Useful Methods - tmansfield42/Tech-Journal GitHub Wiki

host discovery:

nslookup -vc <dnsname> <dnsserver>

nmap -sV -O -A <ip>

dirb <ip>: Website crawler

searchsploit phpmyadmin 4.8.1: good search tool

searchsploit -m /php/webapps/<code.py>: -m copies exploit to your current directory


### Hashed password

echo "4214db3884e9cd913b49b5b44e49ae96" > hash.txt

hashcat -m 0 -a 0 hash.txt /usr/share/wordlists/rockyou.txt

weevely backdoors

explains hash cracking & basic mysql commands +1

file permissions issues

cewl -m 4 http://10.0.5.21/page1/info -w <outfile.txt>: custom wordlist generator

rsmangler -f customwordlist.txt --min 9 ---max 12 -o mangled.txt: adds characters & vastly increases wordlist size

hydra -l <username> -P mangledwordlist.txt -s 22 -f <targetip> ssh -t 4: bruteforces ssh attempts with a wordlist.

⚠️ **GitHub.com Fallback** ⚠️