Skip to main content

PentesterAcademy Vulnerable Servers II Lab Write-Up | metasploit-pivoting

PentesterAcademy Vulnerable Servers II Lab Write-Up | metasploit-pivoting Lab Link : https://attackdefense.pentesteracademy.com/challengedetails?cid=1747 Vulnerable Servers II is a lab from PentesterAcademy, which is rated as easy. The lab topology shows two machines which means, there are two targets and the attacker has to perform pivoting in order to hack and get the flag from the target machine. First Select the nearest Server and Click on Run the lab.   Once the lab is up, a web based terminal will be opened in the Web Browser. Firstly, check the IP address of the attacking machine.  We can see that, there are two interfaces. And as per the instructions, the first target machine should be 192.17.147.3. Let’s perform an Nmap scan of the target. The scan result shows that TCP port 8080 is open and is running an Apache Tomcat webserver/Coyote JSP engine 1.1. Let’s try to connect the webserver using netcat.   We can see that the Webserver is running OpenKM, a Document

Facebook Bullying : What to do?

In the light of recent cyber bullying incidents, i thought of writing an article that might help some of you on how to respond and what to do when you face such incidents.

First of all, let's understand what is a cyber bullying? It is the act of harassing someone using the electronic medium especially Internet. Many of us may already experienced this in one way or another. Some argue it as freedom of expression but at most of the times, it crosses all the boundaries of tolerance and patience. Bullying can happen due to ideological differences, opinions, political or even religious reasons. Now, i will get in to details of these reasons.

Most of the bullying may seems as an individual opinion or comment. But there are many groups and organizations who get paid for bullying someone. Yes, it may seems odd but it is a reality. The political parties, religious groups or organizations, ideological movements, fan groups etc have their own IT groups who are assigned to work on social media and sharing, publishing their own propaganda, opinions and last but not the least, they do cyber bullying.

For example, assume there is a political party PARTY X, and they have a a number of volunteers working at their IT cell. Their major job is to share PARTY X's political ideologies , achievements, failures as posts or even as fake news. When thousands of volunteers share something, to the more people it reach, the more impact it has in the common viewer's mind. Let's assume a person named Bob wrote a post about a fake news made by this PARTY X, then the party's IT volunteers role will be changed to Cyber Bullies. They , in groups starts writing bad and vulgar comments about Bob on his Facebook wall or even on his friends wall, eventually Bob feels frustrated and may delete the post or his profile. When these IT cell/group report abuse Bob's profile, even Facebook might think that there is something inappropriate on Bob's profile. And Facebook may send a notice to Bob instead of identifying the real culprit. Well it hard for Facebook also to identify what is right and wrong over internet, and hence they heavily depends on their users. When their users report abuse, then they may check it. Otherwise, nothing happens. Similar behaviors happens from other celebrity fan groups, religious groups, propaganda groups etc. They all works like an online mafia.

Recently , there are some cases reported on Cyber bullying against women and children. It also happened in the same way as political parties do. Some people, in groups posts many vulgar comments and harassing them on social media. Most of the victims eventually lose their peace and mental health in long term.

So if you are facing Cyber bullying, what to do? How to respond?
Well Facebook has provided their own guidelines on cyber bullying. I am sharing those links at the end of this article. This is what Facebook policy says, whenever you face or notice a cyber bullying,
  • Document and report it. Help your friend report the post to Facebook. You may also want to take screenshots of any abusive posts, comments or messages in case there's an ongoing issue or you need to show them to someone later. Your friend may also want to unfriend or block this person.
  • Offer support. Ask your friend what you can do to support them, but don’t speak for your friend unless they ask you to.
  • Stay calm. Try to help your friend avoid escalating the problem or acting aggressively. If you and your friend agree that the incident wasn’t a big deal, suggest they let it go. Bullies are often just looking for a reaction, so not giving them one may discourage this kind of behavior in the future.
  • Remind your friend they're not alone. Let your friend know that you want to help them handle this. Remind your friend that they haven’t done anything to deserve this and that bullying can happen to anyone.
  • Don’t keep it a secret. If your friend needs additional support, encourage them to reach out to someone they trust to talk about the situation. If you’re worried about your friend’s safety, tell someone immediately.
But to what extend this will help you? well the answer is, it depends on various factors. If you are living in a Country that has a good law on Cyber security and IT crime, then legally documenting and reporting may help you to stop the act to some extend. But the mental torture and stress caused by this , for that there may not have a solution.

Sadly , most of the Countries doesn't have a strong Cyber crime laws in place. So even if the police identify the cyber bullies and caught them, there is no way to give a appropriate punishment to them. First of all, weighing the effect of a cyber crime might be very hard. Though act of writing some comments or posting some photos may not seems as harmful as stealing some thing or killing someone. But since the entire world is connected over internet, writing such comments or photos may end in much wider consequences and there are cases where people even did suicide because of such bullies. This weakness in law act as a catalyst agent to those bullies because they are almost confident that nothing bad can happens to them legally.

