Tag: redteam

C/C++, Hacking, Post-Exploitation, RedTeaming

HTTP – Get the external IP address in C

The following code snippets is from Post-recon project. This project is a work in progress. Please visit GitHub for the full source code, in this post I will just point out the most interesting parts. Get Public IP address (HTTP)   {…}   #define PUBLIC_IP_URL "http://ipecho.net/plain"   {…}   int LibCurl::GetPublicIPv4Address(char **ip, const char *userAgent, …

Penetration Testing, Phishing, Social Engineering

Prepare your Debian server to host a phishing site

It should be noted that the following guide has been tested and it is working for Debian 8.5-8.6. Update your system sudo apt-get updatesudo apt-get update sudo apt-get dist-upgradesudo apt-get dist-upgrade Install MySQL sudo apt-get install mysql-serversudo apt-get install mysql-server Activate MySQL sudo mysql_install_dbsudo mysql_install_db Configure MySQL sudo /usr/bin/mysql_secure_installationsudo /usr/bin/mysql_secure_installation Install PHP sudo apt-get install …

Active Directory

Active Directory enumeration from non-domain system

ADEnumerator allows red teamers to query LDAP with a standard user account from a system not joined to a domain. It’s common that during a red team assessment you will harvest credentials from printers, files, etc. But sometimes you don’t know what these credentials do. Instead of throwing the one set of credentials you got …