Network-Security
Found 4 related articles.
Back to Categories- 2025-02-17
Network Forensics of LLMNR/NBT-NS Poisoning Attacks
Detailed network forensics writeup investigating an LLMNR/NBT-NS poisoning incident using Wireshark. The analysis tracks the attack chain, identifying the initial mistyped network query (FILESHAARE), the attacker's rogue IP (192.168.232.215), the compromised user (janesmith) whose NTLM hash was intercepted via SMB, and the hostname of the accessed machine (AccountingPC), demonstrating the vulnerability of unauthenticated name resolution protocols.
- 2024-10-09
BreakMySSH - Exploiting OpenSSH CVE-2018-15473 for Root Access
Technical writeup detailing the compromise of the BreakMySSH challenge. Methodology covers Nmap scanning, exploiting the OpenSSH 7.7 Username Enumeration vulnerability (CVE-2018-15473) to identify a valid user, followed by a targeted password brute-force attack using Hydra to gain root access.
- 2024-09-17
Trust - SSH Brute-Force and Vim Sudo Privilege Escalation
Technical writeup detailing the compromise of the 'Trust' challenge. Methodology includes Nmap scanning and web fuzzing via Gobuster to identify hidden resources, a targeted Hydra brute-force attack to obtain SSH credentials, and final privilege escalation by exploiting the NOPASSWD sudo permission on the Vim binary.
- 2024-09-16
FirstHacking - Exploiting vsftpd 2.3.4 Backdoor (CVE-2011-2523)
Technical writeup demonstrating the exploitation of the vsftpd 2.3.4 backdoor (CVE-2011-2523) vulnerability on a DockerLabs environment. Methodology covers Nmap service detection, exploit identification via Searchsploit, remote command execution via the FTP service, and achieving immediate root access.