Merge pull request #52 from pwnwiki/nav-reorg

Navigation reorganization based on discussion

2besorted/gdoc_osx.md

@@ -1,68 +1,68 @@
-
+
-# OS X Google Doc Content #
+# OS X Google Doc Content #
-
+
-The content below is the raw data from the Google Doc that was first used to collect it. Over time, this content will be moved into sub-pages and organized but is placed here, now, so as to be more complete. We apologize for its appearance.
+The content below is the raw data from the Google Doc that was first used to collect it. Over time, this content will be moved into sub-pages and organized but is placed here, now, so as to be more complete. We apologize for its appearance.
-
+
-----
+----
-
+
-## Blind Files 
+## Blind Files 
-(things to pull when all you can do is blindly read) LFI/dir traversal
+(things to pull when all you can do is blindly read) LFI/dir traversal
-/etc/resolv.conf (everyone always has read on this and it wont trigger an IDS)
+/etc/resolv.conf (everyone always has read on this and it wont trigger an IDS)
-
+
-## System
+## System
-<code>uname -a
+<code>uname -a
-ps aux
+ps aux
-ps -aef
+ps -aef
-id
+id
-arch
+arch
-w
+w
-who -a
+who -a
-gcc -v
+gcc -v
-mysql --version
+mysql --version
-perl -v
+perl -v
-ruby -v
+ruby -v
-python --version
+python --version
-df -k
+df -k
-mount
+mount
-last -a
+last -a
-lastlogin (*bsd)
+lastlogin (*bsd)
-getenforce  <- does not work on Lion no idea if this work in previous versions
+getenforce  <- does not work on Lion no idea if this work in previous versions
-dmesg
+dmesg
-lsusb<- does not work on Lion no idea it this work on previous versions
+lsusb<- does not work on Lion no idea it this work on previous versions
-lshw  <- does not work on Lion no idea it this work on previous versions
+lshw  <- does not work on Lion no idea it this work on previous versions
-free -m  <- does not work on Lion no idea it this work on previous versions
+free -m  <- does not work on Lion no idea it this work on previous versions
-du -h --max-depth=1 /
+du -h --max-depth=1 /
-which nmap (see if it's already installed)
+which nmap (see if it's already installed)
-locate bin/nmap
+locate bin/nmap
-which nc (see if it's already installed)
+which nc (see if it's already installed)
-locate bin/<whatever you want>
+locate bin/<whatever you want>
-whoami
+whoami
-jps -l
+jps -l
-java -version</code>
+java -version</code>
-
+
-## Networking
+## Networking
-<code>hostname -f
+<code>hostname -f
-ip addr show
+ip addr show
-ifconfig -a
+ifconfig -a
-route -n
+route -n
-cat /etc/network/interfaces
+cat /etc/network/interfaces
-iptables -L -n
+iptables -L -n
-netstat -anop
+netstat -anop
-netstat -r
+netstat -r
-netstat -nltupw (root with raw sockets)
+netstat -nltupw (root with raw sockets)
-arp -a
+arp -a
-lsof -nPi</code>
+lsof -nPi</code>
-
+
-## Per User
+## Per User
-<code>ls -alh /Users/*/
+<code>ls -alh /Users/*/
-ls -alh /Users/*/.ssh/
+ls -alh /Users/*/.ssh/
-cat /Users/*/.ssh/authorized_keys
+cat /Users/*/.ssh/authorized_keys
-cat /Users/*/.ssh/known_hosts
+cat /Users/*/.ssh/known_hosts
-cat /Users/*/.*hist*
+cat /Users/*/.*hist*
-find -type f /Users/*/.vnc /Users/*/.subversion
+find -type f /Users/*/.vnc /Users/*/.subversion
-grep ^ssh /Users/*/.*hist*
+grep ^ssh /Users/*/.*hist*
-grep ^telnet `/Users/*/.*hist*
+grep ^telnet `/Users/*/.*hist*
-grep ^mysql /Users/*/.*hist*
+grep ^mysql /Users/*/.*hist*
-cat /Users/*/.viminfo
+cat /Users/*/.viminfo
-sudo -l # if sudoers is not readable, this sometimes works per user
+sudo -l # if sudoers is not readable, this sometimes works per user
-crontab -l</code>
+crontab -l</code>

