Christmas.hmv

Minimal writeup notes until I catch up...

unable to get anywhere with thc-pptp-bruter, needed direction to use scripted attack AND clear down /etc/ppp/chap-secrets between attempts!

pptp with username admin, password princesa

enum tunneled IP 192.168.3.1
found
port 8384 open and running syncthing

apt-get install syncthing
visit http://localhost:8384 and add remote device.
publish folders on 193.168.3.1 to local kali box and then accept them (no idea what I am doing, but eventually got it to work!)

some fun with syncthing.
 - bypassed the intended root as the 2 way sync allows the home drive to me sync'd.
As a 2 way sync then setting authorized_keys in the local copy pushes it to the target machine and allows ssh logon without going through the web service.



User to root

This post explains how it works.
https://www.vidarholen.net/contents/blog/?p=716

Comments

Popular posts from this blog

Zeug - HackMyVM

Espo - HackMyVM

HackMyVM - Comingsoon