search
githubEdit

Tasks

hashtag
Gain System Access

hashtag
Crack System's Password

Run the Responder tool on the Ubuntu machine and find the NTLM hash for the user Jason on Windows 11. Simulate the user Jason (user: Jason and password: qwerty) on the Windows 11 machine. Enter the option that specifies the interface while running the Responder tool.

-I

./Responder.py -I ens3
sudo john <filename.txt>

hashtag
Audit System Passwords

Run L0phtCrack on the Windows 11 machine. You have the admin credentials (username: Administrator, password: Pa$$w0rd) of a target machine, which is at 10.10.1.22. Find the password of another user, Martin, on the machine at 10.10.1.22.

apple

hashtag
L0phtCrack

  • Open

  • Password Auditing Wizard

  • Windows

  • A remote machine

  • Enter Host IP address, Username, and Password

  • Thorough Password Audit

  • Generate Report at End of Auditing

  • Run the ob immediately

  • Finish

hashtag
Find Vulnerabilities in Exploit Sites

Search for the vulnerability "CloudMe Sync 1.11.2 Buffer Overflow - WoW64 (DEP Bypass)" on exploit-db.com. What is the CVE ID for this vulnerability?

2018-6892

LogoOffSec’s Exploit Database Archivewww.exploit-db.comchevron-right

hashtag
Gain Access to a Remote System

hashtag
Armitage

For this task, use the Parrot Security machine (10.10.1.13) as the attacker’s system and the Windows 11 machine (10.10.1.11) as the target system. Run the Armitage tool from the attacker’s machine to exploit vulnerabilities on the target system. Interact with the target system and use the sysinfo command to find the build number of the target’s operating system.

22000

hashtag
Ninja Jonin

Use the Ninja Jonin to gain access to the Windows Server 2022. Enter the name of the Windows Server machine that is captured in the Jonin console.

Server22

Use the Ninja Jonin to gain access to the Windows Server 2022. Enter the command that should be used to open shell on the target machine, using Jonin console.

cmd

hashtag
Jonin Commands

hashtag
Privilege Escalation

hashtag
Linux: Exploiting Misconfigured NFS

Exploit misconfigured NFS to gain access and to escalate previleges on Ubuntu machine. Enter the command that was used to check if any share is available for mount in Ubuntu machine.

showmount -e 10.10.1.9

Exploit misconfigured NFS to gain access and to escalate previleges on Ubuntu machine. What is the command that is used to view current processes along with their PIDs?

ps -ef

hashtag
Bypass UAC and Exploit Sticky Keys

Exploit Sticky keys feature to gain access and to escalate previleges on the Windows 11 machine. Enter the domain of Windows 11 obtained from sysinfo command in meterpreter session.

WORKGROUP

hashtag
Create Binary

hashtag
Share Binary

hashtag
Create Listener

hashtag
Escalate Privilege

hashtag
Maintain Remote Access and Hide Malicious Activities

hashtag
System Monitoring and Surveillance

hashtag
Power Spy

Use the Power Spy tool on the Windows Server 2022 machine to monitor the target machine at 10.10.1.19. Use the user account Jason, with the password qwerty, to establish a Remote Desktop Connection with the target system. What is the default key combination to put Power Spy in the Stealth mode?

Ctrl+Alt+X

hashtag
Spytech SpyAgent

Use the Spytech SpyAgent tool on the Windows Server 2022 machine to monitor the target machine at 10.10.1.19. Use the user account Jason, with the password qwerty, to establish a Remote Desktop Connection with the target system. Which option will enable you to configure SpyTech Spy Agent to run in the total stealth mode, with all possible logging options preconfigured?

Complete + Stealth Configuration

hashtag
Stealth Mode

hashtag
Hide Files using NTFS Streams

In the Windows Server 2019 machine, use NTFS Streams to hide calc.exe inside the readme.txt file. Flag submission is not required for this task, enter "No flag" as the answer.

No flag

hashtag
Hide Data using White Space Stegnography

On the Windows 11 machine, hide data into a text file using the whitespace steganography tool Snow. Flag submission is not required for this task, enter "No flag" as the answer.

No flag

hashtag
Hide message

hashtag
Unhide message

hashtag
Image Stegnography

On the Windows Server 2019 machine, hide text inside an image using the OpenStego tool. Flag submission is not required for this task, enter "No flag" as the answer.

No flag

hashtag
Tools

  • OpenStego

  • StegOnline

hashtag
Maintain Persistence

Exploit a misconfigured startup folder to gain privileged access and persistence on the Windows 11 machine. What is the command used in this task to elevate previleges in this task?

hashtag
Main Domain Persistence

Exploit Active Directory Objects and adding Martin a standard user in Windows Server 2022, to Domain Admins group through AdminSDHolder. Enter the name of the user that is added into Domain Admins group in this task.

Martin

hashtag
Privilege Escalation and Maintain Persistence

Exploit WMI event subscription to gain persistent access to the Windows 11 machine. Enter the server username that is acquired after exploiting the WMI event subscription.

NT AUTHORITY\SYSTEM

hashtag
Covert Channels

hashtag
Covert_TCP

From the Parrot Security machine, navigate to CEHv12 Module 06 System Hacking\Covering Tracks Tools\Covert_TCP on the machine at 10.10.1.11 and copy the file covert_tcp.c. Compile the code in covert_tcp.c to create a covert TCP channel between the Parrot Security machine (10.10.1.13) and the Ubuntu machine at 10.10.1.9. For the Windows 11 machine, the username is Admin, and the password is Pa$$w0rd. Flag submission is not required for this task, enter "No flag" as the answer.

No flag

hashtag
Start Listener

hashtag
Sender Side

hashtag
Clear Logs and Hide Evidence

hashtag
View, Enable, and Clear Audit Policies

hashtag
Auditpol

On the Windows 11 machine, use Auditpol to enable or disable security auditing on local or remote systems and to adjust the audit criteria for different categories of security events. Which command is used to clear the audit policies?

hashtag
Clear Windows Machine Logs

In the Windows 11 machine, use various Windows utilities such as Clear_Event_Viewer_Logs.bat, wevtutil, and Cipher to clear system logs. Which wevtutil command will clear all system logs (enter the complete command as the answer)?

hashtag
Clear Linux Machine Logs

In the Parrot Security machine, clear the Linux machine event logs using the Bash shell. Which command will disable the Bash shell from saving the history?

hashtag
Hiding Artifacts in Windows and Linux

Use various commands to hide file in Windows and Linux machines. Enter the name of the user that is added in Windows 11 machine in this task.

Test

hashtag
Hide Folder

hashtag
Unhide Folder

hashtag
Create New User

hashtag
Hide User Account

Use various commands to hide file in Windows and Linux machines. Enter the name of the text file that is hidden in Parrot Security machine in this task.

Secret.txt

hashtag
Hide File in Linux

hashtag
Clear Windows Machine Logs

In the Windows 11 machine, use the CCleaner tool located at E:\CEH-Tools\CEHv12 Module 06 System Hacking\Covering Tracks Tools\CCleaner to remove unused files and traces of Internet browsing details. Flag submission is not required for this task, enter "No flag" as the answer.

No flag

hashtag
CCleaner

PreviousSystem HackingNext*️ Malware Analysis

Last updated