OSCP Learning Notes - Information Gathering】的更多相关文章

Common Tools Google Exploit-DB/Google Hacking DB WHOIS Netcraft theharvester Example: Google search:   site:cnn.com -site:www.cnn.com filetype:pdf More google search syntax canbe found on the site : https://support.google.com/websearch/answer/2466433…
Installing Kioptrix: Level 1 Download the vm machine form https://www.vulnhub.com/entry/kioptrix-level-1-1,22/. In the Kali Linux: Find the devices in the intranet using the following command: netdiscover -i eth0 Scan the target kioptrix vm through n…
Pre-Exploit Password Attacks Tools: 1. ncrack Ncrack 0.6 ( http://ncrack.org )Usage: ncrack [Options] {target and service specification}TARGET SPECIFICATION: Can pass hostnames, IP addresses, networks, etc. Ex: scanme.nmap.org, microsoft.com/24, 192.…
DroopyCTF Walkthrough Preparation: Download the DroopyCTF virtual machine from the following website: https://www.vulnhub.com/entry/droopy-v02,143/ 1. Scan the network to find the IP address of the DroopyCTF server. netdiscover -r 10.0.0.0/ 2. Scan t…
BTRSys v2.1 Walkthrough Preparation: Download the BTRSys virtual machine from the following website: https://www.vulnhub.com/entry/btrsys-v21,196/ 1. Find the IP address of the BTRSys virtual machine. netdiscover -r 10.0.0.0/ 2. Perform the TCP/UDP s…
Kioptrix Level 1.1 Walkthrough Preparation: Download the virtual machine  from the following website: https://www.vulnhub.com/entry/kioptrix-level-11-2,23/ The target server: Kioptirx Level 1.1(#2) 1. Discover the IP address of the target server. We…
Privilege Escalation Download the Basic-pentesting vitualmation from the following website: https://www.vulnhub.com/entry/basic-pentesting-1,216/ 1.Scan the target server using nmap. nmap -Pn -sS --stats-every 3m --max-scan-delay --defeat-rst-ratelim…
Remote File Inclusion[RFI] Prepare: Download the DVWA from the following website and deploy it on your server. http://www.dvwa.co.uk/ Install XAMPP and DVWA: 1. Install XAMPP on Windows server. And change the Apache http port to 82 and ssl port to 44…
Finding Bad Characters 1. Find the bad charaters in the following website: https://bulbsecurity.com/finding-bad-characters-with-immunity-debugger-and-mona-py/ 2. Write the Python test script using the badchars. #!/usr/bin/python import socket import…
Finding the Offset 1. Use the Metasploite pattern_create.rb tool to create 5900 characters. /usr/share/metasploit-framework/tools/exploit/pattern_create.rb -l 5900 2.Write the python test script. The shellcode is copied from the previous step. #!/usr…