Even though, most of the social community websites like Facebook has their own guidelines on do and don't, but those things never acts as a deterrent to the cyber bullies. They will continue to write in a vulgar and abusive way. Even Facebook cant find a way to control this. Also note that retaliating and responding to bullies never going to help you as they comes with an agenda and they are so many in numbers as well.

So control your activities in the Internet. Be sure about what you are writing and what you are sharing. Always keep in mind that, what you are going to do on sites like Facebook is going to the public. Be sure yourself. And as of now, there is no way to prevent the cyber bullying completely. But as individuals, you can keep your personal space on the internet safe and clear. Recheck your privacy settings and have a control on your profile and its content. And be vigilant and if you want to move legally against cyber bullies, all you can do is follow the Facebook guidelines and cyber crime laws in your country.

Facebook Cyber bullying Help: Links.
https://www.facebook.com/help/420576171311103/
https://www.facebook.com/safety/bullying/

Popular posts from this blog

Cisco ASA: Disable SSLv3 and configure TLSv1.2.

For configuring TLS v1.2, the ASA should run software version 9.3(2) or later. In earlier versions of ASA, TLS 1.2 is not supported.If you are running the old version, it's time to upgrade. But before that i will show you the config prior to the change. I am running ASA version 9.6.1 Now ,set the server-version to tlsv1.2, though ASA supports version tlsv1.1, its always better to configure the connection to more secure. Server here in the sense, the ASA will be act as the server and the client will connect to the ASA.     #ssl server-version tlsv1.2 set the client-version to tlsv1.2, if required.     #ssl client-version tlsv1.2 ssl cipher command in ASA offers 5 predefined security levels and an additional custom level.     #ssl cipher tlsv1.2 high we can see the setting of each cipher levels using #show ssl cipher command. Now set the DH group to 24, which is the strongest offered as of now in the ASA.     #ssl dh-group group24 An

RUST error: linker `link.exe` not found

While compiling Rust program in a windows environment, you may encounter the error : linker `link.exe` not found. This is because of the absence of the C++ build tools in your machine. For compiling Rust programs successfully, one of the prerequisites is the installation of the Build Tools for Visual Studio 2019.   Download the Visual Studio 2019 Build tools from the Microsoft website. After the download, while installing the Build tools, make sure that you install the required components (highlighted in Yellow) This will download around 1.2GB of required files. Once everything is successfully installed, reboot and re-run your rust program and it will compile successfully.   Read More on RUST Hello World Rust Program : Code explained RUST Cargo Package Manager Explained Data Representation in Rust.

How to Install Netmiko on Windows?

Netmiko, developed by kirk Byers is an open source python library  based on Paramiko which simplifies SSH management to network devices and is primarily used for network automation tasks. Installing Netmiko in linux is a matter o f one single command but if you need to use Netmiko in your Windows PC, follow this process. 1) Install the latest version of Python. 2) Install Anaconda, which is an opensource distribution platform that you can install in Windows and other OS's (https://www.anaconda.com/download/) 3) From the Anaconda Shell, run “ conda install paramiko ”. 4) From the Anaconda Shell, run “ pip install scp ”. 5) Now Install the Git for Windows. (https://www.git-scm.com/downloads) . Git is required for downloading and cloning all the Netmiko library files from Github. 6) From Git Bash window, Clone Netmiko using the following command git clone https://github.com/ktbyers/netmiko&#8221         7) Once the installation is completed, ch

What is a Gratuitous ARP? How is it used in Network attacks?

Many of us encountered the word "Gratuitous" while exploring the network topic on ARP, The Address Resolution Protocol. Before explaining Gratuitous ARP, here is a quick review on how ARP works. ARP provides IP communication within a Layer 2 broadcast domain by mapping an IP address to a MAC address.For example, Host B wants to send information to Host A but does not have the MAC address of Host A in its ARP cache. Host B shoots a broadcast message for all hosts within the broadcast domain to obtain the MAC address associated with the IP address of Host A. All hosts within the same broadcast domain receive the ARP request, and Host A responds with its MAC address. We can see the ARP entries on our computers by entering the command arp -a . So, back to the topic on what is a Gratuitous reply, here is a better explanation. Gratuitous arp is when a device will send an ARP packet that is not a response to a request. Ideally a gratuitous ARP request is an ARP request packe

Google Cloud : Basic Cloud Shell commands

Google Cloud resources can be managed in multiple ways. It can be done using Cloud Console, SDK or by using Cloud Shell. A few basic Google Cloud shell commands are listed below. 1)    List the active account name gcloud auth list 2)    List the project ID gcloud config list project 3)    Create a new instance using Gcloud shell gcloud compute instances create [INSTANCE_NAME] --machine-type n1-standard-2 --zone [ZONE_NAME] Use gcloud compute machine-types list to view a list of machine types available in particular zone. If the additional parameters, such as a zone is not specified, Google Cloud will use the information from your default project. To view the default project information, use gcloud compute project-info describe 4)    SSH in to the machine gcloud compute ssh [INSTANCE_NAME] --zone [YOUR_ZONE] 5)    RDP a windows server gcloud compute instances get-serial-port-output [INSTANCE_NAME] --zone [ZONE_NAME] 6)    Command to check whether the server is ready f

Recovery Procedure: Alcatel-Lucent Omni-Switch not booting AOS: Going to Mini-boot prompt.

