KNXSecurity Hacking Database



Data ddedDescriptionCategoryCommands CopyDemo
2017-06-09 08:20:23wfuzzweb Demo
wfuzz.py --hc 404 -w /home/knx/tools/PasswordList/directory-list-2.3-small.txt http://192.168.1.149/FUZZ
2017-06-24 17:33:55 ssh port forward [victim]:[port] to [ip]:[port], access by localhost:[port], rhost can be 127.0.0.1. Privte key needs to be in putty format, a PPK net Demo
plink.exe -N -i [private_key] -R [lport]:[rhost]:[rip] -l [user] [ip] 
2017-06-09 08:20:23sqite injection Other neat bitssql Demo
If you have direct DB access, you can use PRAGMA commands to find out interesting information:
PRAGMA database_list; -- Shows info on the attached databases, including location on the FS. e.g. 0|main|/home/vt/haxing/sqlite/how.db
PRAGMA temp_store_directory = '/filepath'; -- Supposedly sets directory for temp files, but deprecated. This would've been pretty sweet with the recent Android journal file permissions bug.
2017-06-09 08:20:23String manipulationbash Demo
* Bash estrapolare tutte le stringhe in un testo tra 2 marcatori
echo $TEXT | perl -e 'while ($l=<STDIN>) {$l=~/title="(.*)"/ && print "$1\n";}'

* Bash estrapolare una data
  echo $STRING | perl -e '$l=<STDIN>; {$l=~/(\d{4})\/(\d{2})\/(\d{2})/ && print "$3-$2-$1\n";}'

* Bash estrapolare un ora
  echo $STRING | perl -e '$l=<STDIN>; {$l=~/\s+(\d{2}:\d{2})/ && print "$1\n";}'

* delete all ines that contains foobar
  sed -s test.xtx <<< $'g/foobar/d w'

* Inseire all'inizio della riga (in questo caso il #)
  sed -e 's/^/#/g' 

* Rimuovere linee vuote
  sed -e 's/^\s*$/d/g'

* Rimuovere linee vuote
  sed -i '/^$/d' file.txt

* trova e sostituisci
  sed -i -e 's/abc/XYZ/g' /tmp/file

* sed sostituisci spazi con a capo
  sed -e 's/\s\+/\n/g'

* # Add to the beginning of the line starting with a pattern
  sed -i '/^[0-9]/ s/^/sshd: /' /etc/hosts.allow 

* text in binaries
  strings [FILENAME] --bytes=2 |grep "^sa$" -A 4 

* extract username from /etc/passwd
  grep -v -E "^#" /etc/passwd | awk -F: '$3 == 0 { print $1}' 

* scan for cron
  ls -aRl /etc/cron* | awk '$1 ~ /w.$/' 2>/dev/null 

* lista pacchetti installati
  cat /var/log/apt/history.log |awk '/apt[ -][get/install]/ {print $2,$3,$4}'

* Calculations using AWK. AWK is a huge language, not just for printing columns
  awk '{print "Avg for",$1,"is",($2+$3+$4)/3}' grades.txt 

* Print first and last lines of a file
  awk 'NR==1;END{print}' file.txt 

* Split the file on ; instead of space
  awk -F ";" '{print $2}' file.txt 

* Print a portion of the text
  awk '/start_pattern/,/stop_pattern/' file.txt 

* Convert a user list in format "first last" to flast
  cat users | awk '{print substr ($0, 1, 1),$2}' | tr [A-Z] [a-z] | sort | uniq 

* Rimuovere un certo numero di caratteri dalla fine
  cat file.txt | rev | cut -c <num carateri +1> |rev > output.txt 

* Trova e sostituisci
  perl -pi -e 's/abc/XYZ/g' /tmp/file   

* Trova e sostituisci
  repalce "abc" "XYZ"

2017-06-09 08:20:23smtpnet Demo
smtp-user-enum.pl -M VRFY -u /user.txt -t ip_mailserver