boris/G4G0-2
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

vault backup: 2024-12-01 23:50:59

Browse Source
This commit is contained in:
boris
2024-12-01 23:50:59 +00:00
parent a98ccc88d0
commit 13615cfb79
44 changed files with 1282401 additions and 53 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
Penetration Testing/Assessment/.~lock.Penetration Testing Assignment 1 Stage 1 00677611.docx# Normal file
View File

@@ -0,0 +1 @@
,boris,boris-ThinkPad-T480,01.11.2024 14:15,file:///home/boris/.config/libreoffice/4;

BIN
Penetration Testing/Assessment/Penetration Testing Assignment 1 Stage 1 00677611.docx Normal file
View File

Binary file not shown.

BIN
Penetration Testing/Assessment/Penetration Testing Assignment 1 Stage 1 00677611.odt Normal file
View File

Binary file not shown.

21
Penetration Testing/Assessment/Stage 1 - RoE.md Normal file
View File

@@ -0,0 +1,21 @@
- “Scope” - describe what you intend to do and what you are aiming to find
- “Permission to test” - outline why you believe this is a legal and ethical thing for you to
do in this assignment (or describe if you have to do it in a particular way in order to make
sure you stay legal and ethical even if this will limit the amount of information that you
are able to find
| Action No | Scope: Summary of Intention | Permission to Test: Outline of Legal and Ethical Justification | Allow/Reject |
| --------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ |
| 1 | I would use WHOIS / Recon-NG to find website registrar identities and the ASN of the company. This would provide me with a list of identities, and their emails, that may have access to infrastructure, or elevated permissions. | I believe this is legal as WHOIS is a public database of registrar information. No information found through WHOIS is sensitive, and has been published by the company, rather than found - no ethical issues with WHOIS | |
| 2 | I would use dig or nslookup to find IPs of webservers and mailservers, TXT records, CNAME recs, etordc. This would provide vital information about the company's infrastructure and layout of their webserver. | I believe this is legal as dig / nslookup does not access the server, but rather uses public DNS information from ex. Cloudflare. Since this information is registered voluntarily by the company, and anybody can find it from simply loading the webpage or through a DNS request, I see no ethical issues with the use of dig / nslookup. | |
| 3 | I would use Google Dorking to find any pages that may contain useful information. Finding information like meeting minutes, mailing lists, etc. could contain sensitive information - I should exercise caution with information found. This likely will find a lot of information I could use to further the investigation. | I believe this is legal, as all information found through Google Dorking is provided through a public index of information on a search engine for anybody to find; there is no contact with the company therefore no Computer Misuse. If sensitive data is found, as long as PII is protected and stored anonymised and encrypted, there should be no ethical issues with information found. | |
| 4 | I would use theHarvester to find email addresses of employees or users. theHarvester could also find IP addresses owned or rented by the company not found when using dig / nslookup. | I believe this is legal since the information gathered from theHarvester is gathered from interacting with public search engine indexes. No information gathered from theHarvester is sensitive, since it is information used in the public domain - therefore should be ethical. | |
| 5 | I would use BGPView and HE's BGP Toolkit to verify IP addresses are within the scope of the company's ASN, found in the WHOIS lookup. This would provide me with the address range rented or owned by the company, potentially revealing useful information about clients | I believe this is legal, since ASNs are announced in the public space, along with address ranges. There is no interaction with the company or it's servers. No sensitive information is revealed directly from knowing address ranges or AS number, which should make this ethical. | |
| 6 | I would use Shodan to obtain insight into IPs within scope. This could give detailed results regarding connected devices that may be public-facing, however this may be unlikely. | I believe this is legal, since Shodan is a crawler and can only find devices that have been (intentional or not) configured to be public-facing, since Shodan is exclusively a tool to find devices using an obscurity model for their security. I see no ethical issues by using Shodan outside of mishandling of PII if sensitive information is found by using it. | |
| 7 | I *could* use Intelx / Phonebook.cz and HaveIBeenPwnd to find breaches employees have been involved in. This could provide information on login details, or even just provide information on employees that otherwise would be unknown. For example, in these leaks, information like a person's car, home address, accounts registered with their email, and much more can be found. | I believe this is legal, since the sources are public information, regardless of how they are obtained by the breacher since they are on clearweb and indexed publicly. The only legal issue related to obtaining this data is redistribution, and as long as PII is protected, there is no law that limits possession of data found in breaches. However, it's usage heavily effects the ethicality of obtaining this data; it's usage in most ways when unauthorised is at worst illegal, and at best immoral. Realistically in this scope it is best used as a tool to gain information on employees, rather than obtain credentials or sensitive personal information. | |
| 8 | I would use robots.txt to find pages the company may not want indexed, not being found by Google Dorking. This may provide information on where to start looking, but may also not be useful. | I believe this is legal, as the robots.txt file has been chosen to be given to the user from the webserver. It is not hidden or even accidentally advertised. Since the company has voluntarily made the file public, there are no ethical issues regarding using this information. | |
| 9 | I would use the Google Hacking Database to find any potential exploits in services used on the webserver. This could provide information on potential entrypoints that could be found in later stages. | I believe this is legal, as GHDB is a collection of known exploits and vulnerabilities, no interaction is made directly or indirectly with the company, only knowledge of their services is required, which is public information. I believe this is ethical as these exploits are public knowledge, and any vulnerabilities found should be protected against by the company. | |
| 10 | I could use social media pages after information about employees have been found. This could be turn out with invaluable knowledge about employee habits, aiding the social engineering aspect | I believe this is legal, as there are no laws protecting people from searching others on social media - it is all voluntarily published publicly forever. I believe this is ethical, as no sensitive information should be published anywhere on social media, all information should be inconsequential individually, more used to build upon other methods included in RoE. | |
| 11 | | | |

