choupit0
Hello,
2 years ago I created this Bash script for my own (professional) needs:
https://github.com/choupit0/MassVulScan.git
I was looking for a way to quickly and efficiently identify all the ports available on different remote sites connected to the Internet. And I wanted to make sure, at the same time, there was no host that exposed a service with known vulnerabilities (CVE).
Maybe it could help someone on this forum 😉 and it's fully compatible with Pwnbox from HTB.
Script strength
* Automatic installation of all the prerequisites (Debian OS family)
* 2 modes: automatic and Interactive
* Interactive mode: ports to scan, rate level and nmap script
* Extremely fast identification of open TCP/UDP ports (masscan)
* The output is sorted to gather all ports to be scanned by host
* Identification of services and vulnerabilities (nmap + vulners.nse)
* Multiple sessions in parallel, one session per host
* 2 generated reports: a global HTML and a TXT (vulnerable hosts)
About
- Username
- choupit0
- Joined
- Visits
- 1,550
- Last Active
- Roles
- Member
Comments
-
Type your comment> @choupit0 said: > Spoiler Removed ?
-
*Spoiler Removed*
-
Can anyone help me on the root part?.... I'm lost. I try to follow the white rabbit without success...
-
Very interesting box until now!! I'm near the user flag, and without IDE for the Java part :) Not so Insane for the moment for me compare to MulltiMaster but nevertheless I am sweating... It may get tough after certainly... :'( Edit: lol the Boxes…
-
Type your comment> @sparkla said: (Quote) Invitation sent ;)
-
Spoiler Removed
-
Spoiler Removed Serious? Ohh a small sploiler... Bill Joy will not be happy...
-
Rooted. Great machine, yes. A lot of interesting new things for me too. Thank you to @MrR3boot and @MinatoTW :)
-
I got the user (thanks for the nudge @gverre about the s*rial...). NSE vulners could help you to identify the right security issue... After, Google to find an interesting article... but before you have to try different things to find the right pat…
-
You can launch the connection like this: openvpn technicalBitch.ovpn > /dev/null 2>&1 CTRL + Z bg disown -h Your VPN will still UP all the time even after shutting down the shell.
-
Type your comment> @sparkla said: (Quote) Yes, nothing interesting.
-
Type your comment> @sparkla said: (Quote) I found a l******.t*t file also. Concerning the author of the website code, with a link.
-
FYI, sample area (upload file) is functioning with chromimum but not from Firefox for me. I'm using Kali Rolling.
-
For those who use Pwnbox and want to speed up the reconnaissance phase, I created a variant of the Bash script: https://github.com/choupit0/MassVulScan4HTB It quickly and efficiently identify all the ports/services (TCP/UDP) available for a box, a…
-
Spoiler Removed
-
Well said @TazWake :) respect, sharing and learning, they are some important values I think. I find them here too.
-
allo
-
(Quote) Lol, you have the new friend ;) Now you should have the power to create your folder with the right command and drop your cat.
-
Another interesting VM from @egre55 Thanks for your imagination and work :wink: Initial Foothold Credentials are not always necessary... Try to identify the right OS version. After, Google can help you to find your new friend and don't be afraid b…
-
Tip: if you get the message "The system cannot execute the specified program." each time you try to get a rev shell... you have to take the right version of nc64.exe (and think to try all the options of the script found). I lost a lot of t…
-
I read and read again my rp* dump but I don't find any important information...
-
FYI Great tool but sometimes I have this message: Could not start VNC web proxy Several tests are necessary to gain access.
-
Argghhh! This box makes me crazy...The root part is a HELL for me! 🤦♂️ The box is slow, very slow, very very slow.... and at the end I have the same message: Prepare job - Failed 🙄 I am going mad 🤪 Edit: Same thing yesterday night after resettin…
-
Type your comment> @solid5n4k3 said: (Quote) Okay, I confirm too, now with the "other" user connected on d****s is really slow... I understand now.
-
Type your comment> @rholas said: (Quote) I'm using Chromium + VIP US Server and it's functioning correctly for me. Strange what problems people run into or so I am lucky :)
-
Type your comment> @LegendHacker said: (Quote) For me it's fast, I'm on US VIP Servers: edge-us-vip-6.hackthebox.eu
-
Type your comment> @batemaster said: (Quote) -> VIP Servers ;)
-
Type your comment> @PrivacyMonk3y said: (Quote) If you got a shell, you have the right user(s) now, just find a list of passwords...
-
Spoiler Removed
-
Type your comment> @LegendHacker said: (Quote) Check the repository's name where the file is uploaded...
