I can export all three files and save them to my local machine. I filtered for HTTP traffic as seen below: What is the tool used to download malicious files on the system?īased on our earlier findings, we know that the only other protocol present apart from SSH, is HTTP. What other credentials (username:password) could have been used to gain access also have SUDO privileges? Refer to shadow.log and sudoers.log.ħ. I used a tool called Hashcat to crack these hashes and I was able to recover two passwords: hashcat64.exe -m 1800 -a 0 hash.txt rockyou.txt -o cracked.txt manager:forgot sean:spectreĦ. What credentials (username:password) were used to gain access? Refer to shadow.log and sudoers.log.Īs part of the challenge, we received a shadow.log and a sudoers.log files.
This means that there were 52 failed attempts to establish an SSH session.ĥ. We can see that there is a total of 54 attempts to establish an SSH session, with only two being successful based on the bytes being sent from the server (B) to the client (A).
0 kommentar(er)
