Message from @Gespa
Discord ID: 599384196854710276
why are you the one trying to get into it
That literally is cyber security.
Part of knowing how to stop something is knowing how to get in.
Because to do penetration testing you have to show that a system is vulnerable
hmph
did they not teach you?
That's what they are doing
That's why I'm assigned the lab
then they should've taught you how :p
That's not how it works lol
You’re being quite obstinate Tim
ye
so you're trying to get gud? stackoverflow is probably where you should be lol
I'm just trying to do this assignment for now
@EndangeredProdigy what specifically are you tasked with doing? You weren’t given any sort of idea?
One sec I'll paste the instructions
all you've told us is "get in some server and get some credentials"
Objective
The objective of this scenario is to deface the corporate web server. In order to accomplish this objective, you need to complete a series of tasks designed to test your ability to enumerate and identify potential system and network vulnerabilities, exploit systems and/or networks based on vulnerability discoveries, recover system user credentials, use recovered credentials to pivot onto other information systems in the network(s) and establish a connection to deface the corporate web server.
Each task in this scenario builds upon the task before it. There may be a situation where a solution exists outside the proposed task methodology. You are NOT penalized for using a different solution – please use whatever means necessary to achieve the final objective – Deface the Web Server.
Scenario
You were recently hired for a Pentration Tester position. You are responsible for pentration testing information systems located in the Local Area Network (LAN) and the Demilitarized Zone (DMZ).
A new web server was recently installed in the DMZ and you are tasked with attempting to compromise this server as a simulated external (WAN/Internet) threat. For the purposes of this exercise you have access to a Kali Linux virtual machine.
Notes:
The IP address of the external router is 198.51.100.1/32.
The IP address of the corporate web server resides somewhere on the 120.38.48.0/24 network.
Scenario
In this exercise, you will use a Kali Linux virtual machine to intrude into a demonstration network to deface a corporate web server.
1. Use the Kali Linux virtual machine to enumerate the network and discover any potential misconfigurations and/or vulnerable information systems.
Log into the Kali Linux VM:
Username: root
Password: performanscore
2. Based on your vulnerability discovery(ies), exploit the system(s) using the Kali Linux virtual machine.
3. Use a method available to you on the Kali Linux virtual machine to recover any credentials from the compromised system.
4. Use your newly acquired network access to create a pass-through capability (PIVOT) onto other networks of opportunity.
5. Use the built-in functions of Metasploit on the Kali Linux virtual machine to conduct a portscan on the LAN network. Discover any potential misconfigurations and/or vulnerable information systems.
6. Use the previously stolen credentials to access the domain controller.
7. Leverage xfreerdp on the Kali Linux virtual machine to RDP onto the Windows 8 VM.
8. Deface the webpage hosted on the web server by modifying the webpage index.html file.
You doing CCNA Sec or something?
Just a cybersecurity program at University
Ah.
Could you help?
shoulda paid attention in class <:hypersmugon:544638648721604608>
no, im not an expert :p
We don't have class it's online
what are stuck on?
No particularly, I’m afraid. I’m far better at building a router than I am at tearing it down. Best of luck regardless.
hes defacing a webpage on a a virtual assignment in whatever means he chooses
I've only been able to open a meterpreter session on the router
But not the server
it is amazing how many trees he cut down
powah of the Kaiser
looks good @SideTracker
