Lessons Learned

Some Valuable Lessons

Default credentials are very common. Admins should configure credentials to not be default as they can be easily guessed. By obtaining credentials, I was able to further my attack and take advantage of a vulnerability. Having a secure password could of prevented me from doing so.
You can figure out versions without Gobuster and they can be more efficient aswell.
Brute forcing into a login panel should be your last resort if all else fails. Brute forcing can lock you out and this can seem unprofessional.
When you check your privleges to check what can be ran as sudo, RUN AS SUDO
A regular user had the ability to run a script with root privleges. Why? A regular user should not be able to run a script with such privleges, and if they do, the admin should remove privleges immediatley.
Just because the file and directory are not on the system, does not mean files are not executable. You can create files and Linux machines will still run them. It won't care when they were created as long as they are there. (Example, we created a path and montor.sh script)

Last updated 4 years ago

Was this helpful?

Some Valuable Lessons

Default credentials are very common. Admins should configure credentials to not be default as they can be easily guessed. By obtaining credentials, I was able to further my attack and take advantage of a vulnerability. Having a secure password could of prevented me from doing so.
You can figure out versions without Gobuster and they can be more efficient aswell.
Brute forcing into a login panel should be your last resort if all else fails. Brute forcing can lock you out and this can seem unprofessional.
When you check your privleges to check what can be ran as sudo, RUN AS SUDO
A regular user had the ability to run a script with root privleges. Why? A regular user should not be able to run a script with such privleges, and if they do, the admin should remove privleges immediatley.
Just because the file and directory are not on the system, does not mean files are not executable. You can create files and Linux machines will still run them. It won't care when they were created as long as they are there. (Example, we created a path and montor.sh script)

Last updated 4 years ago

Was this helpful?