Posts

Showing posts from January, 2017

Metasploitable 3 - Exploiting Tomcat

-
Image
Metasploitable 3 Exploiting Tomcat If you remember, this are the services that NMAP found running on metasploitable 3, on TCP port 8282 there's a Apache Tomcat server running and that's the one I'll exploit for this post. Services ======== host         port   proto  name          state  info ----         ----   -----  ----          -----  ---- 10.20.10.23  21     tcp    ftp           open   Microsoft ftpd 10.20.10.23  22     tcp    ssh           open   OpenSSH 7.1 protocol 2.0 10.20.10.23  80     tcp    http          open   Microsoft-IIS/7.5 ( Powered by ASP.NET ) 10.20.10.23  161    udp    snmp          open   SNMPv1 server public 10.20...
Post a Comment
Read more

Metasploitable 3 - Hashdump post Authentication

-
Metasploitable 3 Hashdump post Authentication Hello again :) This time we're going to exploit WinRM service running on the server and asume we found the Local Administrator's password but we don't have any other access to the machine. msf > services Services ======== host         port   proto  name          state  info ----         ----   -----  ----          -----  ---- 10.20.10.23  21     tcp    ftp           open   Microsoft ftpd 10.20.10.23  22     tcp    ssh           open   OpenSSH 7.1 protocol 2.0 10.20.10.23  80     tcp    http          open   Microsoft-IIS/7.5 ( Powered by ASP.NET ) 10.20.10.23  161    udp    snmp       ...
Post a Comment
Read more