Quick tip: NC listener for the lazy

Ok, you have a shell but you want to have some cool scripts on the target to get cracking on .. well till now I just made a bunch of files with echo „bla bla“ > script.txt and copy pasted them line for line … well

If you set up your nc like this:

cat wget.sh |nc -lvp 443

It will just pipe all that nice echo lines into your command shell. So you have your scripts on the target.

Doh … so much time wasted ..

 

cheers ucki

Back to the labs .. again . .7 months later

Hello everybody reading this blog .. yeah I mean you .. you seem to be the only one .. so Hello again ..

It has been 7 months. What have I done in that time ?

Well I failed my first oscp exam.

Weak points: Windows priv escallation, and exploits .. sort of.

Then I spent my time in a lot of hotel rooms. Being a digital nomad sort of because of job. So I took a break from the labs. Right now I’m back in a better internet place (it is easier to get a good internet in some mountains in south america than in some fancy hotels) so I give that course a new shot.

If I will redo my recon scripts .. I’m unsure. Right now my recon procedure is :

1) run unicorn scan (so much faster .. .and also fast udp scan)

2) Run nmap only against the found ports of the target.

3) Write a lot of stuff down .. pen and paper style.

Ok right now I’m actually doing a lot of work in LaTex. Because I do every exercise in the manual. Like every tiny one. Because some of that tiny bits broke my neck in the first try

For LateX I use the lstlisting packet for copy paisting most of my outputs in my report (screenshots are nice but for my long term usage a copy paste ability is quite nice .. going back if you need to remember a certain command.

I’m using three colors to highlight stuff

moredelim=**[is][\color{codechanged}]{**@}{@**},
moredelim=**[is][\color{myblue}]{***@}{@***},
moredelim=**[is][\color{mygreen}]{*@}{@*},

As you can see I can make a red “change marker” as requested by offsec with **@TEXT@** or can make blue or green comments easy. I use green for comments of “official nature” while blue are for command line options and remarks for myself. If I decide not to include that text I might just turn that text invisible 😉 you know grey on grey.

Anyways so much for know .. see you guys in the lab

Greetings ucki