53 lines (33 loc) · 1.15 KB

Pillaging

⬅ Back to Index

General

MSF

Keylogging
- keyscan_start
- keyscan_dump - Dump all captured
- todo
Gather live hosts on netblock
- use post/multi/gather/ping_sweep
- use post/windows/gather/arp_scanner (Win Beacon)
  - run arp_scanner -r x.x.x.x/24

Spoofing

Enable port forward - echo 1 > /proc/sys/net/ipv4/ip_forward
Use arpspoof, bettercap, or ettercap

Shares

CIFS mount - mount -t cifs //<ip>/share /mnt/lolz -o rw,vers=1.0,user=<user>,password=<password>

Windows

Powershell Empire

PowerSploit - PowerView
- Get-NetComputer / Get-NetComputers -full
- Get-NetShare
- Get-NetUser

MSF (Win)

Auto enum - run winenum
Privs - run post/windows/gather/win_privs

Windows - Other Scripts / Git Resources

SessionGopher (WMI methods of gathering session info) - https://github.com/Arvanaghi/SessionGopher

Linux

MSF (Linux)

Linux - Other Scripts / Git Resources

3snake (Gather creds from new processes)