Skip to content
Back Home

BOOK_GHANIM

  • Programming
    • C#
    • Python
  • CyberSec
    • Articles
    • CheatSheet Collection
      • Active Directory – Notes, Methodology, Cheatsheet
      • AV Evasion 101: Essential Techniques and Concepts
      • CheatSheet I – Basic
      • Buffer Overflow – Notes and cheatsheet
      • Pivoting and port forwarding guide
      • THM – Windows Privilege Escalation – Part 16
      • THM – Linux Privilege Escalation – Part 15
      • THM – Common Linux Privilege Escalation – Part 20
      • THM – NMAP Documentation and Commands – Part 13
      • THM – What the Shell – Part 19
    • Notes
    • Write-ups
  • Guides
    • HomeLab
    • Homelab Cheatsheet
  • Ultimate Cheatsheets
    • CheatSheet I – Basic
    • CheatSheet II – Advanced
    • CheatSheet III – Cloud
  • Methodology
  • Toolbox
  • About
  • Search
Back Home

BOOK_GHANIM

  • Search
  • Programming
    • C#
    • Python
  • CyberSec
    • Articles
    • CheatSheet Collection
      • Active Directory – Notes, Methodology, Cheatsheet
      • AV Evasion 101: Essential Techniques and Concepts
      • CheatSheet I – Basic
      • Buffer Overflow – Notes and cheatsheet
      • Pivoting and port forwarding guide
      • THM – Windows Privilege Escalation – Part 16
      • THM – Linux Privilege Escalation – Part 15
      • THM – Common Linux Privilege Escalation – Part 20
      • THM – NMAP Documentation and Commands – Part 13
      • THM – What the Shell – Part 19
    • Notes
    • Write-ups
  • Guides
    • HomeLab
    • Homelab Cheatsheet
  • Ultimate Cheatsheets
    • CheatSheet I – Basic
    • CheatSheet II – Advanced
    • CheatSheet III – Cloud
  • Methodology
  • Toolbox
  • About

C# Basics Data Types C# provides a number of built-in data types, including integers, floating-point numbers, booleans, and characters. Here are some examples: In this code, we declare and initialize variables of type int, float, bool, and char. The int and float types are used for storing numerical values, while […]

C# – Basics and examples

Source Good tools Malware forums/channels/discord Test payload against AV Defcon – Writing custom backdoor payloads with C# GitHub – mvelazc0/defcon27_csharp_workshop: Writing custom backdoor payloads with C# – Defcon 27 Workshop Step by Step for obfuscating code AV Evasion MindMap – From Start to finish (AV) Anti-Virus – The Hacker Recipes […]

AV Evasion 101: Essential Techniques and Concepts

Here are my notes from different courses I’m taking. Courses and resources https://www.udemy.com/course/learn-python-and-ethical-hacking-from-scratch/ https://tryhackme.com/room/pythonbasics https://tryhackme.com/room/pythonforcybersecurity Notes from ‘Learn Python & Ethical Hacking From Scratch‘ Lecture 1 – MAC Address Changer https://docs.python.org/3/library/subprocess.html Change MAC address using subprocess Script upgrade using variables Input from user Handling user input The above example is […]

Python Notes and Examples

This is notes from Holo room. https://www.tryhackme.com/room/hololive Covenant Installation and setup From the Covenant GitHub, “Covenant is a .NET command and control framework that aims to highlight the attack surface of .NET, make the use of offensive .NET tradecraft easier, and serve as a collaborative command and control platform for […]

Command And Control – C2 Framework

This is notes taken from the THM room ‘Wreath’, which is a great room for learning Active Directory and pivoting. https://www.tryhackme.com/room/wreath And from other sources. Summary What is pivoting? Pivoting is the art of using access obtained over one machine to exploit another machine deeper in the network. It is […]

Pivoting and port forwarding guide

These are my notes from the Active Directory networks at TryHackMe, as well as notes from other sources. Inspo: E’s methodology, https://zer1t0.gitlab.io/posts/attacking_ad/, https://bitbin.it/SKZrPTcu/, https://book.hacktricks.xyz/windows-hardening/active-directory-methodology Work in progress LOLBAS – Living off the land https://lolbas-project.github.io/ WADComs – Very useful cheatsheet https://wadcoms.github.io/ Icebreaker GitHub – DanMcInerney/icebreaker: Gets plaintext Active Directory credentials if […]

Active Directory – Notes, Methodology, Cheatsheet

On this Windows machine there was a SMB share that had two VHDs that we could remotly mount. The VHDs looked like a backup of a Windows. Using secretsdump we could dump the hash from from the /system32/config, and get the hash for users. Using john the ripper, I cracked […]

TJ_Null’s OSCP Prep – HTB – Bastion

There is no excerpt because this is a protected post.

Protected: OSCP Prep

On this Linux machine I abused LFI to find the password for admin panel for Tomcat. From there I used CLI to upload .WAR file to get a reverse shell. In /var/www there was a zip file which was password protected. Cracking the password using John, we find the credentials […]

TJ_Null’s OSCP Prep – HTB – Tabby

This Linux machine had a PHP page with LFI vulnerability. To upload a webshell I used SMB. From there we find credentials from a database config file. To root the machine I added a reverse shell to a writeable python module which was called upon by a python script run […]

TJ_Null’s OSCP Prep – HTB – FriendZone

On this Solaris machine we used finger to enumerate users. We then guessed the password for the enumerated user to get SSH access. From there we escalated our privilege to Sammy through a shadow file we had access to. I cracked the password and as able to SU to Sammy. […]

TJ_Null’s OSCP Prep – HTB – Sunday

Buffers are memory storage regions that temporarily hold data while it is being transferred from one location to another. A buffer overflow (or buffer overrun) occurs when the volume of data exceeds the storage capacity of the memory buffer. As a result, the program attempting to write the data to […]

Buffer Overflow – Notes and cheatsheet

On this Windows machine I exploited a Gym Management System to get remote code execution. After enumerating the machine there was a port, 8888, listening on localhost. Looking at the processes we find that its running CloudMe. I’ll use chisel to tunnel traffic from my machine to the target. In […]

TJ_Null’s OSCP Prep – HTB – Buff

On this linux box I used a LFI vulnerability in the webserver to get a users password which was encoded 13 times with base64. After finding the password, we read /etc/password and found a username charix. Using that username and password I SSH into the machine. In Charix folder there […]

TJ_Null’s OSCP Prep – HTB – Poison

On this Windows machine I abused an upload vulnerability to get remote code execution. When trying to upload a webshell, I got an error message hinting that uploading a web.config was allowed. There is a great post about uploading a web.config with command execution possiblity. To elevate my privilege I […]

TJ_Null’s OSCP Prep – HTB – Bounty

Posts navigation

    • 1
    • 2
    • …
    • 6
  • Older posts Older posts

© 2023 BOOK_GHANIM – All rights reserved

Powered by WP – Designed with the Customizr theme