Skip to main content

Network & Linux Tools

 

 

Traceroute 

By default, tracroute sends UDP packets with incrementing dest ports starting at the bsae port of 33434, going up by one port for each packet sent (each hop measured 3 times)

#traceroute to multiple hosts
traceroute -g 10.10.10.1, 10.10.10.2

#Use ICMP instead of UDP
traceroute -I 10.10.10.10

#Use TCP SYN instead of UDP
traceroute -T 10.10.10.10


Online Traceroute Websites:

1) Traceroute.org
2) Kloth.net/services/traceroute.php
3) tracert.com
nslookup

check if there is anything in the - DNS Cache Snooping

>nslookup

set norecurse
www.website.com

set recurse
wwww.website.com

#Zone transfer
> dig @10.10.10.10 target -t AXFR

#Incremental Zone Transfer
dig @10.10.10.10 -t IXFR=N
Kill a running Process/Open Port 

netstat -pantp | grep LIST

#View the process ID
sudo lsof -t -i:80

#Kill the process
sudo fuser -k 80/tcp 
Find Largest Files in Linux

du -a /var | sort -n -r | head -n 10

#Get Readable output
du -hsx -- * | sort -rh | head -10
Installing Samba on Kali Linux

sudo apt install samba
sudo mv /etc/samba/smb.conf /etc/samba/smb.conf.old

#edit the shared folder path
sudo nano /etc/samba/smb.conf

#create a new user
sudo smbpasswd -a kali

sudo systemctl start smbd
sudo systemctl start nmbd


Kill All process with a same name 

ps -ef | grep 'myProcessName' | grep -v grep | awk '{print $2}' | xargs -r kill -9

or

for KILLPID in `ps ax | grep 'Process_NAME' | awk ' { print $1;}'`; do 
  kill -9 $KILLPID;
done
Kill a process running on a port 

fuser -k 4444/tcp
Add a path to $PATH permanently

nano ~/.bashrc
export PATH="$PATH:/usr/local/go/bin"
Check Service Manager being used 

ps -p 1 -o comm=

systemd: Indicates the systemd service manager.
init: Suggests the traditional System V init.
upstart: Implies the Upstart init system.

For systemd: If the systemctl command is available, it indicates systemd.
For System V init: If the service or /etc/init.d/ directory is present, it suggests the use of System V init.
For Upstart: If the initctl command is available, it suggests Upstart.


#List the process tree
pstree -p 1

This command will display the process tree starting from the init process. Look for process names or directories associated with specific service managers, such as systemd, upstart, or init.


Looking at Directories 
Examine the /sbin directory: Look for specific executables or symbolic links in the /sbin directory that indicate the service manager. For example:

/sbin/init: Suggests SysV init.
/sbin/initctl: Suggests Upstart.
/sbin/systemctl: Indicates systemd.
Linux Directories File Structure - Filesystem Hierarchy Standard (FHS)

1. `/sbin`: The `/sbin` directory contains system binaries (commands) that are primarily used by system administrators for system maintenance and management tasks. Some important binaries found in `/sbin` include:
   - `init`: The system initialization program (SysV init or systemd).
   - `shutdown`: Command to initiate system shutdown.
   - `reboot`: Command to reboot the system.
   - `ifconfig`: Tool for configuring network interfaces (deprecated in favor of `ip` command).
   - `fdisk`: Utility for partitioning disks.
   - `iptables`: Command for managing netfilter firewall rules (legacy; replaced by `nftables` in some distributions).

Other important directories in the Linux filesystem hierarchy include:

2. `/bin`: This directory contains essential command binaries that are required for normal system operation. These binaries are generally available to all users and are necessary for basic system functionality (e.g., `ls`, `cp`, `mv`, `mkdir`).

3. `/usr`: The `/usr` directory contains user-related programs and data. It has several subdirectories including:
   - `/usr/bin`: Non-essential command binaries for user access.
   - `/usr/sbin`: Non-essential system binaries used by system administrators.
   - `/usr/lib`: Libraries for programs in `/usr/bin` and `/usr/sbin`.
   - `/usr/local`: Programs and data specific to the local machine, often manually installed.

4. `/etc`: The `/etc` directory contains system-wide configuration files. It includes configuration files for various services, network settings, system startup, and more.