README.md

@@ -1,15 +1,8 @@
-Post Exploitation Wiki
+## PwnWiki.io is a collection TTPs (tools, tactics, and procedures) for what to do after access has been gained.
-======================
-
-This wiki is powered by MDwiki which is a self contained wiki in a single HTML file.
-
-All you have to do to use the wiki is clone the repo to anywhere you can open HTML, served or local.
-
-Contributors please see here: https://github.com/pwnwiki/pwnwiki.github.io/wiki/Wiki-contributor
 
 ### Live Online Copy:
 
-You can find a copy of the project online at: http://pwnwiki.io/. If you are reading this from the live website and want to get to the Github repository click here -> https://github.com/pwnwiki/pwnwiki.github.io.
+You can find a copy of the project online at: http://PwnWiki.io
 
 ### Offline Use:
 
@@ -17,19 +10,24 @@ You can find a copy of the project online at: http://pwnwiki.io/. If you are rea
   2. Open index.html
   3. Most modern browsers don't allow the access of local files from a locally loaded HTML file. On Windows you can use [Mongoose Tiny](http://cesanta.com/downloads.html) or [HFS](http://www.rejetto.com/hfs/) to host the files locally. On OSX and Linux `python -m SimpleHTTPServer` seems to work just fine.
 
-### Reference Binaries:
+#### Referenced tools can be found here: https://github.com/mubix/post-exploitation (If they aren't built into the OS)
 
-If the binary referenced isn't built into the respective OS, can be found here:
+- - - - - -
-https://github.com/mubix/post-exploitation
+#### Submitting Content
+We want/need your help! Please contribute to this project is via GitHub (https://github.com/pwnwiki/pwnwiki.github.io). That allows us to get your project-ready content incorporated into the wiki fast. 
 
-#### Known issue with Chrome:
+We realize that not everyone can/wants to submit content via GitHub and that's cool. If your go-to content is not up here and you don't want to spend the time becoming a Git Jedi, just visit our [Google Form](https://docs.google.com/forms/d/1N7-jRjnUXoz-UwB2h0du2IrskFJW6hBGs4YsTwvEncE/viewform). Due to the large amount of submissions and content, there may be a delay between your posting and us getting your content into the project. Thanks for your submissions and your patience! 
 
-Chrome doesn't allow local file access from local files loaded in the
+- - - - - -
-browser (ala index.html loading index.md). There are two ways around this. Use a web server to host
+Curators:
-it (Apache, nginx, python SimpleHTTPServer, etc) or start Chrome with the `--allow-file-access-from-files`
-argument. See here for more details: http://dynalon.github.io/mdwiki/#!faq.md
 
+  * [@mubix](https://twitter.com/mubix) [gimmick:TwitterFollow](@mubix)
+  * [@WebBreacher](https://twitter.com/webbreacher) [gimmick:TwitterFollow](@WebBreacher)
+  * [@tekwizz123](https://twitter.com/tekwizz123) [gimmick:TwitterFollow](@tekwizz123)
+  * [@jakx_](https://twitter.com/jakx_) [gimmick:TwitterFollow](@jakx_)
+  * [@TheColonial](https://twitter.com/TheColonial) [gimmick:TwitterFollow](@TheColonial)
+  * [@Wireghoul](https://twitter.com/Wireghoul) [gimmick:TwitterFollow](@Wireghoul)
+  
+If you would like to become a curator, please contact [mubix@hak5.org](mailto:mubix@hak5.org)
 
-### More info about MDwiki:
+[gimmick:ForkMeOnGitHub ({ color: 'red',  position: 'right' })](http://www.github.com/pwnwiki/pwnwiki.github.io/)
-
-http://dynalon.github.io/mdwiki/#!index.md

linux/bash.md

@@ -1,3 +0,0 @@
-# Place Holder
-
-Content coming. Feel free to submit ;-)

linux/persistance.md

@@ -1,3 +0,0 @@
-# Place Holder
-
-Content coming. Feel free to submit ;-)

navigation.md

@@ -2,68 +2,59 @@
 
 [Home](index.md)
 
-[Windows]()
+[Presence]()
 
