choupit0
Hello,
2 years ago I created this Bash script for my own (professional) needs:
https://github.com/choupit0/MassVulScan.git
I was looking for a way to quickly and efficiently identify all the ports available on different remote sites connected to the Internet. And I wanted to make sure, at the same time, there was no host that exposed a service with known vulnerabilities (CVE).
Maybe it could help someone on this forum 😉 and it's fully compatible with Pwnbox from HTB.
Script strength
* Automatic installation of all the prerequisites (Debian OS family)
* 2 modes: automatic and Interactive
* Interactive mode: ports to scan, rate level and nmap script
* Extremely fast identification of open TCP/UDP ports (masscan)
* The output is sorted to gather all ports to be scanned by host
* Identification of services and vulnerabilities (nmap + vulners.nse)
* Multiple sessions in parallel, one session per host
* 2 generated reports: a global HTML and a TXT (vulnerable hosts)
About
- Username
- choupit0
- Joined
- Visits
- 1,698
- Last Active
- Roles
- Member
Comments
-
Type your comment> @pasmx said: (Quote) Yes, very very big...
-
Type your comment> @TazWake said: (Quote) Me too ;) good point from @gtux I tried and it's functionning.
-
Type your comment> @TazWake said: (Quote) -rwxr-xr-x
-
Type your comment> @choupit0 said: (Quote) My bad... I didn't use the good *.opvn file.. so stupid..
-
Type your comment> @choupit0 said: (Quote) Issue solved. My personal drive was somehow corrupted.
-
I hope too... For the IP address, not sure: [email protected]:~/HTB# ip route 10.13.38.0/24 via 10.14.14.1 dev tun0 10.14.14.0/23 dev tun0 proto kernel scope link src 10.14.14.18
-
Type your comment> @TazWake said: (Quote) Same issue for me... I got 10.129.107.58 for Tenet box with OpenVPN. And I'm not able to launch Pwnbox, error Could not mount personal drive (case open)... And I'm VIP+ too... I'm starting to regret it.…
-
Shit, new issue to start the Pwnbox instance: Could not mount personal drive
-
Type your comment> @TazWake said: (Quote) :'D
-
apt-update issue with Pwnbox: rr:1 http://htb.deb.parrot.sh/parrot rolling InRelease The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 363A96A5CEA9EA27 To solve the issue: sudo apt-key adv --keyser…
-
Type your comment> @k1ngPr4wn said: (Quote) One way to find the right path, just put fil--ame="" (empty)
-
Type your comment> @choupit0 said: > Spoiler Removed ?
-
*Spoiler Removed*
-
Can anyone help me on the root part?.... I'm lost. I try to follow the white rabbit without success...
-
Very interesting box until now!! I'm near the user flag, and without IDE for the Java part :) Not so Insane for the moment for me compare to MulltiMaster but nevertheless I am sweating... It may get tough after certainly... :'( Edit: lol the Boxes…
-
Type your comment> @sparkla said: (Quote) Invitation sent ;)
-
Spoiler Removed
-
Spoiler Removed Serious? Ohh a small sploiler... Bill Joy will not be happy...
-
Rooted. Great machine, yes. A lot of interesting new things for me too. Thank you to @MrR3boot and @MinatoTW :)
-
I got the user (thanks for the nudge @gverre about the s*rial...). NSE vulners could help you to identify the right security issue... After, Google to find an interesting article... but before you have to try different things to find the right pat…
-
You can launch the connection like this: openvpn technicalBitch.ovpn > /dev/null 2>&1 CTRL + Z bg disown -h Your VPN will still UP all the time even after shutting down the shell.
-
Type your comment> @sparkla said: (Quote) Yes, nothing interesting.
-
Type your comment> @sparkla said: (Quote) I found a l******.t*t file also. Concerning the author of the website code, with a link.
-
FYI, sample area (upload file) is functioning with chromimum but not from Firefox for me. I'm using Kali Rolling.
-
For those who use Pwnbox and want to speed up the reconnaissance phase, I created a variant of the Bash script: https://github.com/choupit0/MassVulScan4HTB It quickly and efficiently identify all the ports/services (TCP/UDP) available for a box, a…
-
Spoiler Removed
-
Well said @TazWake :) respect, sharing and learning, they are some important values I think. I find them here too.
-
allo
-
(Quote) Lol, you have the new friend ;) Now you should have the power to create your folder with the right command and drop your cat.
-
Another interesting VM from @egre55 Thanks for your imagination and work :wink: Initial Foothold Credentials are not always necessary... Try to identify the right OS version. After, Google can help you to find your new friend and don't be afraid b…
