Tag Archives: infosec

removable disk could lead to privilege escalation

privilege escalation Linux with flash disk

removable media with setUID, setGID files could give privilege escalation
example copy nice command to ur flash storage and ask ur friend to print files in his system then run the command
nice like

it will say root

the problem occurs from a mounted partition without noexec,nosuid parameter

enjoy ur automount


happy hacking 😉

port forward & pivoting with meterpreter

Let’s assume u attacked machine with 2 nic cards

our IP is

first, one ip is that you reach it from

and in ifconfig shows, the machine has a different  IP

you can scan the network 10.0.2.x via meterpreter


we can connect to the RDP server of the machine

via adding a route from out local port 9389 to the machine

Continue reading port forward & pivoting with meterpreter

MetaSploit Payload to Executable EXE

Continue reading MetaSploit Payload to Executable EXE

bruteforce ftp files and folders

sometimes if the listing not working we need to brute force files and folders

here is a simple python script to brute-force folders

FTP brute force files

note this script will try to download files in your dictionary attack

so recommend to run it inside tmp folder


TrueCrypt Password bruteforce

hello, guys, this  script will simply mount the container

with the password form the given password list


Files Encrypt with GPG

GPG = Gnu Privacy Guard

To secure file from unauthorised access with the password in Linux/Unix is very simple method 🙂

lets assume we have a secure file with some financials stuff called orders.xls

and we want to email it to our partners  and we  want to get sure just he is the only one will be able to read it

first we will encrypt the file with password

gpg -c orders.xls

it will create a file orders.xls.gpg   this file that will be sent to our partners

notice the gig extension in the end of the file

this file will be only decrypted if  our partners enter the correct password

decrypt the file with password