Posted inLabs and Lessons
Sample scripts
Here are a few interesting (and useful) hacking related scripts.
Posted inLabs and Lessons
JAWS – Just Another Windows (Enum) Script
JAWS is PowerShell script designed to help penetration testers (and CTFers) quickly identify potential privilege escalation vectors on Windows systems. It is written using PowerShell 2.0 so ‘should’ run on every Windows version since Windows 7.
Posted inLabs and Lessons
Linuxprivchecker python privilege escalation script
This script is intended to be executed locally on a Linux box to enumerate basic system info and search for common privilege escalation vectors such as world writable files, misconfigurations, clear-text passwords and applicable exploits.
Posted inAI/Machine Learning
Machine learning glossary
Machine learning (ML) is a branch of artificial intelligence (AI) that focuses on developing computer systems capable of learning from data, identifying patterns, and making decisions or predictions with minimal human intervention. Instead of being explicitly programmed with step-by-step instructions for every task, a machine learning system is designed to improve its performance automatically as it is exposed to more data and experience.
Posted inExploitation
How do hackers transfer files to a comprimised server?
When hackers compromise a server, the ability to transfer files to and from that server is critical to achieving their goals. Here are the primary reasons why file transfer is so important for attackers:
Posted inExploitation
So what exactly what is a “shell” and why do hackers love them so much?
Once we compromise a system and exploit a vulnerability to execute commands on the compromised hosts remotely, we usually need a method of communicating with the system. To enumerate the system or take further control over it or within its network, we need a reliable connection that gives us direct access to the system’s shell, i.e., Bash or PowerShell, so we can thoroughly investigate the remote system for our next move. One method of accessing a compromised host for control and remote code execution is through shells.
Posted inExploitation
All about privilege escalation
Our initial access to a remote server is usually in the context of a low-privileged user, which would not give us complete access over the box. For example, some commands (like tcpdump) cannot be run via sudo and can only be run by the root user. To gain full access, we will need to find an internal/local vulnerability that would escalate our privileges to the root user on Linux or the administrator/SYSTEM user on Windows.
Posted inScanning and Analysis
nmap quick notes
Nmap (short for “Network Mapper”) is a free and open-source utility designed for network discovery and security auditing. Created by Gordon Lyon (also known as Fyodor Vaskovich), Nmap is widely used by cybersecurity professionals, network administrators, and system administrators to map out networks, discover hosts and services, and assess network security.
Posted inReferences
Metasploit quick reference guide
Metasploit is a widely used open-source framework designed for penetration testing, vulnerability assessment, and exploit development in the field of cybersecurity. Developed originally by H.D. Moore in 2003 and later acquired by Rapid7 in 2009, Metasploit has become a pivotal tool for both security professionals and, unfortunately, cybercriminals.
Posted inEncryption
Cracking zip file passwords using John the Ripper tool.
John the Ripper is a widely used open-source password cracking utility designed for password security auditing and recovery. Its primary function is to test the strength of passwords by attempting to crack password hashes using various attack methods, such as brute-force, dictionary, and hybrid attacks.
