Add a new Directory to $PATH in Kali Linux
Add a new Directory to environment path variable, $PATH, in Kali Linux to help setup and easily run tools. The default shell of Kali Linux is now zsh.
Knowledge Base for Penetration Testing
Add a new Directory to environment path variable, $PATH, in Kali Linux to help setup and easily run tools. The default shell of Kali Linux is now zsh.
Method 1: Python pty module One of my go-to commands for a long time after catching a dumb shell was to use Python to spawn a pty. The pty module let’s you spawn a psuedo-terminal that can fool commands like su into thinking they are being executed in a proper terminal. Spawn /bin/bash using Python’s PTY module, and connect the controlling shell […]
Quick easy steps to create a WordPress pugin that will give you a reverse shell.
Windows stores user account passwords in SAM file. This file contains hashes of passwords. This SAM file cannot be opened directly by the user, so we have to dump it. Tools used : Mimikatz John The Ripper , Hashcat. Dumping SAM file: For this we need to copy sam and system files from their original […]
In this article, you will learn how to renew certificates in your Spring Boot apps on Kubernetes with cert-manager and Stakater Reloader. We are going to run two simple Spring Boot apps that communicate with each other over SSL. The TLS cert used in that communication will be automatically generated by Cert Manager. With Cert […]
In this article, you will learn how to create secure HTTPS gateways on Kubernetes. We will use Cert Manager to generate TLS/SSL certificates. With Istio we can create secure HTTPS gateways and expose them outside a Kubernetes cluster. Our test application is built on top of Spring Boot. We will consider two different ways of […]
In this blog post we will look at how to perform AS-REP roasting in two different ways, how to use hashcat to crack a krbasrep5 hashes, and how to mitigate this type of attack. During kerberos pre-authentication, a user’s NTID is used to encrypt a timestamp and then the domain controller will attempt to decrypt […]
In this Walkthrough, we will be hacking the machine Hutch from Proving Grounds Practice. To begin, we will utilize the ability to perform an anonymous LDAP search to dump account information where we will find a password. With valid credentials, we will run Bloodhound remotely to query the DC and find that our user has […]
In today’s tutorial, we are going to focus on adding a user to sudoers on the most recent CentOS distribution : CentOS 8. The sudo command is one of the most popular command available on Linux. It allows users to perform commands as another user, which is configured by default to run as the root […]
In today’s tutorial, we are going to see how you can add a user to sudoers on Debian distributions. The sudo command allows authorized users to perform commands as another user, which is by default the root user. There are two ways to add a user to sudoers : you can add this user to […]