HackTheBox – Sunday – Brute Forcing

PenTest.WS demonstration hacking the Sunday machine from HackTheBox.eu. This video includes brute forcing the finger and ssh services. John the Ripper is used to brute force a password. Privilege escalation is to use sudo and the wget command to read & write protected files.

2:14 – Downloading the corncob word list
4:18 – Brute forcing the finger service with a custom bash script
8:12 – Brute forcing ssh using hydra
12:02 – John the Ripper brute forcing a shadow.bak file
15:05 – sudo & the wget command for privilege escalation

HackTheBox – Falafel – PTWS Shells Library & Credentials Database

PenTest.WS demonstration hacking the Falafel machine from HackTheBox.eu. This video includes using the Shells Library for quick reverse shells. It also demonstrates using the Credentials Database to track usernames and passwords.

2:00 – Global Service Notes
2:43 – SQLMap
6:37 – PHP Magic Hashes
9:40 – WGet Vulnerability
14:30 – Reverse Shell
16:42 – Privilege Escalation

Private Beta Program Launches

betaAfter nearly a year of development, PenTest.WS is proud to announce the launch of it’s private beta program. This program is currently invitation only. If you would like to join the private beta, please use this form to send an Invitation Code Request.

PenTest.WS has been developed specifically for the penetration tester. This web application has helped at least one pentester achieve the Offensive Security Certified Professional (OSCP) certification. More recently PenTest.WS has been used when attacking machines on the HackTheBox.eu network. Several features have grown organically through this process.

The host discovery & service enumeration processes are now point and click, regardless of where the scan is being conducted from. PenTest.WS uses copy-and-paste to get its commands into the terminal. This means if you can paste it, you can use PenTest.WS’s library of customizable commands to automate these processes.

Importing Nmap’s XML data has been refined and enhanced since initial development began. This process is now more robust and handles a wider array of Nmap versions. The stored XML data is now displayed in an easy to navigate live view rather than a static data dump displayed to the pentester.

While importing Nmap’s data remains a key feature of PenTest.WS, other features have proven to be just as useful. One such feature is the Global Service Notes (GSN). The GSN system is quickly becoming a fan favorite and continues to provide reminders and hints for faster hacking. Additionally, the user defined shell command library now includes more netcat versions and an expanded shell upgrade section.

Perhaps the biggest development over the past twelve months is beginning of a report writing module. Reporting is the deliverable product after conducting a penetration test. It therefor makes sense to include a reporting module in the PenTest.WS web application. Screen captures, code snippets and exploitation instructions can all be included directly into a host’s reporting module.

Future plans for the reporting module include a one-click solution to export these reports into a fully deliverable document at the conclusion of a pentest engagement. This export feature will include a templating engine to provide consistency and branding for the pentester. This feature is being actively developed.

Please drop us a line and let us know if you’re interested in a receiving an Invitation Code.

Development Begins

PentestWS-Logo-01The idea for PenTest.WS grew from a lack of specifically designed organizational tools for penetration testers. After studying the written and video sections of the Offensive Security Certified Professional exam, the decision was made to begin work on a purpose built web application to help manage the large number of hosts & services encountered during a penetration test.

It was important to the vision of PenTest.WS to be more than just a glorified spreadsheet. PenTest.WS will offer shortcuts and automation that only a true web application can provide. Beyond note taking, this system includes copy-and-paste integration with customizable command libraries, global service notes, and a user defined shell command library.

Nmap scans provide a wealth of information. PenTest.WS will automatically import the XML data produced by Nmap and create hosts & services ready to be further explored by the pentester. These Nmap uploads will also be stored within the web app in their full detailed version so that no details are ever lost.

Global Service Notes (GSN) is a unique feature to PenTest.WS that allows the pentester to keep service specific notes about SSH, HTTP, SMB or any other protocol encountered. These notes will be available anytime that service is found during an engagement. GSNs can include general notes about the service or service specific commands that include the target’s IP address and port number.

PenTest.WS can also help the pentester organize captured credentials. These username/password combinations can be entered manually or imported from a .passwd file for a more automated approach. Passwords can then be copied back out of the web application with the click of a mouse. This feature increases the speed and accuracy of typing complicated passwords during an engagement.

Development is just beginning and we’re looking forward to seeing PenTest.WS take shape.

Stay tuned!