Show Menu
Cheatography

Capture the Flag Cheatsheet Cheat Sheet by

Generic Description.

Common Terms

IP address
a numerical label that identifies a computer on computer networks
port
a number associated to a network protocol that receives or transmits commun­ication for a specific service
CTF - Capture the Flag
an inform­ation security compet­ition that tests cybers­ecurity skills
enumer­ation
process of system­ati­cally probing a target for inform­ation
Kali Linux
a linux distri­bution pre-built with security tools
terminal
a CLI (Command Line Interface) to interact with programs in the computer
Example: 192.16­8.1.1:22
- IP address: 192.16­8.1.1
- Port: 22

Common Security Tools

nmap
a utility for network discovery and security auditing
hashcat
a password cracking utility
dirbuster
a utility to discover website direct­ories that might exist
wpscan
a scanning utility to gain inform­ation about a wordpress website
wfuzz
a brute force utility
ssh
a network commun­ication protocol that enables two computers to commun­icate
nc
Netcat is utility tool that uses that reads and writes to a network.
 

Helpful Command Line Tools

ls
lists files
cat
shows the contents of a file
find
finds files that match a pattern
pwd
displays the current folder's path
man
shows docume­ntation for a command
To look at the manual for the ls command, type: "man ls" without the quotes and hit enter. You can scroll with the arrow keys. Search for a word by typing "­/wo­rd" without the quotes and hit enter. Exit a man document by typing "­q"; make sure you are not in search mode.

Quick NMAP Commands

Example Commands
Descri­ption of Command
nmap -p- 10.1.2.3
Attempt to find all the open ports for the target IP address.
nmap -sV -p80,443 10.1.2.3
Tries to find the service version of the software running on ports 80 and 443 for the target IP address.
nmap -A 10.1.2.3
Runs an aggressive scan that attempts to discover the Operating System, service version, tracer­outes, and popular scripts against the target IP address.
nmap -sS 10.1.2.3
Runs a stealth Syn Scan on the target IP address.
10.1.2.3 is an example IP address. Replace with the one in your CTF.

Helpful WPScan Commands

wpscan --url 10.1.2.3
Starts a basic scan against the computer at IP Address 10.1.2.3
wpscan --url 10.1.2.3 --enum­erate ap
Runs a wordpress scan against
10.1.2.3
and attempts to enumerate all plugins
wpscan --url 10.1.2.3 --enum­erate u
Runs a wordpress scan against
10.1.2.3
and attempts to enumerate usernames
wpscan --url 10.1.2.3 --user­names admin --pass­words passwo­rds.txt
Attempts to identify the password for the user admin on
10.1.2.3
using the password file
passwo­rds.txt
 

Helpful Commands

nc -nlvp 1234
Starts a netcat listener on your computer's port 1234. Netcat will listen and respond to traffic directed at this port. Useful for a exploiting a vulner­abi­lity.
python -c 'import pty; pty spawn(­"­/bi­n/b­ash­")'
Reverse Shells can be unstable. This command attempts to stabalize any reverse shells with python.
find / -iname "*flag*"
Searches the computer starting from the root (/) directory for files that match the pattern:
[anyth­ing­]fl­ag[­any­thing].
cat /home/­kal­i/.s­sh­/config
Displays the contents of the file
config
from the folder path `/home­/ka­li/.ssh/
ssh admin@10.1.2.3:22
Attempts a ssh connection to the computer at IP Address
10.1.2.3
on port
22
with the username
admin

Popular File and Direct­ories

/home/kali
The home folder for the user
kali
/etc
System Config­uration Files
/tmp
A temporary filespace
/root
The root user home folder
/var
log files
/usr/s­har­e/w­ord­lists
A common Wordlist Directorey
/usr/s­har­e/w­ord­lis­ts/­sec­lists
A popular puplic collection of common security wordlists
/usr/s­har­e/w­ord­lis­ts/­sec­lis­ts/­Pas­swo­rds­/Co­mmo­n-C­red­ent­ial­s/b­est­105­0.txt
A wordlist that contains a collection of 1050 popular passwords.
 

Comments

No comments yet. Add yours below!

Add a Comment

Your Comment

Please enter your name.

    Please enter your email address

      Please enter your Comment.

          Related Cheat Sheets