Vern  Greenholt

Vern Greenholt

1598660160

How I hacked into a Telecom Network 

TLDR; Red Team Engagement for a telecom company. Got a foothold on the company’s Network Monitoring System (NMS). Sorted reverse shell issue with tunneling SSH over HTTP. Went full-on Ninja when getting SSH over HTTP. Proxied inside the network to get for internal network scan. Got access to CDRs and VLR with SS7 application.


Recap: Red Team Engagement for a Telecom company. Found interesting subdomain, did a full port scan on that subdomain, found port 12000/tcp, 14000/tcp, and 14100/tcp found a running instance of JBoss (lucky me!), exploited JBoss for RCE, implemented TCP tunnel over HTTP for Shell Stability.


In the previous part, I mentioned the steps I followed to create SSH Tunnels with stealthy SSH access from my server using port 2222/tcp. In this blog post, I’ll show how I used the SOCKS Tunnel for internal network reconnaissance and to exploit internal servers to get access to the CDRs stored in a server.


Situational Awareness (Internal Network)

During the engagement, I was able to create a Dynamic SSH tunnel via TCP tunnel over HTTP, and believe me when I say this, the shell was neat!

Image for post

Moving forward, I then configured the SOCKS tunnel over port 9090/tcp and then connected proxychains for NMap scans.

#hacking #telecom #metasploit #red-team #ss7 #neural networks

What is GEEK

Buddha Community

How I hacked into a Telecom Network 

How I hacked into a Telecom Network

TLDR; Red Team Engagement for a telecom company. Got a foothold on the company’s Network Monitoring System (NMS). Sorted reverse shell issue with tunneling SSH over HTTP. Went full-on Ninja when getting SSH over HTTP. Proxied inside the network to get for internal network scan. Got access to CDRs and VLR with SS7 application.


Recap: Red Team Engagement for a Telecom company. Found interesting subdomain, did a full port scan on that subdomain, found port 12000/tcp, 14000/tcp, and 14100/tcp found a running instance of JBoss (lucky me!), exploited JBoss for RCE, implemented TCP tunnel over HTTP for Shell Stability.


For detailed information, you can check out the following links:

Part 1 — Getting the RCE

Part 2 — Playing with Tunnels: TCP Tunneling

Part 4 — Getting Access to CDRs, SS7 applications & VLRs


DISCLAIMER: This post is quite lengthy so just sit back,be patient and enjoy the ride!

In the previous part, I mentioned the steps I followed and I configured TCP Tunnel over HTTP and SSH port forwarding to access port 22/tcp of NMS server from my server using port 2222/tcp. In this blog post, I’ll show how I implemented SSH Dynamic Tunnels for further network exploitation.


Stealthy SSH Access

When you’re connected to an SSH server, the connection details are saved in a log file. To check these connection details, you can execute the ‘w’ command in *nix systems.

_The command w on many Unix-likeoperating systems provides a quick summary of every user logged into a computer, what each user is currently doing, and what load all the activity is imposing on the computer itself. The command is a one-command combination of several other Unix programs: whouptime, and ps -a. Source: _Wikipedia

#post-exploitation #hacking #red-team #reverse-shell #telecom-network #neural networks

Sival Alethea

Sival Alethea

1624305600

Full Ethical Hacking Course - Network Penetration Testing for Beginners. DO NOT MISS!!!

Learn network penetration testing / ethical hacking in this full tutorial course for beginners. This course teaches everything you need to know to get started with ethical hacking and penetration testing. You will learn the practical skills necessary to work in the field. Throughout the course, we will develop our own Active Directory lab in Windows, make it vulnerable, hack it, and patch it. We’ll cover the red and blue sides. We’ll also cover some of the boring stuff like report writing :).

This course was originally live streamed weekly on Twitch and built from lessons learned in the previous week.
⭐️ Course Contents ⭐️
⌨️ (0:00) - Course Introduction/whoami
⌨️ (6:12) - Part 1: Introduction, Notekeeping, and Introductory Linux
⌨️ (1:43:45) - Part 2: Python 101
⌨️ (3:10:05) - Part 3: Python 102 (Building a Terrible Port Scanner)
⌨️ (4:23:14) - Part 4: Passive OSINT
⌨️ (5:41:41) - Part 5: Scanning Tools & Tactics
⌨️ (6:56:42) - Part 6: Enumeration
⌨️ (8:31:22) - Part 7: Exploitation, Shells, and Some Credential Stuffing
⌨️ (9:57:15) - Part 8: Building an AD Lab, LLMNR Poisoning, and NTLMv2 Cracking with Hashcat
⌨️ (11:13:20) - Part 9: NTLM Relay, Token Impersonation, Pass the Hash, PsExec, and more
⌨️ (12:40:46) - Part 10: MS17-010, GPP/cPasswords, and Kerberoasting
⌨️ (13:32:33) - Part 11: File Transfers, Pivoting, Report Writing, and Career Advice
📺 The video in this post was made by freeCodeCamp.org
The origin of the article: https://www.youtube.com/watch?v=3Kq1MIfTWCE&list=PLWKjhJtqVAblfum5WiQblKPwIbqYXkDoC&index=6
🔺 DISCLAIMER: The article is for information sharing. The content of this video is solely the opinions of the speaker who is not a licensed financial advisor or registered investment advisor. Not investment advice or legal advice.
Cryptocurrency trading is VERY risky. Make sure you understand these risks and that you are responsible for what you do with your money
🔥 If you’re a beginner. I believe the article below will be useful to you ☞ What You Should Know Before Investing in Cryptocurrency - For Beginner
⭐ ⭐ ⭐The project is of interest to the community. Join to Get free ‘GEEK coin’ (GEEKCASH coin)!
☞ **-----CLICK HERE-----**⭐ ⭐ ⭐
Thanks for visiting and watching! Please don’t forget to leave a like, comment and share!

