Latest notes for PenTesting- MrLeet


MrLeet provides materials allowing anyone to gain practical hands-on experience with digital security, computer applications and network administration tasks.

Once a meterpreter shell is obtained on a system a larger range of options is available to the Penetration Tester for accessing the system. In a hypothetical scenario the victim is running a vulnerable mail server on port 25, and we have a remote exploit we wish to use against it. Unfortunately for us it’s behind a firewall. After getting a meter...


Score: 0


Port forwarding can be one of the more confusing aspects of pivoting between machines and networks. Both remote and local SSH forwarding can be even more confusing in the sense it matters who is initiating the connection, and who the destination server is. I’ll run through local port forwarding here, and in a seperate page, cover remote forwardin...


Score: 0


Port forwarding can be one of the more confusing aspects of pivoting between machines and networks. Both remote and local SSH forwarding can be even more confusing in the sense it matters who is initiating the connection, and who the destination server is. I’ll run through remote port forwarding here, and in a seperate page, cover local forwardin...


Score: 0


SSH is fantastic for port redirection in a lot of cases, but what if you want to set up a redirection of incoming and outgoing ports without the hassle of setting up SSH servers? Rinetd is a great program that will let you do this.

Tool
Rinetd –
[Linux Download] http://www.boutell.com/rinetd/http/rinetd.tar.gz
[Windows Download] http://www...


Score: 0


Enumeration is the key.
(Linux) privilege escalation is all about:

Collect - Enumeration, more enumeration and some more enumeration.
Process - Sort through data, analyse and prioritisation.
Search - Know what to search for and where to find the exploit code.
Adapt - Customize the exploit, so it fits. Not every exploit work for every system ...


Score: 0

By: ajayverma 2019-05-30 12:50:34

#!/bin/bash
#A script to enumerate local information from a Linux host
version="version 0.96"
#@rebootuser

#help function
usage ()
{
echo -e "\n\e[00;31m#########################################################\e[00m"
echo -e "\e[00;31m#\e[00m" "\e[00;33mLocal Linux Enumeration & Privilege Escalat...


Score: 0


#!/usr/env python

###############################################################################################################
## [Title]: linuxprivchecker.py -- a Linux Privilege Escalation Check Script
## [Author]: Mike Czumak (T_v3rn1x) -- @SecuritySift
##----------------------------------------------------------------------------------...


Score: 1


In pen testing a huge focus is on scripting particular tasks to make our lives easier. As a result I need to call special attention to some fantastic privilege escalation scripts at pentest monkey and rebootuser which I’d highly recommend.


LinEnum
http://www.rebootuser.com/?p=1758
This tool is great at running through a heap of things you ...


Score: 0


The windows passwords can be accessed in a number of different ways. The most common way would be via accessing the Security Accounts Manager (SAM) file and obtaining the system passwords in their hashed form with a number of different tools. Alternatively passwords can be read from memory which has the added benefit of recovering the passwords in ...


Score: 0


Sometimes you obtain passwords that are in a hashed form. Due to the mathematical properties of (secure) hashes there are limited ways of recovering the plain text. Primarily this will be through brute force, or alternatively using word lists. oclHashcat is a fantastic hash cracking tool that takes advantage of your GPU to dramatically ramp up your...


Score: 0