SSH
Testing the cracked credential of the michael user
┌──(kali㉿kali)-[~/archive/htb/labs/sightless]
└─$ ssh michael@$IP
The authenticity of host '10.129.206.178 (10.129.206.178)' can't be established.
ED25519 key fingerprint is SHA256:L+MjNuOUpEDeXYX6Ucy5RCzbINIjBx2qhJQKjYrExig.
This key is not known by any other names.
Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
Warning: Permanently added '10.129.206.178' (ED25519) to the list of known hosts.
michael@10.129.206.178's password:
Last login: Tue Sep 3 11:52:02 2024 from 10.10.14.23
michael@sightless:~$ whoami
michael
michael@sightless:~$ hostname
sightless
michael@sightless:~$ ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
link/ether 00:50:56:94:66:19 brd ff:ff:ff:ff:ff:ff
altname enp3s0
altname ens160
inet 10.129.206.178/16 brd 10.129.255.255 scope global dynamic eth0
valid_lft 2042sec preferred_lft 2042sec
3: docker0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default
link/ether 02:42:56:53:1d:d0 brd ff:ff:ff:ff:ff:ff
inet 172.17.0.1/16 brd 172.17.255.255 scope global docker0
valid_lft forever preferred_lft forever
5: veth2437d80@if4: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master docker0 state UP group default
link/ether c6:a6:45:ea:a2:95 brd ff:ff:ff:ff:ff:ff link-netnsid 0Credential reuse confirmed
Initial Foothold established to the target system as the michael user