5. `/var`: The `/var` directory holds variable data files that are expected to change during system operation. It includes directories such as `/var/log` (system logs), `/var/spool` (print and mail spools), and `/var/www` (web server files).

6. `/home`: Each user on the system typically has a home directory under `/home`. User-specific files and configurations are stored here.

7. `/tmp`: The `/tmp` directory provides a location for temporary files that are accessible to all users. The contents of this directory are typically deleted upon reboot.
Troubleshooting Network IP Address is already Used.  





Comments

Popular posts from this blog

SQL DB & SQL Injection Pentest Cheat Sheet

1) MSSQL Injection Cheat Sheet | pentestmonkey 2) xp_cmdshell | Red Team tales 3) PentesterMonkey SQL Injection Cheatsheet Use dbeaver for GUI Access 4) SQL Injection Explanation | Graceful Security Common Ports Microsoft SQL: 1433/TCP (default listener) 1434/UDP (browser service) 4022/TCP (service broker) 5022/TCP (AlwaysOn High Availability default) 135/TCP (Transaction SQL Debugger) 2383/TCP (Analysis Services) 2382/TCP (SQL Server Browser Service) 500,4500/UDP (IPSec) 137-138/UDP (NetBios / CIFS) 139/TCP (NetBios CIFS) 445/TCP (CIFS) Oracle SQL: 1521/TCP 1630/TCP 3938/HTTP MongoDB : 27017,27018,27019/TCP PostgreSQL: 8432/TCP MySQL: 3306/TCP SQL DB Enum with nmap: nmap -p 1433 —script ms-sql-info —script-args mssql.instance-port=1433 IP_ADDRESS nmap -Pn -n -sS —script=ms-sql-xp-cmdshell.nse IP_ADDRESS -p1433 —script-args mssql.username=sa,mssql.password=password,ms-sql-xp-cmdshell.cmd="net user bhanu bhanu123 /add" nmap -Pn -n -sS —script=ms-sql-xp-cmds

Windows Priv Escallation

1.     Windows Privilege Escalation Commands  _ new 2.     Transferring Files to Windows 3.    Priv Esc Commands 4.    Priv Esc Guide  5.    Payload All the Things --> great Coverage 6.    WinRM -- Windows Priv Esc    7. Newb Guide - Windows Pentest    8. Kerberos Attacks Explained     9. How to Attack Kerberos 101    Use PowerSploit/PrivEsc/Powerup.ps1 to find some potential info check for Non-windows processes in windows using netstat Step 1: Check net user and admin and user rights Step 2: Check if we have access of powershell if yes then run powerup.ps1,sherlock.ps1 and JAWS.ps1. Step 3: Try to get Meterpreter. Step 4: Load mimikatz ,try bypass UAC , check SAM SYSTEM etc. Step 5: check for weird programs and registry. Step 6: If the box is Domain Controller - Enum - Enum SMB Users/Ldap Users/ Blood Hound - GUI AD Enum & Kerberos Enum - Bruteforce   Atacking AD with LDAP & kerberos      Step 7: Got Creds - try psexec.py or crackm

Forensics & Crypto

Online Decoder --> https://2cyr.com/decode/ Encoding errors -->  https://ftfy.now.sh/ File Signatures List -->  Click here PCAP Analysis: -->  https://www.packettotal.com/ Online Cipher Decryptors: CyberChef  - Cipher Decoder   Crack Station-Hash Cracke r Decrypt Any Kind of Hash 1)  Cipher Statistics 2)  Index of Coincidence Calculator - Online IC Cryptanalysis Tool 3)  Tools List (Awesome and Fantastic Tools) Available on dCode 4)  Solve an Aristocrat or Patristocrat 5)  RSA attack tool (mainly for ctf) - retreive private key from weak public key and/or uncipher data 5-1)  RSA - Find PQ using N 6)  BertNase's Own Hide content in a Image made of blocks - npiet fun! 7)  Vigenere Solver - www.guballa.de 8)  Fernet (Decode) 9)  Unicode Text Steganography Encoders/Decoders 10)  All in ONE encoders and Decoders Tool 11) Cryptii - Decoder Image Forensics: 1)  Forensically, free online photo forensics tools - 29a.ch 2)  StegSolve to decryt data in