Jaacostan

CVE-2020-1472 | Netlogon Elevation of Privilege Vulnerability | Severity : Critical As per Microsoft, An elevation of privilege vulnerability exists when an attacker establishes a vulnerable Netlogon secure channel connection to a domain controller, using the Netlogon Remote Protocol. An attacker who successfully exploited the vulnerability could run a specially crafted application on a device on the network. To exploit the vulnerability, an unauthenticated attacker would be required to use MS-NRPC to connect to a domain controller to obtain domain administrator access. We use Impacket primarily to exploit this vulnerability. And for that set up a virtual environment. Though it is not mandatory to have a virtual environment to run Impacket, however for stability purpose we are using the virtual env. python3 -m pip install virtualenv python3 -m virtualenv impacketEnv source impacketEnv/bin/activate pip install git+https://github.com/SecureAuthCorp/impacket Once the environment is setup

  Prepare for AWS cloud practitioner certification exam by participating in the AWS Certified Global Challenge. AWS offers free training, a free practice exam, suggested resources, Q&A opportunities.    Registration Link : https://pages.awscloud.com/takethechallenge.html    Registration will be open October 1 - December 31, 2020. To attend live training sessions, sign up by October 11, 2020. Registrants after October 11, 2020 will be able to review recorded training sessions. To be recognized for meeting the Get AWS Certified Global Challenge, take and pass your AWS Certified Cloud Practitioner exam on or before December 31, 2020.   Only Training and practice exam voucher is provided by AWS. For earning the Cloud Practitioner title, you need to take the AWS Cloud Practitioner Exam that costs 100 USD.      

THM Room : Blog Link : https://tryhackme.com/room/blog Objective : Grab the root & user flags by exploiting the vulnerability in WordPress version. [CVE-2019-8942,CVE-2019-8943] Access the IP from your browser. That returns a non-formatted webpage, that hints you may add the URL in the hosts file. Add the URL in the hosts file. If you go through the web page source in your browser, you can see that many of the page links are called using the URL blog.thm. If you enumerate more, you can also find the WordPress version as well. Or you could find it using the wpscan tool. Perform the nmap scan. So we have ssh, web and samba share. Lets explore the samba share. Nice, we can get some files from here. So i used steg tools and found a text file. And unfortunately, its a rabbit hole. Now lets perform a directory scan. I have used my favorite tool gobuster for this. We can see a large number of directories, but not much use with this room objective. Now, since we know that the website is

      Register and attend Hacker Halted 2020 event and you might win free EC-Council exam vouchers, trainings and more.This year, the event is free to all.  : Register Here  

I have recently tried the PRET toolkit to hack the printers connected or accessible in your network. PRET stands for Printer Exploitation Toolkit. PRET can access the printer in your network or USB and exploits the features of the printer language. A hacker can perform activities such as capturing or manipulating print jobs, accessing the printer's file system, cached documents, access memory and even do permanent damages as well. PRET utilizes TCP port 9100 when connecting the printer over the network. There are three main languages that printers speak and you should know the exact one to successfully exploit the machine. You can do basic enumeration, try one by one. 1. ps (Postscript) 2. pjl (Printer Job Language) 3. pcl (Printer Command Language) You can see network printers everywhere. But how often organizations update the firmware of their printers? This could be a soft target for hackers.  Usage: Access and clone the toolkit from Github : https://github.com/RUB-NDS/PRET  #