- Take screenshots
- Log terminals
- State changes you've made to tools/payloads/exploits
- whoami && cat /full/path/flag.txt && ip addr
- Platform (e.g. TryHackMe/HackTheBox/Proving Grounds)
- Box Name
- Box IP
- searchsploit
- hacktricks
- anonymous login
- weak credentials
- default credentials
- reuse credentials
- file uploading
- searchsploit
- hacktricks
- weak credentials
- reuse credentials
- searchsploit
- hacktricks
- dig
- zone transfer
- searchsploit
- hacktricks
- robots.txt
- sitemap.xml
- nikto
- gobuster
- searchsploit
- hacktricks
- rpcdump.py $RHOST -p 135
- searchsploit
- hacktricks
- nmap scripts
- searchsploit
- hacktricks
- nmap scripts (especially smb-vuln*)
- enum4linux
- anonymous login
- weak credentials
- default credentials
- reuse credentials
- file uploading
- searchsploit
- hacktricks
FLAG{}
FLAG{}