您正在查看 "Security" 分类下的文章 2012-04-19 20:37 比较老的了,大家可能都有了,自己记录备忘一下…… 
渗透测试思维导图…… 
|
2012-03-24 4:50 first,不管怎么样,各种方式,首先获得一个shell,system权限的shell,建立meterpter的session
meterpreter > getprivs
============================================================
Enabled Process Privileges
============================================================
SeDebugPrivilege
SeIncreaseQuotaPrivilege
SeSecurityPrivilege
SeTakeOwnershipPrivilege
SeLoadDriverPrivilege
|
2012-03-23 2:06  给某企业做审计,整体的网络架构很牛逼,整个企业的网络架构光设计估计要NNN万,对用户权限的审计也做的很严格,waf的规则也写的很好,于是,偶遇了一个mysql的小小的用户,但是通过DNS解析来连接的,并且划分了vlan,在web页面执行waf直接给拦截了,百撕不得骑姐啊,后来通过msf的meterpter创建的session里面创建Pivot,然后添加路由,在console里面执行mysql操作,终于得以顺利的XXOO,百密必有一疏,msf的pivoit功能在做内网审计的时候确实很好用啊…… |
2012-03-21 5:59 Here’s my automated scanning script. It’s got a few dependencies but will run with a number of threads and will output to a defined folder.
#!/bin/bash #__________________________________________________________# Author: phillips321 forum.gnacktrack.co.uk# License: CC BY-SA 3.0# Use: |
2011-11-22 17:22 近期打算公布一些爆菊腾讯的漏洞,有很多都在手里压了好几年了,腾讯一直标榜安全固若金汤,但是那些漏洞好像一直都没修补,只公布漏洞,如何利用看个人了,所引发的犯罪行为与本人木有任何关系。不要以身试法,中国的警察和法律对付弱者很有一套的,你爹不是李刚,别玩火…… |
2011-11-18 23:55 FSMO Roles
ntdsutilroles Connections "Connect to server %logonserver%" Quit "selectOperation Target" "List roles for conn server" Quit Quit Quit
[JDH: This is really a series of steps, not a single command
expression]
Domain Controllers
Nltest /dclist:%userdnsdomain%
Domain Controller IP Configuration
for /f %i in (‘dsquery server -domain %userdnsdomain% -o rdn’) do psexec ipconfig /all |
2011-09-06 18:51  insect放出来了一个免费的无限制版本,蛋疼就拿来看了一下,简单分析一下结构
c# winform+metasploit+nmap+skipfish+自定义 exploit  不过这个东西思想不错,把东西拼凑起来作成一个平台的,以后一个趋势吧,不过收费有点贵,貌似不值那个那个价格……
|
2011-07-14 15:57 Earlier this year Mark Baggett wrote an article on running a Nessus scan through Meterpreter. It involved installing an SSH server on the compromised machine and then using it as a SOCKS4 proxy to forward the scan traffic through to the target machine (Nessus Scanning through a Metasploit Meterpreter Session). It was a great idea but I don't like installing tools on clients machines if I can avoid it so never got round to doing it on a test. Recently Zate Berg added t |
2011-07-14 15:43 ByMark Baggetton March 16, 2010 6:44 AM | |
2011-07-02 1:49 A diferencia de la versión Pro de Metasploit, una de las limitaciones a la hora de “pivotear” conexiones desde Meterpreter por medio de route es el tipo de herramientas que podemos usar a través del pívot. Esto es debido a que cualquier herramienta que use raw sockets no funcionará a través del túnel, estando limitados a conexiones TCP y UDP que realicen una “conexión completa” (connected sockets). En |
| | |
