Exploiting EternalBlue
Blue holes are fascinating geological phenomena. Where bedrock dissolves, they form underwater in the middle of limestone-rich areas, and get their name from the stark contrast between them and their surroundings.
How great things happen
Blue holes are fascinating geological phenomena. Where bedrock dissolves, they form underwater in the middle of limestone-rich areas, and get their name from the stark contrast between them and their surroundings.
TryHackMe’s ICE room is an easy boot-to-root process that exploits a basic (albeit specific) misconfiguration. How would it be done in a real-world scenario? Fictionalizing what this would look like will hopefully make this walk-through a little more interesting and relatable. Of course, this example is entirely made-up. In any real-world scenario, you will need authorization to test something like this legally! Exploits can have unintended consequences, including permanent damage and data loss.
Ubuntu has a special place in my heart. It was the first Linux distribution I ever installed. Someone gave me an old fat Toshiba laptop, and since it was running the ancient Windows Vista and thus was practically useless, I followed a guide to flash Ubuntu. With it, I self-hosted a personal website that I never got to production because I spent all my time designing a loading screen. But I digress.
Metasploit is a double-edged sword. Written in Ruby, it is a full-featured framework for penetration testing. Penetration testing is the act of breaking into systems—legally, for the good guys. Because it enables security engineers to find weaknesses to patch, it keeps them with a job.
I had installed Ubuntu before. I had even installed MacOS. But I had no clue Windows 10 on VirtualBox would the nastiest to do. It took a lot of head-banging just to figure out what the problem was. For historical purposes, I’m leaving the first part of this article as I originally wrote it under “What I tried,” so that hopefully, someone out there with the same problem as myself will benefit from a walk-through of the thought process.
Imagine you’re a computer. A computer sealed off from any others. You may hear from people, but never from one of your own kind.
Nmap is a powerful and essential program for understanding how networks operate and what is happening on a network. According to its manual, it is “an open source tool for network exploration and security auditing” [nmap.org].
The internet is founded on the principles of the OSI (Open Systems Interconnection) model. Although it’s not the most comfortable to learn about, it is essential. This is a high-level summary of OSI key concepts.
If active recon is like eating anchovy pizza, passive recon is asking other people about the pizza. Which method tells you more? Which method signals the anchovies that you’re researching them? You get my point.
On the command line, there are a few essential utilities to reveal this data without the target necessarily knowing you’re researching about them. I find these command-line tools far more efficient than their Google-and-GUI counterparts.