VerifyIT

VerifyIT

Skip to content

Home
# SERVICES
^ BLOG
- Hardening
  - Browsers
    - Google Chrome
    - Internet Explorer
  - Cloud
    - Azure
  - Databases
    - DB2
    - MS SQL
    - MySQL
    - Oracle
  - Operating Systems
  - Webservers
    - Apache
    - IIS
- Compliance Scanning
- Monitoring
- Vulnerability Scanning
  - Nessus
  - Nikto
  - OpenVas
- Penetration Testing
* LOCATION
$CHARITY

Post Exploitation

Uploading / Downloading Files

After we gained a foothold on our target (exploitation) we want to upload and download files.

In our first stage we are limited to what the exploited target offers.

Some examples are:

tftp
ftp (sftp / ftps)
wget (http)
curl
bits (windows)
smb
netcat
custom scripts that make use of the available script interpreters:
- Powershell (windows)
- Visual Basic (windows)
- perl
- python
- etc

TFTP

Create a the tftp...Read More »

Privilege Escalation

References

Basic Linux Privilege Escalation

https://blog.g0tmi1k.com/2011/08/basic-linux-privilege-escalation/

Windows Privilege Escalation

http://www.fuzzysecurity.com/tutorials/16.html
http://www.bhafsec.com/wiki/index.php/Windows_Privilege_Escalation
https://pentest.blog/windows-privilege-escalation-methods-for-pentesters/?lipi=urn%3Ali%3Apage%3Ad_flagship3_pulse_read%3BzIszsQ%2FYRU%2BiWuuAK42a9w%3D%3D
https://github.com/ankh2054/windows-pentest?lipi=urn%3Ali%3Apage%3Ad_flagship3_pulse_read%3BzIszsQ%2FYRU%2BiWuuAK42a9w%3D%3D
https://github.com/SecWiki/windows-kernel-exploits
https://github.com/abatchy17/WindowsExploits

...Read More »

Share this:

LinkedIn
Twitter
Facebook
Email
WhatsApp
Print
Telegram
Skype
More

Pinterest
Reddit
Tumblr
Pocket

Search for:

Partners

Top Posts

Configure the 'SSL Cipher Suite Order' Group Policy Setting
SMB Signing Disabled (Windows)
Read .nessus file into Excel (with Power Query)
Link-Local Multicast Name Resolution (LLMNR) Detection
SSL/TLS Diffie-Hellman Modulus <= 1024 Bits (Logjam)
The X-XSS-Protection header is not defined
Identify failed credentialed scans in Nessus / Security Center
SSL 64-bit Block Size Cipher Suites Supported (SWEET32)
SSH Server CBC Mode Ciphers Enabled
Ensure RC4 Cipher Suites is disabled

Recent Posts

Samba Exploits January 23, 2018
Uploading / Downloading Files January 21, 2018
OS Fingerprinting October 14, 2017
Scanning udp port 1434 SQL Browser October 12, 2017
Mount Windows share from Linux October 12, 2017
UDP port Scanning October 11, 2017
Privilege Escalation October 8, 2017
Reverse Shells October 8, 2017
Verify Permissions on files (Windows) May 1, 2017
PASSWORD_COMPLEXITY_UNSUPPORTED_ON_AGENT February 24, 2017

Categories

Proudly powered by WordPress