NetSec

Ramblings of a NetSec addict

  • Ramblings
    • OSCP Review
    • OSCE Review
    • So you want to be a Hacker?
    • InfoSec Topics
  • Tutorials
    • Simple Buffer Overflows
    • Converting Metasploit Module to Stand Alone
  • Hacking Snippets
    • Basic Information
      • Spawning a TTY Shell
      • Finding Public Exploits
    • Metasploit
      • Creating Metasploit Payloads
    • Passwords
      • Cracking Network Passwords (Hydra)
      • Generating Wordlists
      • Identifying Hashes (Hash Identifier)
      • Cracking Hashes (oclHashcat)
      • Obtaining Windows Passwords
    • Privilege Escalation
      • Linux Privilege Escalation Scripts
    • Port Redirection
      • Port Redirection with Rinetd
      • Dynamic Port Forwarding (SSH)
      • Remote Port Forwarding (SSH)
      • Local Port Forwarding (SSH)
      • Port Forwarding with Metasploit
    • Tools
      • Netcat
  • OS Tips
    • Linux
      • Simple Linux Commands
    • Windows
      • Simple Windows Commands
    • Programs
      • Remote Desktop (rdesktop)
      • Fixing Metasploit Slow Search
      • Encoding / Decoding Base64
  • Programming
    • Python Snippets
      • Multi-Threaded Brute Forcer
      • Writing Shellcode to a File
    • Programs
  • Peach Pits
    • FTP
      • Fuzz Username / Password
      • Fuzz FTP Commands
  • Vulnerable VMs
    • Walkthroughs
      • pWnOS 2.0

Remote Desktop (rdesktop)

Peleus

Windows remote desktop is a commonly used protocol throughout many networks. It provides remote access to windows machines when enabled.

Tool
rdesktop

Basic Syntax

rdesktop -u <username> -p <password> <ip address> -g <percentage / resolution></percentage></ip></password></username>

rdesktop -u <username> -p <password> <ip address> -g <percentage / resolution></percentage></ip></password></username>

[Read more…]

Filed Under: Programs Tagged With: rdesktop, rdp

Simple Linux Commands

Peleus

A heap of simple linux commands that may prove useful to do basic things.

Requesting a DHCP IP Address

dhclient <interface></interface>

dhclient <interface></interface>

Setting a Static IP Address

ifconfig <interface> <ip address>/<cidr>
route add default gw <gateway IP Address>
echo nameserver <nameserver / Gateway IP Address> > /etc/resolv.conf</nameserver></gateway></cidr></ip></interface>

ifconfig <interface> <ip address>/<cidr> route add default gw <gateway IP Address> echo nameserver <nameserver / Gateway IP Address> > /etc/resolv.conf</nameserver></gateway></cidr></ip></interface>

[Read more…]

Filed Under: Linux Tagged With: basic commands, linux

Simple Windows Commands

Peleus

Check Who You Are

echo %USERDOMAIN%\%USERNAME
whoami

echo %USERDOMAIN%\%USERNAME whoami

Check Windows Version

systeminfo | findstr /B /C:"OS Name" /C:"OS Version"

systeminfo | findstr /B /C:"OS Name" /C:"OS Version"

Add a User

net user <username> <password> /add</password></username>

net user <username> <password> /add</password></username>

[Read more…]

Filed Under: Windows Tagged With: basic, windows, windows commands

Cracking Hashes (oclHashcat)

Peleus

Sometimes you obtain passwords that are in a hashed form. Due to the mathematical properties of (secure) hashes there are limited ways of recovering the plain text. Primarily this will be through brute force, or alternatively using word lists. oclHashcat is a fantastic hash cracking tool that takes advantage of your GPU to dramatically ramp up your hash calculating (and hence cracking) ability. For a dictionary attack the hash of each word in the dictionary is calculated and compared against your target hash. If the hashes match clearly the original value of the target must have been the same, hence the password is revealed. If the hash does not match the next word is calculated until the list is exhausted. Word lists have the advantage of being a lot higher more likely to contain the password (passwords are usually derived from humans), so your limited computing power is more targeted with a word list. The downside is that if the word is not in the list the hash will not be broken. Brute force attacks alternatively will always eventually get the hash value, but typically it takes so long to cycle through possible values it’s infeasible. (Hint: Calculate how many combinations can be made with 8 characters of numbers / upper / lower characters. How long would it take to cycle through all of these if we were guessing at 1 million guesses a second?)
[Read more…]

Filed Under: Passwords Tagged With: cracking, hash, oclHashcat

Identifying Hashes (Hash Identifier)

Peleus

Often when you wish to crack a hash you need to identify what type of has it is so you can successfully configure oclHashcat or your favorite cracking tool. Hash-identifier is a nifty tool built into Kali which will allow you to print out the most likely hash format.
[Read more…]

Filed Under: Passwords Tagged With: hashes, identifying, kali, tools

  • « Previous Page
  • 1
  • 2
  • 3
  • 4
  • 5
  • …
  • 7
  • Next Page »

Copyright © 2022 · Genesis Sample on Genesis Framework · WordPress · Log in