Often in the info world you’ll run into plenty of Base64 encoded strings. A typical giveaway is the trailing = or == in many cases.
base64 -i <file>
base64 -di <file>
-i : Useful for ignoring garbage.
-d : Decode, without this flag it will encode.
Example – Encoding Base64
Check Who You Are
Check Windows Version
systeminfo | findstr /B /C:"OS Name" /C:"OS Version"
Add a User
net user <username> <password> /add</password></username>
Add a User to the Administrators Group
net localgroup administrators <username> /add
A heap of simple linux commands that may prove useful to do basic things.
Requesting a DHCP IP Address
Setting a Static IP Address
ifconfig <interface> <ip address>/<cidr>
route add default gw <gateway IP Address>
echo nameserver <nameserver / Gateway IP Address>...
The logic of the script is to read in a list of username and password values, then push the usernames onto a queue. Each username (handled by an individual thread) goes through and tests each of the passwords in the list against the application. If the text that appears in a failed login appears it will print the failed message, otherwise it will p...
This really is a trivial code snippet, but as with most scripts it comes in handy because it simplifies even a basic task further. Save this to a simple filename like ‘hex2file’ and place it in your /usr/bin directory. Whenever you need to write out hex characters directly to a file use the following syntax.
hex2file 4142434445 > hexfile....
Often one of the most useful (and to the beginner underrated) abilities of Metasploit is the msfpayload module. Multiple payloads can be created with this module and it helps something that can give you a shell in almost any situation. For each of these payloads you can go into msfconsole and select exploit/multi/handler. Run ‘set payload’ for ...
# gateway-finder - Tool to identify routers on the local LAN and paths to the Internet
# Copyright (C) 2011 email@example.com
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License version 2 as
# published by the Free Software Founda...
Rainbow crack (http://www.antsight.com/zsl/rainbowcrack/)
> ophcrack (http://ophcrack.sourceforge.net/)
> rainbow tables
rcrack c:\rainbowcrack\*.rt -f pwfile.txt
Cain & Abel (http://www.oxid.it/)
John the Ripper (http://www.openwall.com/john/)
./unshadow passwd shadow > fi...
Discovery & Probing. Enumeration can serve two distinct purposes in an assessment: OS Fingerprinting Remote applications being served. OS fingerprinting or TCP/IP stack fingerprinting is the process of determining the operating system being utilised on a remote host. This is carried out by analyzing packets received from the host in question. T...
Tor Node Checker
> Ip Pages (http://www.ippages.com/?ip)
> Kewlio.net (http://www.as3344.net/is-tor/)
nmap NSE script...