phillips321
I often find that when I get access to a DB I dont know how to control it, I always end up typing in the wrong commands or having to quickly google what i want to do. Thus, I thought it would make sense to write up a quick cheat sheet, especially when sometimes with SQLi you need to be as careful with your commands as possible. This write up… Continue reading
Simply drop in your backtrack5 CD or USB and boot from the inserted media. Once booted type startx, you can do everything from the console but it’s nicer to have a pretty GUI!
Left click Places at the top and then click on the windows partition you wish to mount. Then open a terminal and first of all use bkhive to dump the syskey bootkey from the windows hive.… Continue reading
So you’ve got some XSS that you want to test but the browser you’ve been using for your app testing is protecting against the use of javascript in the address URL. The following URL:
1http://example.com/index.asp?val=<script>alert(1)</script>Would end up getting sent to the server as:
1GET /index.asp?val=%3Cscript%3Ealert(1)%3C/script%3E HTTP/1.1In order to prevent this so we can test XSS flaws within applications we need to turn off the javascript filter in the… Continue reading
Credit for most of the below comes from Mubix who has created a few documents (on google docs) that lists what to actually do once shell access has been gained. You can read more about it here and find the links to the docs, I’m simply blogging about it to make a summary of this for myself.
Meterpreter Post Auth
Information Gathering
12345678910getuid getpid getsprivs sysinfo screenshot run winenum.rb run… Continue reading