GitBook: [#3593] No subject

This commit is contained in:
CPol 2022-10-11 11:05:32 +00:00 committed by gitbook-bot
parent bd0b87e02c
commit 6dea47e6b8
No known key found for this signature in database
GPG key ID: 07D2180C7B12D0FF
7 changed files with 4 additions and 4 deletions

Binary file not shown.

After

Width:  |  Height:  |  Size: 142 KiB

Binary file not shown.

Before

Width:  |  Height:  |  Size: 142 KiB

After

Width:  |  Height:  |  Size: 12 KiB

Binary file not shown.

Before

Width:  |  Height:  |  Size: 12 KiB

After

Width:  |  Height:  |  Size: 25 KiB

Binary file not shown.

Before

Width:  |  Height:  |  Size: 25 KiB

After

Width:  |  Height:  |  Size: 92 KiB

View file

@ -105,7 +105,7 @@ Thus, after establishing the neighborhood, we know about the existence of these
**I have found that generating and quickly sending out mass EIGRP hello packets overloads the routers CPU, which in turn can open the door to a DoS attack.** I have developed a little [**helloflooding.py**](https://github.com/in9uz/EIGRPWN/blob/main/helloflooding.py) **** script, but it seems to me that the script lacks the speed of sending out the packets. **Its caused by GIL**, which prevents the **sprayhello** function from running in multiple threads per second. **Eventually Ill rewrite the script in C.** **I have found that generating and quickly sending out mass EIGRP hello packets overloads the routers CPU, which in turn can open the door to a DoS attack.** I have developed a little [**helloflooding.py**](https://github.com/in9uz/EIGRPWN/blob/main/helloflooding.py) **** script, but it seems to me that the script lacks the speed of sending out the packets. **Its caused by GIL**, which prevents the **sprayhello** function from running in multiple threads per second. **Eventually Ill rewrite the script in C.**
<figure><img src="../../.gitbook/assets/image (2) (6).png" alt=""><figcaption></figcaption></figure> <figure><img src="../../.gitbook/assets/image (2) (6) (1).png" alt=""><figcaption></figcaption></figure>
Arguments of the script: Arguments of the script:

View file

@ -210,7 +210,7 @@ Using the correct credentials you can upload a file. In the response the path wi
Also there is a **faster way** to brute-force credentials using **`system.multicall`** as you can try several credentials on the same request: Also there is a **faster way** to brute-force credentials using **`system.multicall`** as you can try several credentials on the same request:
![](https://firebasestorage.googleapis.com/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F-L\_2uGJGU7AVNRcqRvEi%2Fuploads%2FFX0g2BLsdfdQnq1xXx3N%2Ffile.jpeg?alt=media) <figure><img src="../../.gitbook/assets/image.png" alt=""><figcaption></figcaption></figure>
**Bypass 2FA** **Bypass 2FA**

View file

@ -116,7 +116,7 @@ winrs -r:http://bizintel:5446 -u:ta\redsuit -p:2600leet hostname
Like `Invoke-Command`, this can be easily scripted so the attacker can simply issue system commands as an argument. A generic batch script example _winrm.bat_: Like `Invoke-Command`, this can be easily scripted so the attacker can simply issue system commands as an argument. A generic batch script example _winrm.bat_:
<figure><img src="../../.gitbook/assets/image (2).png" alt=""><figcaption></figcaption></figure> <figure><img src="../../.gitbook/assets/image (2) (6).png" alt=""><figcaption></figcaption></figure>
### OpenSSH <a href="#openssh" id="openssh"></a> ### OpenSSH <a href="#openssh" id="openssh"></a>
@ -136,7 +136,7 @@ Download the latest [OpenSSH Release zip from github](https://github.com/PowerSh
Uncompress the zip to where youd like. Then, run the install script - `Install-sshd.ps1` Uncompress the zip to where youd like. Then, run the install script - `Install-sshd.ps1`
<figure><img src="../../.gitbook/assets/image.png" alt=""><figcaption></figcaption></figure> <figure><img src="../../.gitbook/assets/image (2).png" alt=""><figcaption></figcaption></figure>
Lastly, just add a firewall rule to **open port 22**. Verify the SSH services are installed, and start them. Both of these services will need to be running for SSH to work. Lastly, just add a firewall rule to **open port 22**. Verify the SSH services are installed, and start them. Both of these services will need to be running for SSH to work.