Thursday, January 23, 2025

[Powershell] A script to listen a given TCP port

 # Manually execute "Set-ExecutionPolicy -ExecutionPolicy RemoteSigned -Scope Process"

# Name this file as Listen-TCP.ps1

param (
    [int]$Port = 8080  # Default port is 8080, you can specify another port when running the script
)

$gsock = {
	# Create a TCP listener on the specified port
	$listener = [System.Net.Sockets.TcpListener]$Port
	$listener.Start()

	Write-Host "Listening on port $Port..."

	try {
		while ($true) {
			# Accept a client connection
			$client = $listener.AcceptTcpClient()
			Write-Host "Client connected!"

			# Get the network stream for reading data
			$stream = $client.GetStream()

			# Set up a reader to read from the stream
			$reader = New-Object System.IO.StreamReader($stream)

			# Read the data from the stream
			while ($reader.Peek()) {
				$data = $reader.ReadLine()
				Write-Host "Received: $data"
			}

			# Close the client connection
			$reader.Close()
			$client.Close()
		}
	}
	catch {
		Write-Host "Error: $_"
	}
	finally {
		# Stop the listener when done
		$listener.Stop()
		Write-Host "Listener stopped."
		.$gsock
	}
}

&$gsock
# .\Listen-TCP.ps1 -Port 9090
Posted by at No comments:

Tuesday, January 21, 2025

[certificate] ISO/IEC 27001:2022 LA

 


Posted by at No comments:

[TryHackMe] DNS Enumeration

 1) CA's Certificate Transparency logs

Use https://crt.sh/ to search the domain.


2) Google Hacking

Utilize the keywords, "site" and "inurl".


3) Employing the tool, dnsrecon

# dnsrecon -t brt -d DOMAIN


4) Employing another tool, sublist3r.py

# sublist3r.py -d DOMAIN


5) Leveraging Virtual Host through the tool, ffuf

# ffuf -w /usr/share/wordlists/SecLists/Discovery/DNS/namelist.txt -H "Host: FUZZ.DOMAIN" -u http://IP

Posted by at No comments:
Subscribe to: Posts (Atom)