随笔分类 - 学问
摘要:Metasploit Attack Target Server: IE8 on WinXP 1.Start the Metasploit. 2.Select 2)Website Attack Vectors. 3.Select 1)Java Applet Attack Method. 4.Selec
阅读全文
摘要:Metasploit Target Server: Kioptrix Level 1 (1) Start the Metasploit on Kali Linux. (2) Set the module and options. (3)Exploit the Kioptrix Level 1 ser
阅读全文
摘要:File transfer type: 1. HTTP Transfer files through the website. 2.wget 3.FTP python FTP (1)Install python FTP on the Kali Linux. (2)Move to the target
阅读全文
摘要:Remote File Inclusion[RFI] Prepare: Download the DVWA from the following website and deploy it on your server. http://www.dvwa.co.uk/ Install XAMPP an
阅读全文
摘要:Local File Inclusion[LFI] Target Pentester Lab: Download from the following website: https://www.vulnhub.com/entry/pentester-lab-php-include-and-post-
阅读全文
摘要:SQL Injection[SQLi] Refrence: SQL Injection Authentication Bypass Cheat Sheet https://pentestlab.blog/2012/12/24/sql-injection-authentication-bypass-c
阅读全文
摘要:Cross-Site Scripting(XSS) 1. Using the tool - netdiscover to find the IP of target server. 2.Browser the website http://10.0.0.21 through Firefox. 3.
阅读全文
摘要:Installing XSS&MySQL FILE Download the Pentester Lab: XSS and MySQL FILE from the following website: https://www.vulnhub.com/entry/pentester-lab-xss-a
阅读全文
摘要:Tool: Metasploit 1. Start the msfconsole tool. 2.Search ssh related modules. 3.Use the "auxiliary/scanner/ssh/ssh_login" module and set the options, s
阅读全文
摘要:Tools: 3. hydra Hydra v8.9.1 (c) 2019 by van Hauser/THC - Please do not use in military or secret service organizations, or for illegal purposes. Synt
阅读全文
摘要:Pre-Exploit Password Attacks Tools: 1. ncrack Ncrack 0.6 ( http://ncrack.org )Usage: ncrack [Options] {target and service specification}TARGET SPECIFI
阅读全文
摘要:Antivirus Bypassing Tools: Kali Linux Detection Platform: https://www.virustotal.com/gui/home/upload 1. 2. 3.
阅读全文
摘要:Java Applet Attacks Download virtual machines from the following website: https://developer.microsoft.com/en-us/microsoft-edge/tools/vms/ 1. Reset the
阅读全文
摘要:Client Side Attacks Tool: setoolkit 1. Start setoolkit on Kali Linux. 2. Select 1) Social-Engineering Attacks 3. Select 2)Website Attack Vectors. 4. S
阅读全文
摘要:Modifying Shellcode 1. Search “vulnserver exploit code” on the Internet. Find the following website: http://sh3llc0d3r.com/vulnserver-trun-command-buf
阅读全文
摘要:Compiling an Exploit Exercise: samba exploit 1. Search and download the samba exploit source code from Exploit Database. https://www.exploit-db.com/ex
阅读全文
摘要:Gaining Root with Metasploit Platform: Kali Linux, Kioptrix Level 1 1. Find the IP of Kioptirx 2. Scan the Kioptrix server and analyst the result. 3.
阅读全文
摘要:Generating Shellcode & Gaining Root 1.Generate the shellcode on Kali Linux. LHOST is the IP of Kali Linux. 2. Write the exploit.py and chmod the 777 r
阅读全文
摘要:Finding the Right Module(mona) Mona Module Project website: https://github.com/corelan/mona 1. Download mona.py, and drop it into the 'OyCommands' fil
阅读全文
摘要:Finding Bad Characters 1. Find the bad charaters in the following website: https://bulbsecurity.com/finding-bad-characters-with-immunity-debugger-and-
阅读全文
浙公网安备 33010602011771号