It’s been a long! I back this time to write about my experience in eCIR certifications from elearnSecurity.
Let’s know about the exam to know how to prepare for it. You will be given two scenarios. The first one is Splunk and the second is Kibana & pcap file.
There are going to show you the topology and tell you which server is compromised. So you have to figure out how that server got compromised and what happened next. Basically, you need to check everything to draw a mind map for you. …
Let’s do Samba Machine in this write up.
As always, started with nmap to figure open ports
nmap -sT -A -p- -T5 10.0.101.2
* 10.0.101.2 is samba IP
we got 21 open and running ProFTPD 1.3.5!
ProFTPD 1.3.5 is vulnerable, it has mod_copy module which allows remote attackers to read and write to arbitrary files via the site cpfr and site cpto commands. Any unauthenticated client can leverage these commands to copy files from any part of the filesystem to a chosen destination.
Let’s take advantage of this vulnerability, I started by initiating a FTP connection and press enter when…
Message: Hey man, I need a big favour from you. Remember that website I showed you once before? Uncle Arnold’s Band Review Page? Well, a long time ago I made a $500 bet with a friend that my band would be at the top of the list by the end of the year. Well, as you already know, two of my band members have died in a horrendous car accident… but this ass hole still insists that the bet is on!
I know you’re good with computers and stuff, so I was wondering, is there any way…