Month: March 2019
Java Signed Applet Attack
Java Signed Applet Attack is a Client Side exploit and is based on a human vulnerability as opposted to […]
Read More →Convert Python to Exe files
Can be useful when you have a priv esc exploit in python but target Windows machine does not have […]
Read More →Port scanning – alternative
Alternative port scanning tools. Portscan with netcat Scans specific IP between tcp port 20 – 65000.
1 2 |
for i in $(seq 20 65000); do nc -zv 10.xx.xx.xx $i 2>&1;done | grep open |
Check open […]
Read More →SMB Enumeration
SMB Enumeration and recon notes. SMB null sessions are unauthenticated sessions against smb shares, and anonymous access to hidden […]
Read More →Monitor bandwidth consumption with iptables
A method to measure how much bandwidth is consumed for e.g. a nmap scan against a specific host can […]
Read More →SNMP Enumeration
Scan for SNMP and filter out IP addresses that runs SNMP:
1 2 |
nmap -sU --open -p 161 10.10.10.1-254 -oG -| awk '/Up$/{print $2}' |
or generate IP hosts with following […]
Read More →Port knocking
Port knocking is a method of obscuring the services that you have running on your machine. It allows your […]
Read More →Brute forcing protocols/services
Ncrack ncrack can brute force RDP.
1 2 |
ncrack -vv --user user1 -P password-file.txt rdp://$ip |
Hydra Hydra brute force against SNMP
1 2 |
hydra -P password-file.txt -v $ip snmp |
Hydra FTP known user and […]
Read More →Transfer files – Linux
Several methods is described here, on how to transfer files between Linux system as victim and attack box. Start […]
Read More →