Title | Immersive Labs Week 4 |
---|---|
Course | Ethical Hacking |
Institution | National University (US) |
Pages | 1 |
File Size | 57.2 KB |
File Type | |
Total Downloads | 37 |
Total Views | 145 |
Write-up after having completed the following labs on Immersive Labs:
1. Immersive -> Originals -> Immersive Bank – Episode One: Open Source and Credentials
2. Immersive -> Originals -> Immersive Bank:Episode Two Gaining Access...
CYB 632 5/22/2021 Immersive Labs – Week 4 The first question in the first lab asked for the CEO’s name. That was already given in the introduction to the lab, but it is also available on the bank’s website when you click on “Team”. The second question described the company’s guidelines for usernames and asked what the CEO’s username would be, so it was straightforward. The third question asked us what the CEO’s password was. The SHA25 hash of the password was provided. I know I could have plugged it into a reverse hash lookup online, but I know it is bad practice to do something like that because people can see what you do online, and so I used hashcat. I created a text file and put the hash in it. At first, I tried brute force, but I know that approach takes too long after seven alphanumeric character combinations, and so, when it passed seven, I broke and decided to try a dictionary attack. I used the popular, comprehensive rockyou.txt wordlist. running the command “hashcat -m 1400 -a 0 hash.txt rockyou.txt -o cracked.txt”, “m 1400” being for raw SHA256 (unsalted), “-a 0” being “straight” (using a wordlist), and “-o” outputting the results to “cracked.txt”. I should have used this dictionary attack to begin with because it was so much quicker. Going through seven alphanumeric combinations the brute force method took a little over an hour. To gain access to the CEO’s computer, I used rdesktop with his username and password along with the IP address of ILM bank and the port number given away in the blog. I accomplished this with “rdesktop -u carlof -p manunited 10.102.11.31:8877”. The first question asked about the animal depicted on the logo of the CEO’s daughter. On his desktop, there was a PDF file called “School Letter”. At first, I thought it was a swordfish, but it was not. I did a reverse image lookup on the internet and had no luck. I then decided to look up the school’s name. I think it is a made-up school, but apparently “narwhal” is an animal, and that is what it was. The second question asked for a specific word in a document on the CEO’s computer. It mentioned a “mergers” document. The first place I went to was the Documents folder. There I saw a document with the word “mergers” in it. It was a long document and I searched for the whole phrase “international bank of” with no luck, so I tried “bank of” and “international”, but still no luck. I continued looking around the Documents folder and found a directory that mentioned mergers. It led to subdirectories which led to another file that had to have been it. It was password protected. I tried “narwhal” and it got me in. This CEO needs to learn the importance of strong passwords and the company needs to have stronger password requirements....