kqjy/Offensive-Security-Cheat-Sheet
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Update README.md

Browse Source
This commit is contained in:
Joe Totes
2022-10-26 08:05:28 -04:00
committed by GitHub
parent f948d3666b
commit fa56810233
1 changed files with 15 additions and 29 deletions
Download Patch File Download Diff File Expand all files Collapse all files

44
README.md
View File

@@ -185,15 +185,11 @@ medusa -h {RHOST} -u {user} -P /usr/share/wordlists/rockyou.txt -M ftp -t 10
<br /> <br />
```bash ```bash
#VRFY: asks the server to verify an email address
#EXPN: asks the server for the membership of a mailing list
# Connect to mail server # Connect to mail server
nc -nv {IP ADDRESS} 25 nc -nv {RHOST} 25
# Connect to Windows mail server # Connect to Windows mail server
nc -nv -C {IP ADDRESS} 25 nc -nv -C {RHOST} 25
# VRFY Usage # VRFY Usage
VRFY root VRFY root
@@ -208,6 +204,9 @@ SUBJECT: Test message
Test Body Test Body
. .
Quit Quit
#VRFY: asks the server to verify an email address
#EXPN: asks the server for the membership of a mailing list
``` ```
<br /> <br />
@@ -219,35 +218,28 @@ Quit
<br /> <br />
```bash ```bash
# ssh # SSH Connect
# About: terminal remote login ssh {USER}@{RHOST}
# Download: Pre-installed on Kali Linux
# Usage
ssh {USER}@{IP ADDRESS}
# With Private Key # With Private Key
ssh {USER}@{IP ADDRESS} -i {PKEY.ssh} ssh {USER}@{RHOST} -i {PKEY.ssh}
# Remote file copy # Remote file copy
scp {USER}@{IP ADDRESS}:{FILE.ext} . scp {USER}@{RHOST}:{file.ext} .
scp /path/to/source/file.ext username@{RHOST}:/path/to/destination scp {/path/to/source/file.ext} {USER}@{RHOST}:{/path/to/destination}
# Directory # Directory
scp -r /path/to/source/dir username@{RHOST}:/path/to/destination scp -r {/path/to/source/dir} {USER}@{RHOST}:{/path/to/destination}
# Hydra brute force # SSH Brute Force
hydra -f -l {USER} -P /usr/share/wordlists/rockyou.txt ssh://{IP ADDRESS} hydra -f -l {USER} -P {pass.txt} ssh://{RHOST}
hydra -f -t 16 -L {user.txt} -P {pass.txt} ssh://{RHOST} hydra -f -t 16 -L {user.txt} -P {pass.txt} ssh://{RHOST}
# Crackmap brute force crackmapexec ssh {RHOST} -u {user.txt} -p {pass.txt}
crackmapexec ssh {IP ADDRESS} -u {USER.txt} -p {PASSWORD.txt}
# sign_and_send_pubkey: no mutual signature supported # sign_and_send_pubkey: no mutual signature supported
-oPubkeyAcceptedKeyTypes=+ssh-rsa -oPubkeyAcceptedKeyTypes=+ssh-rsa
-oKexAlgorithms=+diffie-hellman-group-exchange-sha1 -oKexAlgorithms=+diffie-hellman-group-exchange-sha1
``` ```
## DNS [53] ## DNS [53]
@@ -255,12 +247,8 @@ crackmapexec ssh {IP ADDRESS} -u {USER.txt} -p {PASSWORD.txt}
<br /> <br />
```bash ```bash
# axfr
# About: DNS zone transfer
# Download: Pre-installed on Kali Linux
# DNS Zone Transfer using dig # DNS Zone Transfer using dig
dig axfr @{IP ADDRESS} {Domain Name} dig axfr @{RHOST} {DOMAIN}
#DNSRecon #DNSRecon
dnsrecon -d {DOMAIN} -t axfr dnsrecon -d {DOMAIN} -t axfr
@@ -270,8 +258,6 @@ dnsrecon -d {DOMAIN} -D ~/{BRUTE_LIST.txt} -t brt
#DNSenum #DNSenum
dnsenum {DOMAIN} dnsenum {DOMAIN}
``` ```
## TFTP [69] ## TFTP [69]