Tag: #sickos

SickOS 1.2 Walkthrough

SickOS 1.2 Walkthrough

Penetration Testing, Security
Since I have managed to put down SickOS 1.1, I guess the next challenge would be visiting SickOS 1.2. After setting up the machine through VMWare, an initial Nmap scan towards 192.168.209.161 (Address of SickOS 1.2) has shown the following output: By the results shown, only two TCP ports were open. One SSH and another one is an HTTP service. Firing up Mozilla in Kali and typing in the IP address 192.168.209.161 should give us this output: The next things to do were: Check robots.txt (Not found) Check source code of web page (Nothing really useful) Use dirb Use HTTP Nmap scripts against the main directory (Nothing really useful)   Looking at the HTTP headers when browsing the website, it was also found that the server was using lighttpd 1.4.28 (als...
SickOS 1.1 Walkthrough

SickOS 1.1 Walkthrough

Penetration Testing, Security
SickOS 1.1 Walkthrough After finishing PWK and achieving OSCP, my brain started to look for more machines to play with which led me to download SickOS 1.1. So after setting up the machine through VMWare, an initial Nmap scan towards 192.168.209.160 (Address of SickOS 1.1) shows the following output: By the results shown, only two TCP ports are open. One SSH and another is actually an HTTP proxy so let's configure Firefox to the proxy port 3128: Once Firefox has been configured with the settings, typing in the IP address of SickOS 1.1 in the browser should present us with the image below: Oooh. I see some trolling here. When doing penetration testing, I've learned to organize my own methodology or 'steps' in doing information gathering so the first thing that I did w...