Linux information collection
Linux information collection
Host discovery
nmap -sN 192.168.110.0/24
system identification
nmap -O 192.168.110.202
Port scan
Full scan
nmap –T4 –A –v -p- 192.168.110.149
-A option is used for Aggressive scanning;
-T4 specifies the Timing used in the scanning process. There are always 6 levels (0-5). The higher the level, the faster the sc ...
Posted on Tue, 30 Nov 2021 21:18:19 -0500 by EcLip$e
Intranet Penetration - Information Collection
Manual Information Collection
Reference resources: Intranet penetration test: Intranet information collection, upload and download
Basic Commands
whoami: Who am I?
systeminfo: Get basic information about the system
ipconfig /all: Get network information
View user information
Guess the Naming Rule of Network Host
net user // ...
Posted on Sat, 09 Oct 2021 13:35:29 -0400 by TwistedLogix
Intranet penetration - the most practical summary of horizontal movement
Summary of Two Ways of Horizontal Movement of 0x00 Intranet
There are two ways to move the intranet horizontally: transmission and vulnerability:
Delivery is through a set of built-in protocols and commands. For example: at,schtasks, psexec,smbexec, wmic,vmiexec, PTH,PTT,PTK, winrs, winrm, RDP, SPN, etc., to achieve penetration in ...
Posted on Mon, 04 Oct 2021 12:45:43 -0400 by pytrin