find duplicated UID in the linux system

u can identify the duplicated uid in your system this useful to identify if there some manipulation inside the users’ accounts getent passwd|cut -d : -f3 |sort -n|uniq -d it only returns the duplicated uid btw: if it returns 0 😀 you know the rest

Google Drive Information Leak

Google Drive & Gmail attachments Leak This part of Google bounty program [IDOR] exploit to allow the attacker to leak your Google Drive files and this mean attacker could leak Gmail attachments that uploaded to Google Drive, Photos you shared with Gmail or any other third party

removable disk could lead to privilege escalation

privilege escalation Linux with flash disk removable media with setUID, setGID files could give privilege escalation example copy nice command to ur flash storage and ask ur friend to print files in his system then run the command nice like

it will say root the problem occurs from a mounted partition without noexec,nosuid parameter […]

nmap cheat sheet

nmap scan sheet cheat 😀 Host Discovery

arp scan

Stealth Scan

  Idle Scan

  Version Scan

port forward & pivoting with meterpreter

Let’s assume u attacked machine with 2 nic cards our IP is 10.0.0.5 first, one ip is 10.0.0.10 that you reach it from and in ifconfig shows, the machine has a different  IP 10.0.2.30 you can scan the network 10.0.2.x via meterpreter arp_scan

we can connect to the RDP server of the machine 10.0.2.30 […]

MetaSploit Payload to Executable EXE

bruteforce ftp files and folders

sometimes if the listing not working we need to brute force files and folders here is a simple python script to brute-force folders

FTP brute force files note this script will try to download files in your dictionary attack so recommend to run it inside tmp folder

 

TrueCrypt Password bruteforce

hello, guys, this  script will simply mount the container with the password form the given password list

 

Files Encrypt with GPG

GPG = Gnu Privacy Guard To secure file from unauthorised access with the password in Linux/Unix is very simple method 🙂 lets assume we have a secure file with some financials stuff called orders.xls and we want to email it to our partners  and we  want to get sure just he is the only one […]