hone blog ctf pentesting github

Resources & Scripts

List of resources I use so I can refer back to them if needed.

Awesome-Cyber

A curated list of tools useful within the field of cyber security, for both blue and red team operations.

PimpMyKali

Kali Linux Fixes for Newly Imported VM's

KDE Plasma: Display VPN IP Address

Display your tun0 IP address in a menu widget on Plasma. Useful for when connected to HackTheBox or TryHackMe so you can quickly reference your IP.

Command Output Widget: https://store.kde.org/p/1166510/

ADDR=$(ip addr | grep tun0|grep inet|awk '{print $2}'|cut -d "/" -f 1)
echo "$ADDR" | sed 's/$/ /g'

Upgrade Shell to Interactive TTY Shell

Upgrade basic Netcat reverse shells to interactive TTY shells for tab-completion, STDERR, history, and more.

# Check if tty
tty

# Upgrade from sh to bash
python -c 'import pty; pty.spawn("/bin/bash")'
python3 -c 'import pty; pty.spawn("/bin/bash")'
/bin/bash -i
perl -e 'exec "/bin/bash";'
script -qc /bin/bash /dev/null

# [CTRL+Z]

# Make interactive
stty raw -echo && fg
export SHELL=/bin/bash; reset;
# export SHELL=/bin/bash; export TERM=screen; stty rows 38 columns 116; reset;

Exfiltration

# Download file from SSH to local machine
scp username@server:/file/to/send /where/to/put


# Download file from reverse shell to local machine
xxd -p <file>
perl -e 'local $/; print unpack "H*", <>' <file>
hexdump -e '2/1 "%02x"' -v <file>
python3 -c "import sys; data = open(sys.argv[1], 'rb').read(); print(''.join(f'{byte:02x}' for byte in data))" <file>
with open("out.bin", "r") as file:
    data = file.read().strip()
    with open("out", "wb") as file2:
        file2.write(bytes.fromhex(data))
PreviousLazy AdminNextDumping Windows credentials

Last updated