msfinstall
chmod +x msfinstallRun the installer :
./msfinstallInitialize the msfdb :
msfdb initor
msfdb reinitYou may need to answer two questions about setting up web version of Metasploit Framework.
Run the Metasploit Framework :
msfdb startor
msfdb restartmsfconsoleStop database :
msfdb stopThat's all! See you.
Subscribe to:
Posts (Atom)