-  * [Autostart Locations](windows/autostart.md)
+  * [Windows](presence/windows/index.md)
-  * [Binary Planting](windows/binary.md)
+  * [Linux](presence/linux/index.md)
-  * [CMD Commands](windows/cmd.md)
+  * [OSX](presence/osx/index.md)
-  * [Covering Tracks](windows/cover.md)
-  * [Files - Blind](windows/blind.md)
-  * [Files - Finding](windows/find_files.md)
-  * [Files - Important](windows/files.md)
-  * [Persistance](windows/persistance.md)
-  * [Powershell](windows/powershell.md)
-  * [Privilege Escalation](windows/privesc.md)
-  * [Remote Access](windows/remote.md)
-  * [UAC Bypassing](windows/uac.md)
-  * [MSSQL Servers](windows/mssql.md)
 
-  
+[Persistence]()
-[Linux]()
 
-  * [Google Doc Content](linux/bulk.md)
+  * [Windows](persistence/windows/index.md)
-  * [Files - Blind](linux/blind.md)
+  * [Linux](persistence/linux/index.md)
-  * [Files - Finding](linux/find_files.md)
+  * [OSX](persistence/osx/index.md)
-  * [SH/BASH Commands](linux/bash.md)
-  * [Persistance](linux/persistance.md)
-  * [Privilege Escalation](linux/privesc.md)
 
+[Pivoting]()
 
-[OSX]()
+  * [Windows](pivoting/windows/index.md)
+  * [Linux](pivoting/linux/index.md)
+  * [OSX](pivoting/osx/index.md)
 
-  * [Bash Commands](osx/bash.md)
+[Privilege Escalation]()
-  * [Files - Blind](osx/blind.md)
-  * [Files - Finding](osx/find_files.md)
-  * [Persistance](osx/persistance.md)
-  * [Privilege Escalation](osx/privesc.md)
 
-[Mobile]()
+  * [Windows](privesc/windows/index.md)
+  * [Linux](privesc/linux/index.md)
+  * [OSX](privesc/osx/index.md)
 
-   * [Android](mobile/android.md)
+[Technologies]()
-   * [iOS](mobile/ios.md)
 
-[Other OSs]()
+  * [Mobile](tech/mobile/index.md)
+  * [Mainframes](tech/mainframes/index.md)
+  * [Embedded OSs](tech/embedded/index.md)
+  * [Web Languages](tech/web/languages.md)
+  * [Web Apps](tech/web/apps.md)
+  * [Web Servers](tech/web/servers.md)
+  * [Network Services](tech/services/index.md)
+  * [Databases](tech/db/index.md)
+  * [Novell](tech/novell.md)
 
-  * [zOS](otheros/zos.md)
+[Binaries]()
-  * [AS/400](otheros/as400.md)
+
-  * [Cisco](otheros/cisco.md)
+  * [Windows](bins/windows/index.md)
-  * [Juniper](otheros/juniper.md)
+  * [Linux](bins/linux/index.md)
+  * [OSX](bins/osx/index.md)
+  * [Universal](bins/multi/index.md)
 
 [Scripting]()
 
   * [Python](scripting/python.md)
+  * [Powershell](scripting/powershell.md)
   * [Ruby](scripting/ruby.md)
   * [Perl](scripting/perl.md)
   * [Windows](scripting/windows.md)
   * [NodeJS](scripting/NodeJS.md)
   * [Linux bash](scripting/bash.md)
 
-[Cats]()
-
-  * [ncat](cats/ncat.md)
-  * [netcat](cats/netcat.md)
-  * [socat](cats/socat.md)
-  
 [Metasploit]()
 
   * [Meterpreter](msf/meterpreter.md)
@@ -75,10 +66,9 @@
   
 [References]()
 
+  * [How to Contribute](references/contribute.md)
+  * [Links](references/links.md)
   * [Unix Rosetta Stone](references/rosetta.htm)
-  
- 
-[Links](links.md)
 
 [gimmick:themechooser](Wiki Theme)
 
@@ -92,3 +82,4 @@ return false;
 }); 
 }); 
 </script>
+

osx/bash.md

@@ -1,3 +0,0 @@
-# Place Holder
-
-Content coming. Feel free to submit ;-)

osx/persistance.md

@@ -1,3 +0,0 @@
-# Place Holder
-
-Content coming. Feel free to submit ;-)

osx/privesc.md

@@ -1,3 +0,0 @@
-# Place Holder
-
-Content coming. Feel free to submit ;-)

