Exploiting Rejetto HTTP File Server — Steel Mountain machine TryHackMe
Tags
| attack-pattern: | Exploits - T1587.004 Exploits - T1588.005 Powershell - T1059.001 Python - T1059.006 Server - T1583.004 Server - T1584.004 Software - T1592.002 Powershell - T1086 Sudo - T1169 |
Common Information
| Type | Value |
|---|---|
| UUID | 6e4b748e-d2ae-4447-b002-d9882910e911 |
| Fingerprint | 9ea23951372405c7 |
| Analysis status | DONE |
| Considered CTI value | -2 |
| Text language | |
| Published | July 10, 2023, 12:51 a.m. |
| Added to db | July 10, 2023, 3:28 a.m. |
| Last updated | Nov. 17, 2024, 10:40 p.m. |
| Headline | Exploiting Rejetto HTTP File Server — Steel Mountain machine TryHackMe |
| Title | Exploiting Rejetto HTTP File Server — Steel Mountain machine TryHackMe |
| Detected Hints/Tags/Attributes | 45/1/31 |
Source URLs
URL Provider
RSS Feed
| Details | Id | Enabled | Feed title | Url | Added to db |
|---|---|---|---|---|---|
| Details | 167 | ✔ | Cybersecurity on Medium | https://medium.com/feed/tag/cybersecurity | 2024-08-30 22:08 |
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | CVE | 7 | cve-2014-6287 |
|
| Details | Domain | 1 | rejetto.com |
|
| Details | Domain | 102 | sourceforge.net |
|
| Details | Domain | 55 | exploit.py |
|
| Details | Domain | 74 | adodb.stream |
|
| Details | Domain | 7 | xhttp.open |
|
| Details | Domain | 339 | system.net |
|
| Details | File | 255 | user.txt |
|
| Details | File | 14 | powerup.ps1 |
|
| Details | File | 2 | advanced.exe |
|
| Details | File | 55 | exploit.py |
|
| Details | File | 33 | nc.exe |
|
| Details | File | 1 | c:\\users\\public\\script.vbs |
|
| Details | File | 46 | microsoft.xml |
|
| Details | File | 1 | c:\users\public\nc.exe |
|
| Details | File | 155 | cscript.exe |
|
| Details | File | 1 | c:\users\public\script.vbs |
|
| Details | File | 2126 | cmd.exe |
|
| Details | File | 1 | winpeas.ps1 |
|
| Details | File | 1 | 'winpeas.ps1 |
|
| Details | File | 3 | ascservice.exe |
|
| Details | File | 1 | 'ascservice.exe |
|
| Details | md5 | 1 | b04763b6fcf51fcd7c13abc7db4fd365 |
|
| Details | md5 | 1 | 9af5f314f57607c00fd09803a587db80 |
|
| Details | IPv4 | 1 | 10.10.35.216 |
|
| Details | IPv4 | 1 | 10.10.99.161 |
|
| Details | IPv4 | 619 | 0.0.0.0 |
|
| Details | IPv4 | 1 | 10.8.145.104 |
|
| Details | Url | 1 | http://rejetto.com |
|
| Details | Url | 1 | http://sourceforge.net/projects/hfs |
|
| Details | Url | 1 | http://10.8.145.104:80/ascservice.exe','ascservice.exe |