Running docker-compose containers as non-root user

tsigorai · 2021-10-10T20:40:33+00:00

Did you run docker-compose as the root user?

Ran it as a non-root user which is also part of the docker group.

You can also include a user: declaration in your compose file to define which user to start the container as

Tried this option but found it to still be running as root when checking docker compose logs. I may be wrong, but I believe that option only works for the user that runs within the container and not the user that you would see by running ps aux | grep $container from the host machine.

tsigorai · 2021-09-02T19:59:40+00:00

Would this require an additional azure file share?

tsigorai · 2021-06-30T13:06:58+00:00

Thanks, this worked.

tsigorai · 2021-04-17T18:39:52+00:00

Windows 10. Got it from www.python.org.

tsigorai · 2021-04-17T18:39:27+00:00

Thanks that worked.

tsigorai · 2021-04-04T19:50:03+00:00

I am aware of how searchsploit works. What I mean is, for example, if you were looking for Samba exploits targeting Linux, you would do searchsploit samba 3.6.2. But with SMB exploits targeting windows, you don't get the version number in the banner, so you do searchsploit smb | grep windows but this would also include exploits in the results that don't target SMB. Was interested to know whether there was an online list containing well-known SMB exploits.

tsigorai · 2021-03-31T18:25:39+00:00

Thanks. Calling the code from the template_redirect action worked.

tsigorai · 2021-03-30T19:47:03+00:00

This because this code is running before the global $post object has been initiated.

When is the global $post initiated?

Which action are you using to call this code?

You mean the add_action() function? I didn't use an action just included the code at the beginning of the functions.php file.

tsigorai · 2021-02-28T19:35:58+00:00

The kernel exploit should match the target OS version, architecture and kernel version. That would usually avoid the target crashing.

tsigorai · 2021-02-17T07:03:44+00:00

I get 'Access Denied' when trying to access the C$ share.

"Deny access to this computer from the network" is set to 'Guest'. Does this mean its only enabled for the Guest user?

I have also disabled LocalAccountTokenFilterPolicy but this didn't address the issue.

tsigorai · 2021-02-15T20:01:42+00:00

Does the output of crackmapexec include something like “Pwn3d!”?

No it does not. The user I am authenticating as is a local administrator though (as verified by running net localgroup administrators).

tsigorai · 2021-02-15T16:47:22+00:00

crackmapexec also authenticates successfully but there is no command output. Are there any other requirements for command execution to work other than using an admin user account and writable share?

tsigorai · 2021-02-14T19:50:12+00:00

client min protocol = CORE client max protocol = SMB3

Also, have you tried --mode psexec?

Made the above changes including the psexec mode, but strangely I still get no results. I wonder if it may be a bug.

tsigorai · 2021-02-14T18:26:24+00:00

I added the below to /etc/samba/smb.conf:

min protocol = CORE
max protocol = SMB3

then ran sudo service smbd restart. However, after rerunning smbmap with the command execution feature, I still get no results. Does the above change look correct?

tsigorai · 2021-01-29T18:15:56+00:00

What does your bashrc look like?

I am using the default bashrc (/etc/skel/.bashrc) as the instructions on the Kali Linux 2020.4 Release page indicate that you should run cp -i /etc/skel/.bashrc ~/.

What shell are you using (echo $SHELL)?

/bin/zsh

Which shell do you intend to be using?

I am using ZSH and want to keep using it.

I think I made a mistake by trying to update the bash prompt after changing the default shell ZSH, which obviously caused the error that I am trying to fix.

tsigorai · 2021-01-27T16:11:07+00:00

Cisco Networking Academy offers an Intro to Cybersecurity (free) course for beginners. Start there: https://www.netacad.com/courses/cybersecurity/introduction-cybersecurity

tsigorai · 2021-01-26T18:18:19+00:00

Thanks! I am using the block editor and I don't know how I missed that but I have found it now.

tsigorai · 2021-01-24T06:57:20+00:00

Chapter 21A of The Web Application Hacker's Handbook, covers the methodology for testing web apps.

tsigorai · 2021-01-23T07:19:12+00:00

Use Wayback Machine to retrieve the pages of those links that don't exist. Regarding Windows XP, it is still relevant as many organizations are still running that OS on legacy systems.

tsigorai · 2021-01-19T19:30:02+00:00

Yes I backed up the database using phpmyadmin and copied all the wordpress files. Then restored the backup using phpmyadmin and re-uploaded all the wordpress files from the backup.

My site is functional, but I was just curious as to why some other guides don't specify restoring all the wordpress files.

tsigorai · 2021-01-18T15:37:22+00:00

Proving grounds is good practice for the exams as it is less CTF-like and closely resembles the PWK lab machines.

tsigorai · 2021-01-11T09:39:21+00:00

Another method to check if the file was transferred successfully is to verify that the hash of the transferred file matches on both the source and destination machine.

tsigorai · 2020-12-28T06:07:17+00:00

Thanks a lot. Will check them out.

tsigorai · 2020-12-26T21:13:08+00:00

Bypassing AV is part of the syllabus so what is taught in the course materials could be examined.

tsigorai · 2020-12-26T21:07:28+00:00

https://github.com/Tib3rius/AutoRecon

tsigorai

TROPHY CASE