Intro to pentesting 2023-2.pdf5638.9KB
Challenges:
Complete any TWO challenge categories with a writeup and get a T-Shirt!
- You must include the commands used
- Output (text or screenshot)
Set 1: Crack These Password Hashes
a61a78e492ee60c63ed8f2bb3a6a0072
9eb7ee7f551d2f0ac684981bd1f1e2fa4a37590199636753efe614d4db30e8e1
5d7c08e0f8f8c3c84f3ea2736ae67bc3fff90f85605b8ed799984f8ccf97cc9a7b53251b7b61662a1ef59702ffc03db0f5c4333684067522d7bdc0fc5a4b468b
Set 2: Scan this IP
45.33.32.156
How many ports are open?
What services are running?
What operating system is running?
Set 3:Catch a reverse shell
https://www.revshells.com/ https://pentestmonkey.net/cheat-sheet/shells/reverse-shell-cheat-sheet
You will be connecting to your loopback address for now.
- 127.0.0.1 <-- Use this IP in your reverse shell.
- Create a listener with netcat
- Catch a reverse shell call back.
I recommend you split your terminal 🙂
- CTRL+SHIFT+E --> Split vertically
Either click between them, OR
- ALT+ARROWKEY --> Change focused terminal
To close the current focused terminal
- CTRL+SHIFT+D --> Close currently focused terminal.
- On one terminal, start a netcat listener.
- On the other, execute your reverse shell.
Try these three reverse shells:
One with zsh
One with python
One with netcat