txt

Hackback a DIY guide.txt
Hackback A Diy Guide

Detailed narrative of an intrusion and the tools used for internal network reconnaissance.

This page contains AI generated content. Errors or omissions may be present. Use human level critical thinking.
  • Q: What tool was used for internal network reconnaissance?
    A: Powerview.
  • Q: How did the attacker pivot through the network?
    A: Using a SOCKS proxy server and proxychains.
  • Q: What vulnerability was exploited?
    A: A 0day in a spam filtering appliance.
  • Q: What specific tools were used for post-exploitation?
    A: Busybox, nmap, Responder.py, Python, tcpdump, dsniff, socat, screen, SOCKS proxy, tgcd.
  • Q: How did the attacker access the 'Rete Sviluppo'?
    A: By finding passwords in a Truecrypt volume that allowed access to a Nagios server bridging the networks.
  • Q: What is 'LLMNR/NBT-NS poisoning'?
    A: A technique used by Responder.py to capture credentials from Windows machines on the local network.
  • Q: What is the 'NoAuthentication' vulnerability?
    A: Refers to NoSQL databases (like MongoDB) often being deployed without authentication by default.
  • Q: What is 'Golden Ticket' persistence?
    A: Forging a Kerberos Ticket Granting Ticket (TGT) to maintain unlimited access to a domain.
  • Q: Why avoid direct Tor connections?
    A: To prevent correlation attacks; the author suggests using public Wi-Fi or bridge nodes.
  • Q: What is 'dsniff' used for?
    A: Sniffing plaintext passwords and performing ARP spoofing.

Ask a question

Have a doubt or need clarification?



I’m here to help. Share your question, and I’ll get back to you with the guidance you need regarding the course.

Thank you!

I have received your message and I shall get back to you shortly.