Spirited wolf's

Tutorial's

So, Hello everyone!
 I'm Spirited wolf as you already know. So this is my very first article on my journey for "OSCP"

From today i am gonna start blogging on my journey to "Try Hard".
So, As most of you all already know that now a days OSCP is in trend. So, i just asked my dad if i can do this. Firstly he said "NO" then after him i started convincing him and finally in last he Agreed.

So from today i will post everything that i will be learning in the upcoming 1-2 months. So i am studying with two of my good brothers/ more than friends.
0. Spirited wolf
https://twitter.com/spirit3113
1. Hex Ninja
2. Kishan sharma

Also one of my brother{again} Code_Ninja is also preparing for the same but he will register next year.

We all are studying together and learning new stuffs everyday when ever we get time. OSCP is all about pushing your limits to the highest level. Of course it's gonna give us a huge pain in our asss. But we are ready for that pain.

I had read 2 things :-
1.
"We Must embrace pain
    and Burn it as fuel,
        For our Journey."
These words were said by Kenji

2.

Of course we are not gonna do gym :P but yeah these lines are so true. 

So about 2-3 months ago. I heard about HTB "HackTheBox". From their i learned many stuffs, i also took help ofcourse. But on HTB i met may new pentester from different countries. I made a new friend who's call himself:- PeaceMaker (He is an amazing guy and now he became my very very good friend with whom i can share anything. He had done OSCP, OSWP and "THE OSCE ^_^")

and he give me some advice about (Offensive Security Certifications) that i should do the OSCP.

Then after it Me, Hex Ninja, KishanSharma started preparing for OSCP. Still we are preparing.
Now a days we are working on Buffer overflows. We have done Windows based BOF (Vanilla, SEH and only Egghunter ) so far. But for OSCP we just need the basic knowledge of Winodws/Linu based Vanilla BOF's.

Apart from this i am gonna provide all the links from where we are learning. My friend Code_Ninja is also solving many vulnhub machines and writing writeup's also so you can check it out from

 -----------------------------------------------------------
This is the Syllabus of PWK:-
1. - Getting Comfortable with Kali Linux
2. - The Essential Tools
3. - Passive Information Gathering
4. - Active Information Gathering
5. - Vulnerability Scanning
6. - Buffer Overflows- windows/linux based
7.- Working with Exploits
8.-File Transfers
9.- Client Side Attacks
10.-Web Application Attacks
11.-Password Attacks
12.-- Port Redirection and Tunneling

And then the most toughest thing (For me at-least);

12. - Privilege Escalation
--------------------------------------------------------------
Actually getting into the machine is easy(Intermediate) But the most toughest thing is to escalating the privileges of machines.


For Linux i'm following Gotmilk guide's. It's one of the best guide on priv. esclation.


Whenever i get into the machine by exploiting. I firstly check if the Kernel is vulnerable or not, then i check the suids , then the cronjobs and then i check for the different service's that are running on the machine.

For getting better in escalations we just need three things
Brain+Google+Exploit-db=R00t ^_^

----------------------------------------------------------------------------

Most of you must be thinking that how we are gonna prepare? Right?

-Then let me tell you we are gonna complete the 
  1.Buffer-overflow part first{More_practice}, 
then we will be doing practice on 
  2.Web application based vulnerablities- like:-
-------------------------------------------------------------------------------------------------------------

1. Injections:- 

    -SQL Injection 

For SQL Injection you can follow these tutorials,


Challenges we are gonna do:-

A. http://leettime.net/sqlninja.com/

B. BWAPP SQLI Challenges

C. DVWA SQLI Challenges

D. And some from Dhakkan's Lab   

    -Code Injection |&| Arbitrary Code executions

   
For Code Injection you can follow these tutorials,
   a)
    

Challenges we are gonna do:-

B. BWAPP Code Injection Challenges

C. DVWA Code Injection Challenges


2. File Inclusion

    -RFI


    -LFI, 







Have a look on this article also:- 

Challenges we are gonna do:-

A. BWAPP Inclusion Challenges

B. DVWA Inclusion Challenges


3. Cross site scripting


Basic Way:- 

Challenges we are gonna do:-

A. BWAPP XSS Challenges

B. DVWA XSS Challenges


5. Unrestricted file upload

   a)


   b)

   c)


Challenges we are gonna do:-

A. BWAPP Uploading Challenges

B. DVWA Uploading Challenges

--------------------------------------------------------------------------------------------------

Then we will be learning more about Enumerations. Because pentesting is all about enumeration. The more you enumerate the more vulnerabilities you will be able to see.