Problem: Switch not booting AOS; Going to Mini-boot prompt. Model: Alcatel-Lucent OS6850 [Note:The same procedure might be applicable for different models of Omni-Switches, However, for this illustration, i have used OS-6850 ] Reason: This problem may occurs due to corrupt AOS image files or misconfigured boot parameters. Hence switch cannot boot the images properly and will go to Mini-boot prompt.  Work Around: [Note: This zmodem procedure consumes a lot to time to finish the process.] 1.) Power off your OS6850 2.) When you switched it back on, stop it before the Miniboot (there is some counter counting down from 4). Press Enter to break. 3.) You will have the following prompt " => " 4.) Enter " setenv baudrate 115200 ”. Increasing baudrate helps to increase the data transfer speed using zmodem. 5.) Enter " saveenv " 6.) Enter " boot " 7.) The switch should run now in baud rate 115200 (so you have to change your clients ter

PrintNightmare (CVE-2021-1675) PoC exploit Walkthrough

I am not an exploit developer but was interested to see how this vulnerability can be exploited. So i tried to replicate the infamous PrintNightmare vulnerability using the following PoCs ( https://github.com/cube0x0/CVE-2021-1675 ) and ( https://github.com/rapid7/metasploit-framework/pull/15385 ) However i had trouble with the new metasploit module (auxiliary/admin/dcerpc/cve_2021_1675_printnightmare) and i couldn't able to exploit the machine successfully. So i tried the second PoC from cube0x0. This one has done the magic. I just followed the guidelines with couple of tweaks. First of all, i installed the impacket (cube0x0 version) which will install the required modules and files. After that i set up a samba share with an anonymous login. This is required for hosting the dll file. I edited the smb.conf with the following settings. [global]     map to guest = Bad User     server role = standalone server     usershare allow guests = yes     idmap config * : backend = tdb     s

Cisco Modular Policy Framework (MPF) : A brief Introduction

Modular Policy Framework (MPF) configuration defines set of rules for applying firewall features, such as traffic inspection, QoS etc. to the traffic transiting the firewall There are 3 main components in creating a MPF. 1) Class Map Class map is used to identify the type of traffic. This can be done by creating an ACL. 2) Policy Map Policy Map specifies what action the ASA should take against the traffic identified by the Class Map. 3) Service Policy Finally Service policy specifies where to apply it. The policy is applied to an interface or Globally. Udacity has special offers worldwide to help anyone learn important, higher-paying job skills during this challenging time. Click here to get your offer and start learning now! Sample Illustration Consider the following Command lines. access-list OUTSIDE-TO-INSIDE permit tcp any any eq ftp <--- The above ACL will allow FTP traffic. This ACL can be different than the Interface ACL---> class-map FTP-CLASS-MAP     match ac

Microsoft Windows NLB Feature for Stateful Applications

NLB is a software-based load balancer (Windows Feature) that resides on each member in the cluster. Load Balancing is based on number of client connection requests and the NLB algorithm does not dynamically respond to changes in the load on each cluster host (such as the CPU load or memory usage or Network Usage). Thus, If client population is less and/or the connections produce varying loads on the server, the load balancing algorithm of Microsoft NLB is less effective. Udacity has special offers worldwide to help anyone learn important, higher-paying job skills during this challenging time. Click here to get your offer and start learning now! To understand how NLB preserve the session state, first let me take you through the difference between a stateful and stateless connections: Stateless The application connection is said to be stateless if the server does not store any state about the client session instead the session data is saved at th client side. The server does n

Cisco ASA Firewall: Packet Flow/Mode of Operation

Scenario : So here is a packet initiated from Inside to the Outside [ingress to egress]. 1) A user who is sitting inside of the network is trying to access a website located at the Internet (outside) 2) The packet hits the inside interface (Ingress) of ASA. 3) Once the packet reached ASA, it will verify whether this is an existing connection by checking its internal connection table. If it is an existing connection, the ACL check (step 4) will be bypassed and move to step 5. ASA will check for the TCP flag if its a TCP packet. If the packet contains a SYN flag, then the new connection entry will be created in the connection table(connection counter gets incremented). Other than SYN flag, the packet will be discarded and a log entry will be created. "Remember the 3-way handshake process. SYN/SYN-ACK/ACK. If the TCP connection flags are not in the order as it is intended to be, ASA will simply drop the packet. Most of the scanning/attacks are done by these flag manipula