InfoSec LAB

commander

Testing the DB credential for reuse

┌──(kali㉿kali)-[~/PEN-200/PG_PRACTICE/nukem]
└─$ ssh commander@$IP        
The authenticity of host '192.168.113.105 (192.168.113.105)' can't be established.
ED25519 key fingerprint is SHA256:xonp3jokwQ/DxrvEZ7jnNNoA6GH8t48bnZeogoJIFqg.
This key is not known by any other names.
Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
Warning: Permanently added '192.168.113.105' (ED25519) to the list of known hosts.
commander@192.168.113.105's password: CommanderKeenVorticons1990
[commander@nukem ~]$ whoami
commander
[commander@nukem ~]$ hostname
nukem
[commander@nukem ~]$ ip a 
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
3: ens192: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
    link/ether 00:50:56:9e:78:97 brd ff:ff:ff:ff:ff:ff
    altname enp11s0
    inet 192.168.113.105/24 brd 192.168.113.255 scope global ens192
       valid_lft forever preferred_lft forever
    inet6 fe80::250:56ff:fe9e:7897/64 scope link 
       valid_lft forever preferred_lft forever

Credential reuse confirmed Lateral Movement made to the commander user via SSH

InfoSec LAB

Explorer

Nukem_Lateral_Movement_commander

commander

Interactive Graph View

Backlinks