Sunday, July 26, 2015

Update nessus from command line [Mac Yosemite]

Very often, I have encountered problems with updating nessus home feed plugins and components. This is the common message from Nessus.



The following commands can be used to update nessus plugins on yosemite, if you fail doing via web interface:

To update plugins:

cd /Library/Nessus/run/sbin
sudo ./nessuscli update

To update plugins and components:

sudo ./nessuscli update --all

To update just the plugins:

sudo ./nessuscli update --plugins-only
Posted by at 1 comment:

Monday, February 9, 2015

Exploiting SSH key based authentication

This is rather be a quick post and intended to be a reference note for me (and you all). 

Recently, I exploited a vulnerability to gain shell of the remote system. Yeah, this is remotely over SSH connection..:) The pre-requisites are:

1. Remote server must have SSH service running.
2. Remote server must have vagrant module installed.
3. Support key based authentication.

To detect server has vagrant module installed, browse http://example.com/vagrantfile. This should give you a pop-up to download a file. Refer here for vagrantfile info.

When vagrant is installed on the box, it creates a default user called vagrant with www rights and accepts incoming connections for the user vagrant having valid keys. The keys are known and can be downloaded from here. To exploit, replace these keys with your public and private keys or use below command:

ssh -i <key_files> vagrant@<remote_server_ip>

And here you go, you gain access to shell instantly and own the box...:)

Happy testing and hacking!!!







 
Posted by at No comments:
Subscribe to: Posts (Atom)