#full ethical hacking #network penetration testing #ethical hacking #full ethical hacking course - network penetration testing for beginners #network penetration testing for beginners

Sival Alethea

Sival Alethea

1624305600

Full Ethical Hacking Course - Network Penetration Testing for Beginners (2019)

Learn network penetration testing / ethical hacking in this full tutorial course for beginners. This course teaches everything you need to know to get started with ethical hacking and penetration testing. You will learn the practical skills necessary to work in the field. Throughout the course, we will develop our own Active Directory lab in Windows, make it vulnerable, hack it, and patch it. We’ll cover the red and blue sides. We’ll also cover some of the boring stuff like report writing :).
⭐️ Course Contents ⭐️
⌨️ (0:00) - Course Introduction/whoami
⌨️ (6:12) - Part 1: Introduction, Notekeeping, and Introductory Linux
⌨️ (1:43:45) - Part 2: Python 101
⌨️ (3:10:05) - Part 3: Python 102 (Building a Terrible Port Scanner)
⌨️ (4:23:14) - Part 4: Passive OSINT
⌨️ (5:41:41) - Part 5: Scanning Tools & Tactics
⌨️ (6:56:42) - Part 6: Enumeration
⌨️ (8:31:22) - Part 7: Exploitation, Shells, and Some Credential Stuffing
⌨️ (9:57:15) - Part 8: Building an AD Lab, LLMNR Poisoning, and NTLMv2 Cracking with Hashcat
⌨️ (11:13:20) - Part 9: NTLM Relay, Token Impersonation, Pass the Hash, PsExec, and more
⌨️ (12:40:46) - Part 10: MS17-010, GPP/cPasswords, and Kerberoasting
⌨️ (13:32:33) - Part 11: File Transfers, Pivoting, Report Writing, and Career Advice

📺 The video in this post was made by freeCodeCamp.org
The origin of the article: https://www.youtube.com/watch?v=3Kq1MIfTWCE&list=PLWKjhJtqVAblfum5WiQblKPwIbqYXkDoC&index=6
🔺 DISCLAIMER: The article is for information sharing. The content of this video is solely the opinions of the speaker who is not a licensed financial advisor or registered investment advisor. Not investment advice or legal advice.
Cryptocurrency trading is VERY risky. Make sure you understand these risks and that you are responsible for what you do with your money
🔥 If you’re a beginner. I believe the article below will be useful to you ☞ What You Should Know Before Investing in Cryptocurrency - For Beginner
⭐ ⭐ ⭐The project is of interest to the community. Join to Get free ‘GEEK coin’ (GEEKCASH coin)!
☞ **-----CLICK HERE-----**⭐ ⭐ ⭐
Thanks for visiting and watching! Please don’t forget to leave a like, comment and share!

#ethical hacking #network penetration testing #full ethical hacking course - network penetration testing for beginners #beginners #full ethical hacking course #network penetration testing for beginners

Vern  Greenholt

Vern Greenholt

1598660160

How I hacked into a Telecom Network 

TLDR; Red Team Engagement for a telecom company. Got a foothold on the company’s Network Monitoring System (NMS). Sorted reverse shell issue with tunneling SSH over HTTP. Went full-on Ninja when getting SSH over HTTP. Proxied inside the network to get for internal network scan. Got access to CDRs and VLR with SS7 application.


Recap: Red Team Engagement for a Telecom company. Found interesting subdomain, did a full port scan on that subdomain, found port 12000/tcp, 14000/tcp, and 14100/tcp found a running instance of JBoss (lucky me!), exploited JBoss for RCE, implemented TCP tunnel over HTTP for Shell Stability.


In the previous part, I mentioned the steps I followed to create SSH Tunnels with stealthy SSH access from my server using port 2222/tcp. In this blog post, I’ll show how I used the SOCKS Tunnel for internal network reconnaissance and to exploit internal servers to get access to the CDRs stored in a server.


Situational Awareness (Internal Network)

During the engagement, I was able to create a Dynamic SSH tunnel via TCP tunnel over HTTP, and believe me when I say this, the shell was neat!

Image for post

Moving forward, I then configured the SOCKS tunnel over port 9090/tcp and then connected proxychains for NMap scans.

#hacking #telecom #metasploit #red-team #ss7 #neural networks

Tech Hub

Tech Hub

1628430590

How to find WiFi Passwords using Python 2021|Hack WiFi Passwords|Python Script to find WiFi Password

Hack Wifi Passwords easily..

https://youtu.be/7MwTqm_-9Us

 

#wifi #python #passwords #wifipasswords #linux #coding #programming #hacking #hack

#wifi #hack #using #python #python #hacking