CC: Pentesting

Nmap

Lets run nmap scans to find the answers to the questions


Netcat

Gobuster


Lets run gobuster to find the answers to the questions


Nikto

Metasploit
Setting Up

Selecting a module


Meterpreter

Final Walkthrough
Lets select the module and set the options


Lets run the exploit




Hashing
Salting and Formatting

Hashcat

Lets crack the first hash

Lets crack the second hash

John The Ripper

Lets crack the first hash

Lets crack the second hash

SQL Injection
Sqlmap


Samba
Smbmap

Smbclient

Final Exam
Scanning
Lets run some nmap scans to find open ports and services

Enumeration
Lets visit the website

Its a default Apache page, lets run a gobuster scan to find open directories

Lets visit this directory

There is nothing
Lets look for files within this directory.

We find a file called secret.txt . Lets see it.

We have a username and a hash, lets crack it using john the ripper.
Exploitation

Lets login through ssh and read the user flag

Privilege Escalation
Lets run sudo -l to see what we can run as other users.

Ok so we can run "su" as root, lets do it.

We are now root, we can read the root flag

Last updated
Was this helpful?