Rh17S15/pentesting
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

first commit

Browse Source
This commit is contained in:
Rh17S15
2025-06-10 17:23:40 +02:00
commit 9adabe37a3
3 changed files with 117 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

115
Cheatsheet.md Normal file
View File

@@ -0,0 +1,115 @@
#### to install:
- magic wormhole
- tldr
- rlwrap
-
```bash
sudo apt update --fix-missing && sudo apt install magic-wormhole tealdeer rlwrap
```
#### for keyring
-> if there is some kind of keyring error
```bash
sudo wget https://archive.kali.org/archive-keyring.gpg -O /usr/share/keyrings/kali-archive-keyring.gpg
```
# information gathering
### nmap
for quick scan of available ips
```bash
nmap -sn ip/24
```
to filter output for open ips
```bash
nmap -sn 192.168.1.0/24 | grep "for " | awk '{print $5}' > ips.txt
```
scan open ports
```bash
nmap -sCV -A -p $(nmap 192.168.1.155 -p- | grep open | awk -F '/' '{print $1}' | tr '\n' ',' | sed 's/.$//') 192.168.1.155
```
## TTY Spawn Shell
Often during pen tests you may obtain a shell without having tty, yet wish to interact further with the system. Here are some commands which will allow you to spawn a tty shell. Obviously some of this will depend on the system environment and installed packages.
### Python spawn shell
python -c 'import pty; pty.spawn("/bin/bash")'
Fully Interactive TTY
#### All the steps to stabilize your shell
**The first step:**
python3 -c 'import pty;pty.spawn("/bin/bash")'
Which uses Python to spawn a better-featured bash shell. At this point, our shell will look a bit prettier, but we still wont be able to use tab autocomplete or the arrow keys.
**Step two is:**
export TERM=xterm
This will give us access to term commands such as clear.
**Finally (and most importantly) we will background the shell using**
Ctrl + Z
Back in our own terminal we use
stty raw -echo; fg
This does two things: first, it turns off our own terminal echo which gives us access to tab autocompletes, the arrow keys, and Ctrl + C to kill processes
stty rows 38 columns 116
### OS system spawn shell
echo os.system("/bin/bash")
### Bash spawn shell
/bin/sh -i
### Perl spawn shell
perl —e 'exec "/bin/sh";'
### Ruby spawn shell
ruby: exec "/bin/sh"
### Lua spawn shell
lua: os.execute("/bin/sh")
### IRB spawn shell
exec "/bin/sh"
### VI spawn shell
:!bash
### VI(2) spawn shell
:set shell=/bin/bash:shell
### Nmap spawn shell
!sh