Skip to content

Lab / Self Study Activities

This week we have looked at shells, and how they can let us talk to a remote server.

For the lab tasks we will put the theory into practice, and use a range of shells for some common tasks.

We have TWO docker stacks this week.

  • The First will let you play with SSH, Netcat and Telnet
  • The Second has various web interfaces available for you to practice dropping shells, and remote code execution.

You can get a copy of the code from the 5063CEM Repo

SSH Stack ( Shells/SSH)

This set of docker images lets you play with the more traditional server based remote shells. It gives you the chance to get comfortable with, telnet, SSH and Netcat.

You can start this stack by navigating to the SSH folder in the GitHub

#Get to wherever your github is
$ cd <github>

$ cd /week2/shells
$ docker-compose up

Activity 1: Telnet

In our introduction to shells, we had a brief look at Telnet and SSH For our first task we are going to connect to a remote server using these tools

Task

Try using Telnet for some Banner Grabbing

  • Download a web page
  • See if you can connect to the SSH service on the Docker box. What is the SSH version.

Activity 2: SSH

We also looked at SSH use the SSH container to try the following

Easytask

  • Connect to the service over SSH with the following Creds
  • user: cueh
  • password: cueh
  • Try running a remote command on the SSH service

Task

Next we want to play with some SSH keys.

  • Create a SSH key pair and add the key to the cueh user on the docker box

While doing some recon, you managed to find the heuc users SSH keys. You can find them in the KEYS_FOR_HEUC folder.

  • Use key to login as the heuc user

Finally, you should also be able to use SSH keys to login as the admin user

  • Use the Exploit to modify the Admin users authorized_keys file (see gtfo.bins)
  • Login as Admin

Activity 3: Netcat

We also looked at using Netcat. We will be using netcat a lot over the course of the module, both for creating shells directly, and for catching web shells.

Task

Try Using netcat to get a shell between machines.

  • Create both Bind and Remote Shells
  • Connect between windows and Linux boxes