With the recent talk about hijacking IP cameras for the purposes of creating a bot army, I decided to order a camera.   I'd seen this model or one like it in my local lunch place and I ordered one from Amazon.  Two days later, I got my target, a "D-Link DCS-930L Wi-Fi Camera with Remote Viewing".  Nothing fancy really.  Just a $30 camera that can be used wired or wirelessly, but apparently only good for "day use".  It will serve my purpose though.  Army of one.

    There’s a certain feeling of satisfaction when you can manually work your way through exploiting a box.  Not only that, you’ll have a better understanding of what’s really going on under the hood.  You don’t really get that when you’re using automated tools.  Not that I don’t use what’s in the toolbox but given the choice, I will try the manual route first.

    I've not seen much of Drupal from either side but I found myself staring at a 7.31 installation and after some quick searches, I realized it was vulnerable to SQL injection.

    I have a wordlist I created from a collection of wordlists I've acquired.  It's not the end-all, be-all wordlist but it's a big and if you have a weak password, it's in this list.  In fact, if you have a decent password, it's in the list.

    It's a good list for banging against passwords to see if they are reasonably secure.  When I attempt to crack a passwords, I go to the top 10 most used, the top 500 most used, and then 'the' list.  Beyond that, I'm probably going to stop unless I have a different motivation.

    Network segmentation is common in the enterprise but becoming more common in smaller environments.  If I compromise a box in my local segment and that box has access to another segment, we can use port forwarding to leap frog across.

    The typical example has us making an actual connection which ties up one of our terminal sessions with an open ssh connection.  Fine, we can spawn a bunch of terminal sessions but we can also background it.

    © 2020 sevenlayers.com