Wednesday, March 26, 2025

[TryHackMe][Certificate]TryHackMe Junior Penetration Tester Certificate

 


Posted by at No comments:

Monday, March 24, 2025

[tryhackme][Windows][unpatched]Check software version to find unpatched software

 #wmic product get name,version,vendor

Posted by at No comments:

[tryhackme][Windows][Credential Restoration] Cred_Restoration.bat

 @echo off

echo(

echo Showing significant files...


IF EXIST "C:\Unattend.xml" (

    echo C:\Unattend.xml exists.

)


IF EXIST "C:\Windows\Panther\Unattend.xml" (

    echo C:\Windows\Panther\Unattend.xml exists.

)


IF EXIST "C:\Windows\Panther\Unattend\Unattend.xml" (

    echo C:\Windows\Panther\Unattend\Unattend.xml exists.

)


IF EXIST "C:\Windows\system32\sysprep.inf" (

    echo C:\Windows\system32\sysprep.inf exists.

)


IF EXIST "C:\Windows\system32\sysprep\sysprep.xml" (

    echo C:\Windows\system32\sysprep.inf exists.

)


IF EXIST "%userprofile%\AppData\Roaming\Microsoft\Windows\PowerShell\PSReadline\ConsoleHost_history.txt" (

    echo %userprofile%\AppData\Roaming\Microsoft\Windows\PowerShell\PSReadline\ConsoleHost_history.txt exists.

)


IF EXIST "C:\inetpub\wwwroot\web.config" (

    echo C:\inetpub\wwwroot\web.config exists.

)


IF EXIST "C:\Windows\Microsoft.NET\Framework64\v4.0.30319\Config\web.config" (

    echo C:\Windows\Microsoft.NET\Framework64\v4.0.30319\Config\web.config exists.

)


echo(

echo Showing saved credentials on the system...


cmdkey /list


echo(

echo Show Putty Proxy passwords...


reg query HKEY_CURRENT_USER\Software\SimonTatham\PuTTY\Sessions\ /f "Proxy" /s

Posted by at No comments:

Sunday, March 16, 2025

[tryhackme][nmap]Hidden NMAP Scan

#nmap -e tun0 -f -T1 -D 10.10.174.103,RND,10.10.174.104,RND,ME,RND,RND -Pn 10.10.174.2


Use Fragment, Low Rate and Decoy techniques to scan 10.10.174.2

Posted by at No comments:

Sunday, March 9, 2025

[hydra][brute force][tryhackme] THC Hydra parameters

 -l username Provide the login name

-P WordList.txt Specify the password list (e.g. /usr/share/wordlists/rockyou.txt) to use

server service Set the server address and service to attack

-s PORT Use in case of non-default service port number

-V or -vV Show the username and password combinations being tried

-d Display debugging output if the verbose output is not helping

Posted by at No comments:

[port scan] Windows 10 and above probes the status of a remote port

 # ssh -p PORT IP

Posted by at No comments:

Saturday, March 8, 2025

[nmap][tryhackme] Nmap output parameters

 -oN save output in normal format

-oG save output in grepable format

-oX save output in XML format

-oA save output in normal, XML and Grepable formats

Posted by at No comments:

Friday, March 7, 2025

[nmap][netcat][nc] Use Nmap to run a simple test verifying NIDPS effectiveness

 Attacker Machine:

# nmap -sT -Pn --script all -p 80 VICTIM_IP_ADDRESS


Victim Machine:

# ncat -l -k -t -p 80

Posted by at No comments:

Tuesday, March 4, 2025

Verify the version of jQuery.UI through Firefox

 Use Firefox to browse the URL, open "Web Developer Tools", go to "Console" tab, and run the command "jQuery.ui.version".

Posted by at No comments:
Subscribe to: Posts (Atom)