Mitchell Moser mitchmoser
mitchmoser
/ Kioptrix 2014 netdiscover
Last active
March 31, 2018 01:02
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Currently scanning: Finished! | Screen View: Unique Hosts | |
| 3 Captured ARP Req/Rep packets, from 3 hosts. Total size: 180 | |
| _____________________________________________________________________________ | |
| IP At MAC Address Count Len MAC Vendor / Hostname | |
| ----------------------------------------------------------------------------- | |
| ... 00:50:56:c0:00:01 1 60 VMware, Inc. | |
| 192.168.15.150 00:0c:29:36:47:99 1 60 VMware, Inc. | |
| ... 00:50:56:ee:79:6f 1 60 VMware, Inc. |
mitchmoser
/ Kioptrix 2014 nmap -sV -sC
Created
March 31, 2018 01:10
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Starting Nmap 7.60 ( https://nmap.org ) at 2018-03-30 20:08 CDT | |
| Nmap scan report for 192.168.15.150 | |
| Host is up (0.00053s latency). | |
| Not shown: 997 filtered ports | |
| PORT STATE SERVICE VERSION | |
| 22/tcp closed ssh | |
| 80/tcp open http Apache httpd 2.2.21 ((FreeBSD) mod_ssl/2.2.21 OpenSSL/0.9.8q DAV/2 PHP/5.3.8) | |
| |_http-server-header: Apache/2.2.21 (FreeBSD) mod_ssl/2.2.21 OpenSSL/0.9.8q DAV/2 PHP/5.3.8 | |
| 8080/tcp open http Apache httpd 2.2.21 ((FreeBSD) mod_ssl/2.2.21 OpenSSL/0.9.8q DAV/2 PHP/5.3.8) | |
| MAC Address: 00:0C:29:36:47:99 (VMware) |
mitchmoser
/ Kioptrix dirb 80
Created
March 31, 2018 01:19
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ----------------- | |
| DIRB v2.22 | |
| By The Dark Raver | |
| ----------------- | |
| START_TIME: Fri Mar 30 20:17:38 2018 | |
| URL_BASE: http://192.168.15.150/ | |
| WORDLIST_FILES: /usr/share/dirb/wordlists/common.txt | |
| ----------------- |
mitchmoser
/ Kioptrix 2014 8080
Created
March 31, 2018 01:23
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ----------------- | |
| DIRB v2.22 | |
| By The Dark Raver | |
| ----------------- | |
| START_TIME: Fri Mar 30 20:20:08 2018 | |
| URL_BASE: http://192.168.15.150:8080/ | |
| WORDLIST_FILES: /usr/share/dirb/wordlists/common.txt | |
| ----------------- |
mitchmoser
/ Kioptrix 2014 gobuster 8080
Last active
April 12, 2018 20:36
gobuster -w /usr/share/wordlists/dirbuster/directory-list-2.3-medium.txt -u http://192.168.15.150:8080 -s 200,204,301,302,307,403
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Gobuster v1.2 OJ Reeves (@TheColonial) | |
| ===================================================== | |
| [+] Mode : dir | |
| [+] Url/Domain : http://192.168.15.150:8080/ | |
| [+] Threads : 10 | |
| [+] Wordlist : /usr/share/wordlists/dirbuster/directory-list-2.3-medium.txt | |
| [+] Status codes : 200,204,301,302,307,403 |
mitchmoser
/ Kioptrix 2014 nikto 80
Created
March 31, 2018 01:50
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| - Nikto v2.1.6 | |
| --------------------------------------------------------------------------- | |
| + Target IP: 192.168.15.150 | |
| + Target Hostname: 192.168.15.150 | |
| + Target Port: 80 | |
| + Start Time: 2018-03-30 20:45:57 (GMT-5) | |
| --------------------------------------------------------------------------- | |
| + Server: Apache/2.2.21 (FreeBSD) mod_ssl/2.2.21 OpenSSL/0.9.8q DAV/2 PHP/5.3.8 | |
| + Server leaks inodes via ETags, header found with file /, inode: 67014, size: 152, mtime: Sat Mar 29 12:22:52 2014 | |
| + The anti-clickjacking X-Frame-Options header is not present. |
mitchmoser
/ Kioptrix 2014 pChart LFI
Created
March 31, 2018 02:08
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Exploit Title: pChart 2.1.3 Directory Traversal and Reflected XSS | |
| # Date: 2014-01-24 | |
| # Exploit Author: Balazs Makany | |
| # Vendor Homepage: www.pchart.net | |
| # Software Link: www.pchart.net/download | |
| # Google Dork: intitle:"pChart 2.x - examples" intext:"2.1.3" | |
| # Version: 2.1.3 | |
| # Tested on: N/A (Web Application. Tested on FreeBSD and Apache) | |
| # CVE : N/A |
mitchmoser
/ Kioptrix 2014 searchsploit phptax RCE
Last active
March 31, 2018 02:54
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # | |
| # ,--^----------,--------,-----,-------^--, | |
| # | ||||||||| `--------' | O .. CWH Underground Hacking Team .. | |
| # `+---------------------------^----------| | |
| # `\_,-------, _________________________| | |
| # / XXXXXX /`| / | |
| # / XXXXXX / `\ / | |
| # / XXXXXX /\______( | |
| # / XXXXXX / | |
| # / XXXXXX / |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Currently scanning: Finished! | Screen View: Unique Hosts | |
| 3 Captured ARP Req/Rep packets, from 3 hosts. Total size: 180 | |
| _____________________________________________________________________________ | |
| IP At MAC Address Count Len MAC Vendor / Hostname | |
| ----------------------------------------------------------------------------- | |
| ... 00:50:56:c0:00:01 1 60 VMware, Inc. | |
| 192.168.15.151 00:0c:29:c7:c7:fe 1 60 VMware, Inc. | |
| ... 00:50:56:ec:84:0a 1 60 VMware, Inc. |
mitchmoser
/ Stapler nmap -sV -sC
Last active
April 25, 2018 22:18
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Starting Nmap 7.60 ( https://nmap.org ) at 2018-04-12 15:11 CDT | |
| Nmap scan report for 192.168.15.151 | |
| Host is up (0.00066s latency). | |
| Not shown: 992 filtered ports | |
| PORT STATE SERVICE VERSION | |
| 20/tcp closed ftp-data | |
| 21/tcp open ftp vsftpd 2.0.8 or later | |
| | ftp-anon: Anonymous FTP login allowed (FTP code 230) | |
| |_Can't get directory listing: PASV failed: 550 Permission denied. | |
| | ftp-syst: |
OlderNewer