OSCP 注意事項

-

 https://blog.keniver.com/2023/01/oscp-exam-guide/

https://hackercat.org/oscp/oscp-review

https://ithelp.ithome.com.tw/m/articles/10354135

https://peterkan.tw/2024/02/15/all-about-oscp/

https://tech-blog.cymetrics.io/posts/crystal/oscp-review/

https://hackercat.org/oscp/buffer-overflows-made-easy-notes-oscp-preparation

https://hackmd.io/@7ZcmfE2ETz-ntel2Ma6uTg/SJsPftiB1x

https://www.youtube.com/watch?v=Rm73FZ0K01g&list=PLcSbj5mz-wxMIiOjtknvQDwKsL0XKHMbN

https://github.com/In3x0rabl3/OSCP

OSEP: https://github.com/In3x0rabl3/OSEP/blob/main/osep_reference.md

https://hackmd.io/@CHW/H1F8rLl5kg?utm_source=preview-mode&utm_medium=rec


1. nmap掃弱點。TCP和UDP都要。

2. 到處點點看網頁,可利用的帳號可能就在網頁上。(極度愚蠢的帳號密碼組合)

3. 網頁爆破 gobuster dir -u http://192.168.219.197/ -w  /usr/share/wordlists/dirb/common.txt

4. 檢查網頁模板的漏洞 (改一下大小寫,可能就可以跳過檢查)

5. 連進去之後,馬上輸入(1) Linux: id (2) Windows: whoami /priv

5. crontab -l,檢查crontab,找看看有沒有script

6. 檢查Scirpt裡面可能帶明碼

A. grep -i sshpass

B. grep -i ftp

C. grep -i sftp

D. grep -i telnet

7. 檢查Target的interface

8. 檢查tasklist

N. 檢查MTU


留言

張貼留言

這個網誌中的熱門文章

5G NR Throughput Calculation

-
圖片
 用這個網頁進行計算。 https://5g-tools.com/5g-nr-throughput-calculator/ Mode of Modulation and Code Rate: Auto (3GPP 38.214) UL選 38.214-Table 5.1.3.1-1 DL選 38.214-Table 5.1.3.1-2 BW(j) = BW:100MHz FR1 µ:30kHz Overhead OH(j) for control channels Mode: Auto 3GPP 38.306 Mode of Symbols allocation: Vendor data Simple, 7:3 分別計算f(j)=1 & f(j)=0.75。
閱讀完整內容

從清單裡讀IP,並且一個一個Ping

-
  Use: save a s script file such as ip.sh and ./ip.sh xxx OOO, it means ping every XXX*n+OOOth packet. #!/bin/bash count=1 cat Type1_black.list | while read line do if [  expr $count % $1  -eq $2 ] then echo ‘==============================’ echo  expr $count echo  date echo $line #ping -c 10 -W 1 $line ping -c 10 $line #echo ‘==============================’ fi count=$[$count+1] done
閱讀完整內容