Living Off the Land : Scanning

by Vince
in Blog
Hits: 1523

In an ideal world, we have access to all of our tools but things being what they are, eventually we will find ourselves in a situation where we our separated from our attacking server.  Let's say you takeover a host and you need to enumerate from that host which doesn't even have Nmap?  First we need to find targets and once we find targets, we need to enumerate each target.

Read more

Pivoting with Proxychains

by Vince
in Blog
Hits: 898

Let's say we have a small hole into an environment, like a web server sitting behind the firewall with a port open to the Internet.  We compromise the web server and from the web server, we can see other targets in the environment but we are unable to see those targets directly from our attacking machine.  We need a way of pivoting through that web server in order to attack those targets and that's where we can use Proxychains. 

In this first image, I'm getting ahead of myself a little bit but I wanted to paint the picture. 

Read more

Vulnhub DriftingBlues: 7 Walkthrough

by Vince
in Blog
Hits: 2110

No description on this one but it is rated as "easy".  I would say that there are a few moving parts and you can get sucked down a rabbit hole if you're not careful.  Stick to the first thing, latch on, go from there.

We kick off with Nmap:

Read more