46
Penetration Testing/Week 11/Lecture 11 - Enumeration.md Normal file
View File

@@ -0,0 +1,46 @@
Collection of detailed information about a target system, ex OS, infra
After compromising, attackers perform enumeration to learn more about host, ex. location on lan, functionality (hostname, interfaces, routes, services.).
Gathering info ex. usernames, machine names, share names, directory names, os details, network infra, printer names, webserver details, etc.
Key component of ethical hacking and pentesting.
# Enumerating Windows System
- ipconfig - list interfaces, gateways, if mac addresses, ip addresses
- /all - list additional info about if
- /displaydns - show dns cache
- arp -a - display arp cache
- netstat -ano - list all connections on a specified port
- route print - display routing table
- net start / net stop - start / stop running service
- netsh - firewall rules
- netsh firewall set opmode disable - turn off firewall
- tasklist - enumerate all services running on host
# Enumerating Linux System
- ifconfig - similar to ipconfig, more explanatory
- pwd - print working directory
- ls - list items in directory
- find - find items
- who/last - displays currently logged in users
- whoami - displays information about current user
- uname - display kernel info
- touch - create empty file
- cat /etc/passwd - enumerate local users
- cat /etc/host - show hosts file
- cat /etc/group - enumerate all local groups
- cat /etc/resolv.conf - locate name servers on local machine
# Enumerating with Meterpreter
- sysinfo - gets info such as OS and name
- route - view / modify routing table
- ps - list processes
- getuid - get current uid
- getpid - get current process id
- cd - change directory
- cat - read and stdout contents of file
- ls - list items in directory
- enumdesktops - list all accessible desktops
- screenshot - grab screenshot of meterpreter desktop
- idletime - checks how long target has been idle

37
Penetration Testing/Week 7/Lecture 7 - Vulnerability Scanning.md
View File

@@ -0,0 +1,37 @@
# Classes of Vulnerabilities
- Design: Weaknesses in Software Specifications
- Implementation: Technical security bugs found in code
- Operational: Improper config and deployment of system in environment
Operational Vulnerability is likely the worst
# Types of Vulnerabilities
- Local Vulnerability: attacker requires local access to trigger the vulnerability - using a malicious piece of code attacker could escalate access privileges.
- Remote Vulnerability: attacker has no prior access to system - executing a malicious piece of code over the network could give attacker access.
# Quantification of Vulnerabilities
CVSS: Common Vulnerability Scoring System
- Uses principle characteristics of a vulnerability to produce a numerical score reflecting severity. Can be translated into qualitative representation (low->critical) to help organisations assess and prioritise vulnerability management processes
- https://www.first.org/cvss
# Attack Patterns
CAPEC: Common Attack Pattern Enumeration and Classification
- Catalogue of common attack patterns that helps users understand how adversaries exploit weaknesses in applications and other capabilities.
- https://capac.mitre.org/
# Search for Vulnerabilities
- https://cvedetails.com
# Vulnerability Scanning
- Process of using automated tools to discover and identify vulnerabilities in a network
- Range from simple scripts to commercial software engines that scan for thousands of vulnerabilities
- Can generate alot of traffic, and may result in denial of service on many devices.
## Nessus

