InfoSec LAB

Instant_Beyond

Created: 3 min read

Beyond

This is the beyond page that an additional post enumeration and assessment are conducted as the root user after compromising the target system.

Services

instant-app.service swagger-start.service

instant-app.service

root@instant:~# systemctl status instant-app.service
 instant-app.service - Start REST API for Instant
     Loaded: loaded (/etc/systemd/system/instant-app.service; enabled; preset: enabled)
     Active: active (running) since Sun 2024-10-13 14:28:34 UTC; 7h ago
   Main PID: 1332 (python3)
      Tasks: 1 (limit: 2219)
     Memory: 47.6M (peak: 47.9M)
        CPU: 4.533s
     CGroup: /system.slice/instant-app.service
             └─1332 /home/shirohige/projects/mywallet/myenv/bin/python3 app.py
 
Oct 13 14:28:34 instant systemd[1]: Started instant-app.service - Start REST API for Instant.
Oct 13 14:28:38 instant python3[1332]:  * Serving Flask app 'app'
Oct 13 14:28:38 instant python3[1332]:  * Debug mode: off
Oct 13 14:28:38 instant python3[1332]: WARNING: This is a development server. Do not use it in a production deployment. Use a production WSGI server instead.
Oct 13 14:28:38 instant python3[1332]:  * Running on http://127.0.0.1:8888
Oct 13 14:28:38 instant python3[1332]: Press CTRL+C to quit
Oct 13 18:40:53 instant python3[1332]: 127.0.0.1 - - [13/Oct/2024 18:40:53] "GET /api/v1/admin/read/log?log_file_name=../.ssh/id_rsa HTTP/1.1" 401 -
Oct 13 18:40:59 instant python3[1332]: 127.0.0.1 - - [13/Oct/2024 18:40:59] "GET /api/v1/admin/read/log?log_file_name=../.ssh/id_rsa HTTP/1.1" 401 -
Oct 13 18:41:49 instant python3[1332]: 127.0.0.1 - - [13/Oct/2024 18:41:49] "GET /api/v1/admin/read/log?log_file_name=../.ssh/id_rsa HTTP/1.1" 401 -
Oct 13 18:43:19 instant python3[1332]: 127.0.0.1 - - [13/Oct/2024 18:43:19] "GET /api/v1/admin/read/log?log_file_name=../.ssh/id_rsa HTTP/1.1" 401 -
root@instant:~# cat /etc/systemd/system/instant-app.service
[Unit]
Description=Start REST API for Instant
After=network.target
 
[Service]
User=shirohige
WorkingDirectory=/home/shirohige/projects/mywallet/Instant-Api/mywallet
ExecStart=/home/shirohige/projects/mywallet/myenv/bin/python3 app.py
Restart=always
 
[Install]
WantedBy=multi-user.target

swagger-start.service

root@instant:~# systemctl status swagger-start.service
 swagger-start.service - Start Swagger For The Instant REST Api
     Loaded: loaded (/etc/systemd/system/swagger-start.service; enabled; preset: enabled)
     Active: active (running) since Sun 2024-10-13 14:28:35 UTC; 7h ago
   Main PID: 1340 (python3)
      Tasks: 1 (limit: 2219)
     Memory: 59.4M (peak: 59.7M)
        CPU: 4.734s
     CGroup: /system.slice/swagger-start.service
             └─1340 /home/shirohige/projects/mywallet/myenv/bin/python3 serve.py
 
Oct 13 18:42:26 instant python3[1340]: 127.0.0.1 - - [13/Oct/2024 18:42:26] "GET /flasgger_static/swagger-ui.css HTTP/1.1" 200 -
Oct 13 18:42:26 instant python3[1340]: 127.0.0.1 - - [13/Oct/2024 18:42:26] "GET /flasgger_static/swagger-ui-bundle.js HTTP/1.1" 200 -
Oct 13 18:42:26 instant python3[1340]: 127.0.0.1 - - [13/Oct/2024 18:42:26] "GET /flasgger_static/swagger-ui-standalone-preset.js HTTP/1.1" 200 -
Oct 13 18:42:26 instant python3[1340]: 127.0.0.1 - - [13/Oct/2024 18:42:26] "GET /flasgger_static/lib/jquery.min.js HTTP/1.1" 200 -
Oct 13 18:42:26 instant python3[1340]: 127.0.0.1 - - [13/Oct/2024 18:42:26] "GET /flasgger_static/lib/jquery.min.js HTTP/1.1" 200 -
Oct 13 18:42:26 instant python3[1340]: 127.0.0.1 - - [13/Oct/2024 18:42:26] "GET /flasgger_static/swagger-ui-standalone-preset.js HTTP/1.1" 200 -
Oct 13 18:42:27 instant python3[1340]: 127.0.0.1 - - [13/Oct/2024 18:42:27] "GET /flasgger_static/swagger-ui-bundle.js HTTP/1.1" 200 -
Oct 13 18:42:27 instant python3[1340]: 127.0.0.1 - - [13/Oct/2024 18:42:27] "GET /apispec_1.json HTTP/1.1" 200 -
Oct 13 18:42:42 instant python3[1340]: 127.0.0.1 - - [13/Oct/2024 18:42:42] "GET /api/v1/admin/read/log?log_file_name=../.ssh/id_rsa HTTP/1.1" 401 -
Oct 13 18:43:44 instant python3[1340]: 127.0.0.1 - - [13/Oct/2024 18:43:44] "GET /api/v1/admin/read/log?log_file_name=../.ssh/id_rsa HTTP/1.1" 201 -
root@instant:~# cat /etc/systemd/system/swagger-start.service
[Unit]
Description=Start Swagger For The Instant REST Api
After=network.target
 
[Service]
User=shirohige
WorkingDirectory=/home/shirohige/projects/mywallet/Instant-Api/mywallet
ExecStart=/home/shirohige/projects/mywallet/myenv/bin/python3 serve.py
Restart=always
 
[Install]
WantedBy=multi-user.target

Interactive Graph View

Backlinks