I often find that when I get access to a DB I dont know how to control it, I always end up typing in the wrong commands or having to quickly google what i want to do. Thus, I thought it would make sense to write up a quick cheat sheet, especially when sometimes with SQLi you need to be as careful with your commands as possible. This write up… Continue reading

Credit for most of the below comes from Mubix who has created a few documents (on google docs) that lists what to actually do once shell access has been gained. You can read more about it here and find the links to the docs, I’m simply blogging about it to make a summary of this for myself.

Meterpreter Post Auth

Information Gathering

12345678910getuid getpid getsprivs sysinfo screenshot run winenum.rb run… Continue reading

There are many pages on the web documenting quick reverse shell one liners. Pentestmonkey and Bernardo Damele have both created a good few posts between them but I wanted to recapture what they’ve got for my notes purposes. (It’s easier for me to find stuff if it’s in one place). All credit goes to both of those guys where I got all this info from.

Step one – Set up… Continue reading

A little brain issue prevented me from remembering how to connect to a HTTPS service on the command line. NetCat doesnt seems to work, it just hangs. Fortunately after wasting sometime i recalled how to do it in not one but 2 ways: Option 1 : ncat (part of the nmap tool kit)

12345678910111213root@bt:~# ncat --ssl 443 OPTIONS / HTTP/1.1 HTTP/1.1 200 OK Date: Tue, 17 Jan 2012… Continue reading

So you’ve got a VMWare system but when you created it you did so but specified the wrong disk type. For example I have a Win7 32bit VM specifically for iTunes (in my family we have iPhones and iPads). Unfortunately when I created this for some silly reason decided to set the 40GB drive to preallocated meaning I have a single 40GB file taking up far too much room on… Continue reading