1337 Sheets

CVE-2024-1086 is a critical vulnerability in the Linux kernel that allows attackers to gain full root privileges on various systems. This exploit targets a bug in the nf_tables component responsible for iptables firewall. The exploit can be built or downloaded, and once executed, it triggers a double-free vulnerability, allowing the attacker to escalate privileges and gain unrestricted access to the physical memory. By locating and overwriting critical kernel structures, attackers can achieve a root shell. It is recommended to patch the Linux kernel or update to version 6.7 to mitigate this vulnerability.

CVE-2021-3493 is an exploit code that targets vulnerable default configs for Ubuntu Linux kernels up to version 5.10, allowing unauthorized access to the filesystem through improper permission validation.

Use port 443 if port 80 is blocked for running a Python server and a netcat listener.

Use port 443 if port 80 is blocked for running a Python server and a netcat listener.

Use sudo command to listen on port 443, Use Powershell to bypass security protocols, Use Python to run an HTTP server on port 80.

Target IP: 192.168.54.120. Reconnaissance using nmap reveals open ports for IRC services. Exploiting a vulnerability in UnrealIRCd allows for command execution. Connection successfully established. Obtained user flag. Performed privilege escalation using linpeas script. Retrieved root flag.

Scanning for targets on subnet using Nmap and HTTP enumeration tools such as gobuster and dirbuster to find open ports and directories. Discovered an open SSH port and an Apache HTTP server. Detected Linux OS. Used dirbuster to search for directories and found a CGI vulnerability called shellshock. Confirmed vulnerability with nikto.

A scan was conducted on an IP address, revealing open SSH and HTTP ports. The HTTP port led to a WordPress installation. Further scanning and exploration were performed.

The reconnaissance scan using Nmap revealed several open ports including FTP, SSH, SMTP, and HTTP. The FTP server allows anonymous login and has a directory named 'pub'. The web page indicates that the database is being configured and provides links to the main page and Book List. Accessing other local files through the book list feature is attempted but unsuccessful. A reference to the /etc/passwd file is provided. The library is still under construction.

Target IP: 192.168.53.53. Nmap scan reveals open ports and services including FileZilla FTP Server, Microsoft Windows RPC, NetBIOS-ssn, Microsoft-ds, MySQL/MariaDB, Apache HTTP Server, and unidentified service on port 7680. Vulnerabilities and potential risks associated with each service are highlighted.

Running Nmap and Dirbuster on the target IP 192.168.239.86 to scan the open ports, services, and directories. Found an HTTP server and performed a ping connection test with a command injection attempt.

Given IP 192.168.172.35, a scan reveals open ports for SSH and HTTP. Exploits for sar2html found. Rev shell obtained with root privileges.

Performed network and service scanning, discovered open ports. Found hidden directories using dirb and dirbuster. Uploaded a reverse shell and gained access as www-data user. Identified sudo privilege escalation via Python and obtained root access. Retrieved user.txt and root.txt.

Performed reconnaissance on target IP, identified open ports, and checked services running on those ports. Discovered a potential exploit for the pyLoad application. Successfully executed a remote code execution (RCE) exploit on the target. Gained a reverse shell on the target system.

The author ran an nmap scan on the target IP address, finding open ports for SSH, HTTP, and FTP. They also discovered a website under construction with a potato image and a login form. The FTP server allowed anonymous access.

Started hacking the OSCP playground box and connected with learning music. Found an open FTP port and logged in anonymously. Discovered an SSH ID file for Hannah and downloaded it. Set proper permissions and connected to Hannah's shell. Found user.txt file.

The target IP address 192.168.172.74 has open ports for SSH, HTTP, MySQL, and MySQLx. The SSH service is running on OpenSSH 7.9p1 Debian 10+deb10u2. The HTTP service is powered by Apache httpd 2.4.38 and CMS Made Simple version 2.2.13. MySQL version 8.0.19 is running with root:root as valid credentials. No exploits are found for CMS Made Simple. A directory scan reveals various directories and files including phpmyadmin. The coverage value of this summary is 1.0.

The IP target is 192.168.236.24. Recon revealed open ports for SSH and HTTP. Rustscan and Nmap were used for efficient scanning. A vulnerability in Gerapy 0.9.7 was found, leading to remote code execution. Privilege escalation was achieved with root access obtained.

The target IP is 10.10.76.140. Port scanning reveals several open ports including FTP, SSH, HTTP, RPCbind, NetBIOS, and NFS. Further vulnerability scanning uncovers potential exploits for ProFTPD 1.3.5 and OpenSSH 7.2p2 Ubuntu 4ubuntu2.7. Exploits include CVE-2015-3306 and CVE-2016-8858.

Enumeration using netdiscover and subnet ping scan. Nmap scan reveals open ports 22/ssh, 80/http, and 33060/mysqlx. Found /secret.txt on the website.