12
Penetration Testing/Week 7/Workshop 7 - ping and traceroute.md Normal file
View File

@@ -0,0 +1,12 @@
## Cogent Frankfurt -> remote.salford.ac.uk
Cogent [AS174](https://bgp.he.net/AS174)
Arelion [AS1299](https://bgp.he.net/AS1299)
JISC (Salford Edge) [AS786](https://bgp.he.net/AS786)
remote.salford.ac.uk (Announced by JISC) [AS786](https://bgp.he.net/AS786)
## Hetzner -> remote.salford.ac.uk
Hetzner [AS24940](https://bgp.he.net/AS24940)
core-backbone [AS201011](https://bgp.he.net/AS201011)
LINX London [AS3491](https://bgp.he.net/AS3491)
JISC (Salford Edge) [AS786](https://bgp.he.net/AS786)
remote.salford.ac.uk (Announced by JISC) [AS786](https://bgp.he.net/AS786)

18
Penetration Testing/docker-compose.yml Normal file
View File

@@ -0,0 +1,18 @@
services:
nessus:
image: tenable/nessus:10.7.2-ubuntu
restart: unless-stopped
container_name: nessus
volumes:
- /etc/localtime:/etc/localtime:ro
- ./nessus/etc/:/opt/nessus/etc/nessus/:rw
- ./nessus/var/:/opt/nessus/var/nessus/:rw
environment:
UID: 1000
GID: 1000
USERNAME: boris
PASSWORD: boris1!
ACTIVATION_CODE: BRUZ-CSTS-CGAX-VJYB-LZAD
ports:
- 8834:8834

BIN
Penetration Testing/nessus/etc/nessus-fetch.db Normal file
View File

Binary file not shown.

