Tuesday, December 10, 2024

Dec 10, 2024

Information gathering tools: nmap (software name and version number, current patch and configuration settings, service banners and http headers, authentication mechanisms). Metasploit CrackMapExec (CME).

Focused penetration: Web (php) shells uploaded to an apache2 server

Privilege escalation: Cracking administrator login credential

Documentation:

Note: OWAP can be used.

Sudo apt update -y; sudo apt upgrade -y; sudo apt install -y open-vm-tools; sudo apt install -y open-vm-tools-desktop; sudo apt install -y openssh-client; sudo apt install -y openssh-server; sudo apt install -y python-pip; sud apt install -y net-tools;

sudo apt install vim curl tmux medusa libssl-dev libffi-dev python-dev build-essential net-tools -y; sudo apt install -y crackmapexec; pip install crackmapexec; 

sudo apt install -y nmap; sudo apt install -y git wget build-essential checkinstall libpcre3-dev libssl dev libpcap-dev; sudo apt install ruby

at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)

Enhancing My Job Search with a Custom Mesh Network

 To streamline and organize my job search efforts, I recently set up a mesh network connecting my laptop to a Raspberry Pi running Portainer...

  • Enhancing My Job Search with a Custom Mesh Network
     To streamline and organize my job search efforts, I recently set up a mesh network connecting my laptop to a Raspberry Pi running Portainer...
  • 12/21/2024
      Focused Penetration Testing: Creating a Malicious Web Shell Backdoor In this blog post, we will dive into two critical techniques in penet...
  • 12/18/2024
    Windows 7 and Windows Server 2008 R2 are vulnerable to the Eternal Blue exploit. Use the following command in Metasploit: bash Copy code use...