SearchSploit
Search’s Exploit DB for any known exploits for an given service
Update DB
searchsploit -uSearching for Exploit
searchsploit <service-name>
searchsploit <service-name> <version>
searchsploit -t <search-term> # Search Module Title onlyCopy Exploit to CWD
searchsploit -m <exploit-id>Hex Dump
Computer data (RAM Content, Compressed File, etc.) that is represented in Hex representation
xxd <filename>
xxd -r data.txt > dataThe output file has no extension as the converted data is not necessarily a text file
Python One Liners
HTTP Server
python3 -m http.server <port-no>FTP Server
pip install pyftpdlib
python -m pyftpdlib -p 21 -wReset Root/User Password at Boot
- It attack works only on systems where bootloader is not locked
- On boot select “Advanced Boot Options” → Select a kernel and press “E” key.
- Find the “Linux” line and replace it as follows:
# Original Line
linux /boot/<kernel> root=UUID=<uuid-string> ro initrd=/install/initrd.qz quiet splash
# Modified Line
linux /boot/<kernel> root=UUID=<uuid-string> rw init=/bin/bash- Once done press “F10”. The system will boot and load a shell
- Use passwd command to set a new password. Reboot