191
Penetration Testing/nessus/etc/nessusd.conf.imported Normal file
View File

@@ -0,0 +1,191 @@
#
# Configuration file of the Nessus Security Scanner
#
# Any line starting with a '#' is a comment and will be
# ignored by the Nessus Scanner
# Automatic plugins updates - if enabled and Nessus is registered, then
# fetch the newest plugins from plugins.nessus.org automatically. Disable
# if the scanner is on an isolated network not able to reach the Internet.
auto_update = yes
# Number of hours to wait between two updates
auto_update_delay = 24
# Maximum number of simultaneous hosts tested :
max_hosts = 100
global.max_hosts = 1499
# Maximum number of simultaneous checks against each host tested :
max_checks = 5
# Log file :
logfile = /opt/nessus/var/nessus/logs/nessusd.messages
# The maximum number of log files kept on disk.
# If the number exceeds the value, the oldest log file will be deleted.
logfile_max_files = 100
# Specifies the type of log file rotation applied to the Nessus Log File.
# Can be 'size' or 'time'
logfile_rot = size
# Specifies the maximum size of the log file in megabytes (MB).
# If file size exceeds the maximum size, a new log file will be created.
# This only applies if logfile_rot is set to 'size'
logfile_max_size = 512
# Specifies how many days between log rotations.
# Every time this amount of time has elapsed, since the service started, a new log file will be created.
# This only applies if logfile_rot is set to 'time'
logfile_rotation_time = 1
# Web Server (user interface) log file :
www_logfile = /opt/nessus/var/nessus/logs/www_server.log
# Shall we log every details of the attack ? (disk intensive)
log_whole_attack = no
# Dump file for debugging/errors output
dumpfile = /opt/nessus/var/nessus/logs/nessusd.dump
# The maximum number of dump files kept on disk.
# If the number exceeds the value, the oldest dump file will be deleted.
dumpfile_max_files = 100
# Specifies the type of log file rotation applied to the Nessus Dump File.
# Can be 'size' or 'time'
dumpfile_rot = size
# Specifies the maximum size of the dump file in megabytes (MB).
# If file size exceeds the maximum size, a new dump file will be created.
# This only applies if dumpfile_rot is set to 'size'
dumpfile_max_size = 512
# Specifies how many days between dump file rotations.
# Every time this amount of time has elapsed, since the service started, a new dump file will be created.
# This only applies if dumpfile_rot is set to 'time'
dumpfile_rotation_time = 1
# Rules file :
rules = /opt/nessus/etc/nessus/nessusd.rules
# CGI paths to check for. Supports colon delimited list
# e.g., cgi-bin:/cgi-aws:/
cgi_path = /cgi-bin:/scripts
# Range of the ports the port scanners will scan :
# 'default' means that Nessus will scan ports found in its
# services file, 'all' will scan 1-65535 or can specify
# commad-delmited ports or ranges of ports.
port_range = default
# Allow post scan editing (this can be defined in the policy) :
allow_post_scan_editing = yes
# Read timeout for the sockets of the tests :
checks_read_timeout = 5
# Ports against which two plugins should not be run simultaneously :
# non_simult_ports = Services/www, 139, Services/finger
non_simult_ports = 139, 445, 3389
# Maximum lifetime of a plugin's activity (in seconds) :
plugins_timeout = 320
# Safe checks rely on banner grabbing :
safe_checks = yes
# Automatically activate the plugins that are depended on
# If disabled, not all plugins may run despite being selected
# in a scan policy.
auto_enable_dependencies = yes
# If enabled, the list of plugin dependencies and their output
# are not included in the report.
silent_dependencies = yes
# Save the knowledge base on disk :
# Can admin users upload plugins?
plugin_upload = yes
# If this option is set, Nessus will not scan a network incrementally
# (10.0.0.1, then 10.0.0.2, 10.0.0.3 and so on..) but will attempt to
# slice the workload throughout the whole network (ie: it will scan
# 10.0.0.1, then 10.0.0.127, then 10.0.0.2, then 10.0.0.128 and so on...
slice_network_addresses = no
# IPv4 address to listen for incoming connections :
listen_address = 0.0.0.0
# Source IPs to use when running on a multi-homed host. If multiple
# IPs are provided, Nessus will cycle through them whenever it performs
# a new connection
#source_ip = 192.168.0.1,192.168.0.2
# Port for the Nessus Web Server to listen to (new XMLRPC protocol) :
xmlrpc_listen_port = 8834
# XMLRPC Idle Session Timeout (in min) :
xmlrpc_idle_session_timeout = 30
# Make sure compatible SSL ciphers are available when connecting to port
# 8834. Supports general OpenSSL designations as listed at
# http://www.openssl.org/docs/apps/ciphers.html.
#ssl_cipher_list = compatible
# Minimum TLS version for the web server :
ssl_mode = tls_1_2
# Disable the new XMLRPC (Web Server) interface :
disable_xmlrpc = no
# Should consider all the NASL scripts as being signed ? (unsafe if set to 'yes')
nasl_no_signature_check = no
# nasl engine output (in nessusd.dump) : none or normal
nasl_log_type = normal
# Network performance settings (These settings should not be changed unless you
# are absolutely sure you know what they do and how it may impact scan activity!)
# If set to non-zero, this defines the maximum number of scans which may take place in parallel :
global.max_scans = 0
# If set to non-zero, this defines the maximum of (web) users who can connect in parallel :
global.max_web_users = 1024
# Maximum of simulteanous TCP sessions between all scans :
#global.max_simult_tcp_sessions = 2000
# Maximum of simulteanous TCP sessions per scan :
#max_simult_tcp_sessions = 200
# Maximum of simulteanous TCP sessions per scanned host :
#host.max_simult_tcp_sessions = 20
# Reduce the number of TCP session in parallel when the network appears to be congested :
reduce_connections_on_congestion = no
# Stop scanning a host which seems to have been disconnected during the scan :
stop_scan_on_disconnect = no
# Kill a paused scan after how many minutes (0 for no timeout)
#paused_scan_timeout = 240
# Anonymously report crashes to Tenable. We encourage this to be
# enabled in order to better debug issues and provide the highest
# quality software possible. ** No personal or system identifying
# information is sent. **
report_crashes = yes
# Memory usage
# You can choose between a lower memory usage ('low') but possibly lower performances
# or a higher memory usage ('high') and better performance. If you use Nessus on a
# dedicated system, put 'high' here. Otherwise, put 'low'.
# Note that putting 'low' will increase the disk usage
qdb_mem_usage = low
# EOF

BIN
Penetration Testing/nessus/etc/nessusd.db Normal file
View File

Binary file not shown.

