- dirtycow_exploit.c -> Weaponize Dirtyc0w vulnerability to attack "ping" suid binary, replacing binary with reverse shell code.This gives unpriveleged user root shell.
- domain_dig.c -> Traverse through computers on a Windows Domain. Try passwords from a password list on each and upon cracking, look for a target file and return it to a server.
- musicd_exploit.c -> Used CVE-2004-1704 to exploit vulnerable service to extract etc/shadow and replaced musicd-service with this file to give root shell when certain prefixes followed by command were entered
- scanning_implant.py -> Implant placed on a machine on a network scans the network for vulnerable services (kind of like nmap)
- arp_mitm.py -> Uses ARP spoofing with gratuitous arp requests to trick sender and receiver on the same subnet to route packets through attacker machine
- preload.c -> ld_preload attack to mask presence of malicious musicd service
rr1259/pentesting-work
Folders and files
| Name | Name | Last commit date | ||
|---|---|---|---|---|