7MS #593: Hacking Billy Madison - Part 3
7 Minute Security15 Loka 2023

7MS #593: Hacking Billy Madison - Part 3

Hey friends, today my Paul and I kept trying to hack the VulnHub machine based on the movie Billy Madison (see part 1 and 2). In our journey we learned some good stuff:

  • Port knocking is awesome using utilities like knock:
/opt/knock/knock 10.0.7.124 1466 67 1469 1514 1981 1986
  • Sending emails via command line is made (fairly) easy with swaks:
swaks --to eric@madisonhotels.com --from vvaughn@polyfector.edu --server 192.168.110.105:2525 --body "My kid will be a soccer player" --header "Subject: My kid will be a soccer player"

You could also use telnet and do this command by command - see this article from Black Hills Information Security for more info.

  • Hyda works good for spraying FTP creds:
hydra -l user -P passlist.txt ftp://192.168.0.1
  • Check out my quick cheat sheet about bettercap (see episode #522) for some syntax on extracting WPA handshake data from cap files:
# ...it looks like the new standard hash type might be m22000 per this article (https://hashcat.net/forum/thread-10253.html). In that case, here's what I did on the pcap itself to get it ready for hashcat: sudo /usr/bin/hcxpcapngtool -o readytocrack.hc22000 wifi-handshakes.pcap # Then crack with hashcat! sudo /path/to/hashcat -m22000 readytocrack.hc2000 wordlist.txt

Jaksot(681)

Suosittua kategoriassa Politiikka ja uutiset

rss-podme-livebox
ootsa-kuullut-tasta-2
aikalisa
politiikan-puskaradio
otetaan-yhdet
et-sa-noin-voi-sanoo-esittaa
rss-vaalirankkurit-podcast
rikosmyytit
aihe
rss-mina-ukkola
rss-raha-talous-ja-politiikka
rss-hyvaa-huomenta-bryssel
rss-kyselytunti
rss-tasta-on-kyse-ivan-puopolo-verkkouutiset
politbyroo
the-ulkopolitist
rss-kalevi-sorsa-saation-podcast
rss-sinivalkoinen-islam
rss-kaikki-paskaksi-ystavat
rss-kaikki-uusiksi