28
Penetration Testing/nessus/var/CA/cakey.pem Normal file
View File

@@ -0,0 +1,28 @@
-----BEGIN PRIVATE KEY-----
MIIEvwIBADANBgkqhkiG9w0BAQEFAASCBKkwggSlAgEAAoIBAQDMQq+dp3bZHTi0
pxlKj4etnFHz3TL8E6nL1XjW/5zpG9dKCIXtQ0lLgcrgvw+mFvTU/3XJKx4rXidB
bKZMMcyVe/JRlETD+y/UyGYNS3+ETnHxt4A/bQELW64Hq8OhlDqk8ZaGwY1j6njP
OO+poVA+UIsnkFo8F/COMFZeDMSQTK2NAole5La8iVRWO+6FF/Q1+ZEAq38ZAHiA
rdkYGTSxgeLkaKDACf5iVJIU0yAiezVXeTc8CwhOKeuP1kVOdGJeOHpV8uWx113n
yLyzqnOm2LIPM9HHja5OFHMl8ChaBP1u+pEow7/4rnKs3j1Ytc9AjdSbp+UQwsk2
e4FB6Z/hAgMBAAECggEAA/oYaT1ldvy2qe3G9EivH5Y3kkPwRjAr0igp3iXD7FX6
bxqTYPc6ahnw1UdjCpzPz4XZyTzprXZ71S5EXp9pmE99fFEitZ4iZEYylnet1+mf
FlG4UYPRzWLPlJ6nhHHaYnPBtoX2NsfN6lr1b5wQb+Ypj2+kEh91M4+FXvdorFaI
8kuk4LViK2FSc+TlD0yAfH5M9rHE5rmq6ylJhIhdLjTDJ3imOuACnMAXbRt4ePLr
E0bMllOCLwwk1N6h5DRmPOdeVUAXbtAurgqyplwc0MPW2ZnpZ3j1/5KVCJjwKXvP
EQJer21W9yfjW6uQAui8DH12PVYE5H0WVJdB6bGXsQKBgQDqKh1IA5RNIBlWTvGF
UeS4wiAY1hfZRJxPGCTrpoaG7dTCaoBbNXoggTCMAh8lbUyE+JaAk8RXDTmMkuo9
4zorCJf3J0mLI5GRhs9Rj0YaNJofwAHMt8jFV0egBL7PYJnPTSv//9WFDs+wHtzN
6FhPqq/27j9a9y7gPbUglw7E0wKBgQDfTrbgLrj2swJ7xziQe+o/Q/FAl/jYSdgy
EdKfPDrcmMDqqUtw+NvOeq4FB7BzzWE9+WS/Qlaj5pdRJFo4musUkLC3OJuS83dB
GUZSDV4YRF6/w2f8wkEA7qiXGy38MzR/0t97IbP4NLu/buyiTbUuSVNJdGDeqaHK
I8qwujOn+wKBgQDOBReWEHAeGyuvn+0m2xJc647JyzNYWOEdRaTWH8EkXYNfOcyM
ctRsXL2VsRguGafFJeFkZp3L6TrEz01//bdjvT/Wl55A6J5eZzloDKIk1Dr1zDzJ
HLlrxoqh4wrt8ZPhq4gWx8PYOVvJHJ4wG0f3b7k5jAv5wJhhemktrzmzOQKBgQCs
cwpRWGOoyJdLZY9uLPO6hcqimnom9egKyq7AH/BI+YJJ9hF3ngeJjj4jTkvbMik9
hgJinWVxT5tdo1g1TJXsnMyLwiCKvJBE6rLenMokrXAKYWpFzPIMOUJi5y99C0Io
0H2bhmyIapju/keqE56urxutpz1D1vZFt5xJHJLVzwKBgQCOTlmnXcivqBMoItyy
kksyXlXjIOJk6NDAthKCuYG5nBVczmzJSx+/Z5C6VjV2oqvYCQL9HK8ThBgapRXC
4IWL39M5PcyXrJq+8TBLtKn7Orq92J6Jt45GYNs8hw+vEAUV72wxsIPkJkoYqVlN
EijnnvuHcHJMWJb10IWX+m2hAA==
-----END PRIVATE KEY-----

