Advanced Penetration Testing Notes

Exploit 4

/tikiwiki search metasploit for exploits [view]

By: Nathanf | Related Lesson: Exploitation (part 4) Open Source Vulnerability | Modified: November 14, 2016

exploit 3

Directory traversal, Dump sam files to discover usernames and passwords Directory traversal – can also be done from url index?../../../../../bin.etc if it says save file weve found it otherwise we havent found it WINDOWS/system32/sam Windows/r [view]

By: Nathanf | Related Lesson: Exploitation (part 3) Directory Traversal | Modified: November 14, 2016

exploitation 2

open web interface – phpmyadmin can use sql injection commands   creating a system command shell which accepts a parameter via url,  to sit on the server via sql  run system command    -> select ”<?php system($_GET[’cmd&# [view]

By: Nathanf | Related Lesson: Exploitation (part 2) SQL Commands | Modified: November 14, 2016

exploit 1

cadaver, webDav kali has pre built web shells in different languages   Step 1 – upload a file to server that executes code for you or allows you to execute code (webshell) -upload a file that takes command injection via url query parameters   [view]

By: Nathanf | Related Lesson: Exploitation (part 1) Direct Exploitation | Modified: November 14, 2016

Beginner Pyhton Coding

python  commands for Novice  pydoc.org  [view]

By: cybdon | Related Lesson: Programming (part 4) Python for Port Scanning | Modified: November 13, 2016

Manual command

du kan bruge ”man” command for at få mere information om en command [view]

By: mack643 | Related Lesson: Linux (part 2) Kali Linux Commands | Modified: November 12, 2016

echo command

use echo + String + > file name to write on a file  [view]

By: mohammedmousa | Related Lesson: Linux (part 3) - Directories, myfile and Nano | Modified: November 11, 2016

DNS translate

 fvd [view]

By: Nathanf | Related Lesson: Traffic Capture (part 4) DNS | Modified: November 11, 2016

Meatasploit

#msfupdate #service postgresql start # service metasploit start #  msfconsol msf>help msf> help <command_name> msf>info exploit/windows/smb/ms08_067_netapi [view]

By: MD FARHAD RAHMAN | Related Lesson: Metasploit (part 3) Operation | Modified: November 11, 2016

ARP notes

arp MITM    arpspoof tool -i etho  -t ip1 ip2 -t = target tell system to forward incoming traffic else DOS will occur: cat /proc/sys/net/ipv4/ip_forward   arp poisining?     0 = dont forward incoming traffic 1 = forward incoming traffic to chan [view]

By: Nathanf | Related Lesson: Traffic Capture (part 3) Address Resolution Protocol ARP | Modified: November 8, 2016

« First ‹ Previous 1 103 193 201 202 203 204 205 213 243 Next › Last »

Our Revolution

We believe Cyber Security training should be free, for everyone, FOREVER. Everyone, everywhere, deserves the OPPORTUNITY to learn, begin and grow a career in this fascinating field. Therefore, Cybrary is a free community where people, companies and training come together to give everyone the ability to collaborate in an open source way that is revolutionizing the cyber security educational experience.

Support Cybrary

Donate Here to Get This Month's Donor Badge

 

We recommend always using caution when following any link

Are you sure you want to continue?

Continue
Cancel