Upload To upload a file you need to go to the folder where the file is and ONLY use the file name otherwise you’ll receive a 500 error: passive # must be off binary # to upload binaries, execute th...

Writable and executable file In order to leverage insecure file permissions, we must locate an executable file that not only allows us write access but also runs at an elevated privilege level. Use...

From the victim machine command shell use this list of commands: echo strUrl = WScript.Arguments.Item(0) > wget.vbs echo StrFile = WScript.Arguments.Item(1) >> wget.vbs echo Const HTTPREQ...

During a penetration test, we can use TFTP to transfer files from older Windows operating systems up to Windows XP and 2003. This is a terrific tool for non-interactive file transfer, but it is not...

This technique is useful to compress the binary we want to transfer, convert it to a hex string, and embed it into a Windows script. On the Windows machine, we will paste this script into our shel...

Ysoserial.NET ysoserial.NET this tool only works for Windows, after download it we need to identify the format of the binary or program running the code (-g) and the format (-f) that has the deseri...

mingw-w64 In order to avoid compilation issues, it is generally recommended to use native compilers for the specific operating system targeted by the code; however, this may not always be an option...

First we need to disable ASLR on Kali for testing: echo 0 | sudo tee /proc/sys/kernel/randomize_va_space Setting up the EDB debugger First thing, it runs with the following command: root@debian:~...

Setting up the Immunity Debugger First open it as administrator, then attach the process on “File” menu and then select the service and don’t forget to click on “Play”: Install mona.py Download ...

PSPY Pspy github download Monitoring Services running ./pspy64 Examples: Epsilon IP Address ifconfig -a ip address show ip a s DNS cat /etc/resolv.conf Network connections netstat -tulnpa ss ...