28
Penetration Testing/nessus/var/CA/serverkey.pem Normal file
View File

@@ -0,0 +1,28 @@
-----BEGIN PRIVATE KEY-----
MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQDoFSb23jHqXyzA
jmmedP4unwmea1MyWKOn9ylnSJT+yMPhgHIxr9bgGr9aS2uZRtbn/YbLI0+eg9w3
KDTeIhi8cETKnMNPL3EaXqntmNoDLeweTq8vayCqKRofTFCoSeRbvEQ2LdF79k8M
6BfWcTqN3ZR7vdAkm7kJVVa0AExJ7fXn/kGA876vQpWut5gAvWKi9Xa7w61cgO/X
LCAAS4ptl+81Y7FJuDFaERJBe/lPYox+SrQObSxLyafWhOpEOZFy7yE06Xu5WA68
V28oxpTWPAEfcs0R2On1fKpLSHpS7EpsDSm08h8Dzpgg7JKp9VMoKufKJuhlOIDV
OFpBCt8NAgMBAAECggEAMySGI5yvT0CN8hjv+XU6ljeBvSFVgiC6X8c9nn8GJmdD
kyvk/kILjfMW++Tm3y4XKaRa0eUEJKBWJOl9TP4iiVQMNMH64DZKLE90DuHCGTVD
dSJNxJtM5XKNSRxeIde2tOh196J9KV4L6YIzzpPBHYYYtHQNrCOM0Ru3MY9nQFr+
hzqc2Sn+UmXVc6ABbVyOGEPR0Xq1BNuio1t1K+F1+gZ8oAsBIuPLN0RStUDMocyt
UyIE32Q89fHxo8II9vM4dxlSbeye1zOfTHqeklEWprYn8J2FCUqL7ekOHmapKP6b
XaJJua4BEZE0AFTEOu2ezI299PdZMB0vsnp+LwTMgQKBgQD3MDiU1hEvA/fWT3dx
AdG0PphRtQAq3pjxU85aKhJZDygHFxaQhcwbFe3CFQprX0H8fRyS/hOjehfgncf1
EIprR4ZhHx5/mTa30IxTfYBsZwQ2xcjkS3LK02c68xXx1I/aeg6Fvg8l6rKAbN0g
qab3wgUMJuNtdsLi3uAaLB12MQKBgQDwWxR7tkkiJoVaRansQ0XPaz46mAB6hdX+
UXvBhfvmCswbMg4Ak56xa+NSjnEqoDr0Vms2ju4Ad4YJoPkkjGrqAGjUYIr67Fyk
Ydm7L+gWEuLe+EAydzTJOXb2mqgHhleJ20anuRAXIjdT1qXk8Ubqup7rAu0CeX8D
5KaWfL/TnQKBgG6g+0HJiMlE+l/FEwzVppgHx74RxvBozYR8YIdD+xA201BRCf1G
lHGu38kUB6TEblDlYat74SgyFYumsf5BF+Ipkb/X4Jt04+Nih9s5+QcLF/y3ilB6
X/bcpH/imXixDGzYYbWDuV3b62XE0zayFxMdl4q3wOOV2mUVILE1+z2RAoGBAKF2
7im1aSfR7N+Z0O7wumL+zk0ac6fbZMh2AMcetPvy4O6cD5//iynxKkL5gbh671/Y
9ikul2Ak6xxo0TXmRqRwJfwV5wdt5UZgnZ4MLsM1aMcUyjucrQ9I1UwQ1TRI4WGw
tqRRxCdmSvi9R7CnDVb+i2ehDYsOB2+cGPUbVNpZAoGADq0RxXhlL1fNisaXeKbl
AY0N+tZkerdiQB86uDHUJNStrpaNWfbDdLTvjatOiS+7iRanY09UgF/lYJDslo9x
Ouxc4XmiMxR8gsVdBbax1ge6GLBmCpvZxkQo3lZ0+tftiNqQJr1LM2LlHFeOudxa
EGM21HBZ+cwAaoS4C7cXgt0=
-----END PRIVATE KEY-----

259453
Penetration Testing/nessus/var/logs/nessusd.dump Normal file
View File

File diff suppressed because it is too large Load Diff

1021788
Penetration Testing/nessus/var/logs/nessusd.messages Normal file
View File

File diff suppressed because it is too large Load Diff

1
Penetration Testing/nessus/var/nessus-service.pid Normal file
View File

@@ -0,0 +1 @@
19033

1
Penetration Testing/nessus/var/nessus-service.version Normal file
View File

@@ -0,0 +1 @@
19.8.2

1
Penetration Testing/nessus/var/nessusd.pid Normal file
View File

@@ -0,0 +1 @@
19226

1
Penetration Testing/nessus/var/uuid Normal file
View File

@@ -0,0 +1 @@
695249bd-906e-86ff-fad0-96061ebf06a0d3d9a156edb27a23