Enumeration

Let me clear one more thing Enumeration=Information gathering. That is why i said "The more you enumerate the more vulnerabilities you will be able to see." Hope you understand.

And if some of you might don't know then let me tell you that Enumeration are of two types:-
1.Active
2.Passive
So we are just gonna give our time to learn about active enumeration only as passive enumeration we have already done.

So in Active Information Gathering we are gonna learn about different enumerations some of them are:- 

1.DNS

2.SMB

Their are a lot of ways ofcourse for enumerating the SMB service. We can use the NMAP NSE script, enum4linux and many more. I will make tutorial on it very soon.

3.SNMP

For this i will say read this and then google to know more about it.

4.SMTP

For this you can use smtp-user-enum tool.
Also read this article once.

4.Portscanning

So here comes the most important part "THE PORT SCANNING" 

Without it you are "0x00" || "\x00" haha... 

For port forwarding as we all already know that NMAP is the best of the best for it. 

So just start googling now ;) 

Some Resources on Enumerations:-


To know everything in detail about enumeration? Then just go on the below link ;) 


   
This is my very first article so i will not write much. But i can promise that the next few months will not be easy for me and it will be amazing for all of you. If you are going to come back here :P to read my fucking article that is written in very-very bad english :'( .

Thanks for reading,


























[Image: 4703e5a3cd.png]So Hello everyone,
I'm Spirited wolf as you all know and i'm uploading something after a long because i was busy with my fucking life. [Image: 1f642.png]-
[Image: 47074ce279.png]

-----------------------------
Today we are gonna discuss about one more awesome framework from SSA team i.e FakeImageExploiter.
CodeNameMetamorphosis
Version release: v1.3 (Stable)
Authorpedro ubuntu [ r00t-3xp10it ]
Distros Supported : Linux Ubuntu, Kali,  Mint,  Parrot OS
Suspicious-Shell-Activity© (SSARedTeam develop @2017
 
[Image: O8MjQFl.png]
The author does not hold any responsibility for the bad use of this tool,
remember that attacking targets without prior consent it's illegal and punished by law.
[Image: UQuGs1D.png]
This module takes one existing image.jpg and one payload.ps1 (input by user) and
builds a new payload (agent.jpg.exe) that if executed it will trigger the download of
the 2 previous files stored into apache2 (image.jpg + payload.ps1) and execute them.
This module also changes the agent.exe Icon to match one file.jpg Then uses the spoof
'Hide extensions for known file types' method to hidde the agent.exe extension.
All payloads (user input) will be downloaded from our apache2 webserver
and executed into target RAM. The only extension (payload input by user)
that requires to write payload to disk are .exe binaries.
Today we will check "The Noob Friendly Function".


If you liked this tutorial then please subscribe,Like,Comment and share to my channel. Also you can join me on cracking forums! I'll leave link in description.
----------------------------------------------------------------------------------------------------------
This tutorial is for education purpose only. I'll not be responsible for any harm.
------------------------------------------------------------------------------------------------------------
Please Subscribe My Channel If you like it::
Please Like My Facebook Page::
Follow me on Twitter::
@spirit3113
Thanks!




[Image: Zpr4nWT.png]
So Hello everyone,
I'm Spirited wolf as you all know and i'm uploading something after a long time due to my exams. After march i'm gonna start the 
programming languages tutorial's.
===================================
[Image: Umq5hLD.png]

===================================
 Version releasev2.0-STABLE
Authorr00t-3xp10it
Codenameoneiroi phobetor 
Distros SupportedLinux Ubuntu, Kali, Debian, BackBox, Parrot OS
Suspicious-Shell-Activity© (SSARedTeam develop @2017
[Image: O8MjQFl.png]
The author does not hold any responsibility for the bad use of this tool,
remember that attacking targets without prior consent it's illegal and punished by law.
[Image: UQuGs1D.png]
Morpheus it's a Man-In-The-Middle (mitm) suite that allows users to manipulate
tcp/udp data using ettercap, urlsnarf, msgsnarf and tcpkill as backend applications.
but this tool main objective its not to provide an easy way to exploit/sniff targets,
but ratter a call of attemption to tcp/udp manipulations technics (etter filters)
Today we are gonna discuss about one more awesome tool from SSA team i.e Morpheus.
Today we will check "Redirect browser trafic" module.
----------------------------------------------------------------------------------------------------------
This tutorial is for education purpose only. I'll not be responsible for any harm.
------------------------------------------------------------------------------------------------------------
Please Subscribe My Channel If you like it::
Please Like My Facebook Page::
Follow me on Twitter::
Thanks!
Next PostNewer Posts Previous PostOlder Posts Home