phillips321
There are many pages on the web documenting quick reverse shell one liners. Pentestmonkey and Bernardo Damele have both created a good few posts between them but I wanted to recapture what they’ve got for my notes purposes. (It’s easier for me to find stuff if it’s in one place). All credit goes to both of those guys where I got all this info from.
Step one – Set up… Continue reading
Ok so on a job I found a service running on TCP port 5555 on a few servers. A little probing with netcat allowed me to identify the service(all of the output below is from my own testbed, hence the local 192.168.x.x IPs):
1234root@bt:~# nc 192.168.0.18 5555 break HP Data Protector A.06.11: INET, internal build 243, built on 25 August 2009, 13:08 root@bt:~#This version is flagged as vulnerable as… Continue reading
A little brain issue prevented me from remembering how to connect to a HTTPS service on the command line. NetCat doesnt seems to work, it just hangs. Fortunately after wasting sometime i recalled how to do it in not one but 2 ways: Option 1 : ncat (part of the nmap tool kit)
12345678910111213root@bt:~# ncat --ssl www.phillips321.co.uk 443 OPTIONS / HTTP/1.1 Host:www.phillips321.co.uk HTTP/1.1 200 OK Date: Tue, 17 Jan 2012… Continue readingSo you’ve got shell access to a remote box as SYSTEM and you want to upload some tools but you keep getting halted by antivirus and the like.
Here’s a quick list of services to kill:
123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161net stop "Ahnlab Task Scheduler" net stop "altiris client service" net stop ANTIVIR net stop ATRACK net stop "avast! antivirus" net stop "avast! iavs4 control service" net stop AVCONSOL net stop "AVG6 Service" net… Continue reading