Message from @Timeward
Discord ID: 599384873655992333
ye
so you're trying to get gud? stackoverflow is probably where you should be lol
I'm just trying to do this assignment for now
@EndangeredProdigy what specifically are you tasked with doing? You weren’t given any sort of idea?
One sec I'll paste the instructions
all you've told us is "get in some server and get some credentials"
Objective
The objective of this scenario is to deface the corporate web server. In order to accomplish this objective, you need to complete a series of tasks designed to test your ability to enumerate and identify potential system and network vulnerabilities, exploit systems and/or networks based on vulnerability discoveries, recover system user credentials, use recovered credentials to pivot onto other information systems in the network(s) and establish a connection to deface the corporate web server.
Each task in this scenario builds upon the task before it. There may be a situation where a solution exists outside the proposed task methodology. You are NOT penalized for using a different solution – please use whatever means necessary to achieve the final objective – Deface the Web Server.
Scenario
You were recently hired for a Pentration Tester position. You are responsible for pentration testing information systems located in the Local Area Network (LAN) and the Demilitarized Zone (DMZ).
A new web server was recently installed in the DMZ and you are tasked with attempting to compromise this server as a simulated external (WAN/Internet) threat. For the purposes of this exercise you have access to a Kali Linux virtual machine.
Notes:
The IP address of the external router is 198.51.100.1/32.
The IP address of the corporate web server resides somewhere on the 120.38.48.0/24 network.
Scenario
In this exercise, you will use a Kali Linux virtual machine to intrude into a demonstration network to deface a corporate web server.
1. Use the Kali Linux virtual machine to enumerate the network and discover any potential misconfigurations and/or vulnerable information systems.
Log into the Kali Linux VM:
Username: root
Password: performanscore
2. Based on your vulnerability discovery(ies), exploit the system(s) using the Kali Linux virtual machine.
3. Use a method available to you on the Kali Linux virtual machine to recover any credentials from the compromised system.
4. Use your newly acquired network access to create a pass-through capability (PIVOT) onto other networks of opportunity.
5. Use the built-in functions of Metasploit on the Kali Linux virtual machine to conduct a portscan on the LAN network. Discover any potential misconfigurations and/or vulnerable information systems.
6. Use the previously stolen credentials to access the domain controller.
7. Leverage xfreerdp on the Kali Linux virtual machine to RDP onto the Windows 8 VM.
8. Deface the webpage hosted on the web server by modifying the webpage index.html file.
This looks like something you’d see in packettracer or something...
You doing CCNA Sec or something?
Just a cybersecurity program at University
Ah.
Could you help?
shoulda paid attention in class <:hypersmugon:544638648721604608>
no, im not an expert :p
We don't have class it's online
what are stuck on?
No particularly, I’m afraid. I’m far better at building a router than I am at tearing it down. Best of luck regardless.
hes defacing a webpage on a a virtual assignment in whatever means he chooses
I've only been able to open a meterpreter session on the router
But not the server
it is amazing how many trees he cut down
powah of the Kaiser
looks good @SideTracker
Yeah... nice hair but... idk if this server will allow
I ain’t a snitch tho
@Gespa we've had "not nude" photos of anthropomorphic horses in here before, I don't think they give a shit unless its actual nudity
Fair enough kek
we're back in the 30s folks
high school’s rough
German are extremely rigorous during their weapons' tests