presence/osx/find_files.md

@@ -1,15 +1,15 @@
-# OS X Finding File Commands
+# OS X Finding File Commands
-
+
-Commands that find files on the filesystem and are usually executed from the context of the shell (`/bin/bash` or `/bin/sh`) prompt.
+Commands that find files on the filesystem and are usually executed from the context of the shell (`/bin/bash` or `/bin/sh`) prompt.
-
+
-| Command  | Description / Importance |
+| Command  | Description / Importance |
-| -------- | ------------------------ |
+| -------- | ------------------------ |
-| `find /sbin /usr/sbin /opt /lib` ``echo $PATH` |`'sed s/:/ /g'``` -perm -4000` | Find SUID files. |
+| `find /sbin /usr/sbin /opt /lib` ``echo $PATH` |`'sed s/:/ /g'``` -perm -4000` | Find SUID files. |
-| `for user in $(cut -f1 -d: /etc/passwd); do echo $user; crontab -u $user -l; done` | Lists all the user crontab or scheduled tasks files. |
+| `for user in $(cut -f1 -d: /etc/passwd); do echo $user; crontab -u $user -l; done` | Lists all the user crontab or scheduled tasks files. |
-| `find /var/log -type f -exec ls -la {} \;` | Find all the log files in `/var/log/` |
+| `find /var/log -type f -exec ls -la {} \;` | Find all the log files in `/var/log/` |
-| `ls -alhtr /Volumes` | Display the volumes mounted at `/Volumes` |
+| `ls -alhtr /Volumes` | Display the volumes mounted at `/Volumes` |
-| `ls /Users/*/.ssh/*` | Discover SSH files (keys and such) located in each user's home drive. May require root permissions to view these files in other user's directories. |
+| `ls /Users/*/.ssh/*` | Discover SSH files (keys and such) located in each user's home drive. May require root permissions to view these files in other user's directories. |
-| `locate tar` | `grep [.]tar$` | Finds all files that have a `.tar` extension. Substitute other archive extensions (e.g., `.zip`, `.7z`, `.rar`) or other extensions such as `.sql` or `.conf`. |
+| `locate tar` | `grep [.]tar$` | Finds all files that have a `.tar` extension. Substitute other archive extensions (e.g., `.zip`, `.7z`, `.rar`) or other extensions such as `.sql` or `.conf`. |
-| `locate settings` $#124; `grep [.]php$` | Find all files with the word settings in it and with a `.php` extension. |
+| `locate settings` $#124; `grep [.]php$` | Find all files with the word settings in it and with a `.php` extension. |
-| `locate .properties` $#124; `grep [.]properties` | Finds Java configuration files. | 
+| `locate .properties` $#124; `grep [.]properties` | Finds Java configuration files. | 
-
+

tech/db/index.md

@@ -0,0 +1,15 @@
+# PwnWiki - Databases
+
+[Home](../../index.html)
+
+[MSSQL](mssql.md)
+
+[MySQL](mysql.md)
+
+[Postgresql](postgres.md)
+
+[DB2](db2.md)
+
+[NoSQL]()
+
+ * [Redis](redis.md)

tech/services/index.md

@@ -0,0 +1,15 @@
+# Network Services
+
+## SMB/CIFS/Samba
+
+## rlogin
+
+## telnet
+
+## dns
+
+## nfs
+
+## x11
+
+

tech/web/apps.md

@@ -0,0 +1,4 @@
+# Web Applications
+
+
+## 

tech/web/languages.md

@@ -0,0 +1,9 @@
+# Web Languages
+
+## PHP
+
+## ASP
+
+## ASPX
+
+## ColdFusion

tech/web/servers.md

@@ -0,0 +1,8 @@
+# Web Servers
+
+## IIS
+
+## Apache
+
+## Lotus Domino
+

validation/dns.md

@@ -1 +0,0 @@
-# DNS Configuration Issues

validation/insecure-protocols.md

@@ -1 +0,0 @@
-# Insecure Protocols

validation/linux-unix.md

@@ -1 +0,0 @@
-# Linx/UNIX Configuration Issues

validation/smtp.md

@@ -1 +0,0 @@
-# SMTP Configuration Issues

validation/snmp.md

@@ -1 +0,0 @@
-# SNMP Configuration Issues

validation/ssl.md

@@ -1 +0,0 @@
-# SSL/TLS Certificate Issues

validation/windows.md

@@ -1 +0,0 @@
-# Windows Configuration Issues

windows/persistance.md

@@ -1,3 +0,0 @@
-# Place Holder
-
-Content coming. Feel free to submit ;-)

windows/privesc.md

@@ -1,3 +0,0 @@
-# Place Holder
-
-Content coming. Feel free to submit ;-)