whx
/
killchain-compendium
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

bump

This commit is contained in:
whackx 2023-05-28 14:22:59 +02:00
parent b0b36adea5
commit 8635ad80bb
3 changed files with 59 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
Cryptography/Hashes/Wordlists.md
View File

@ -33,6 +33,7 @@ crunch 8 8 -t passw%%rd
* [ttpassgen](https://github.com/tp7309/TTPassGen.git) * [ttpassgen](https://github.com/tp7309/TTPassGen.git)
* Generate lists from the ground up * Generate lists from the ground up
* `pip install ttpassgen` * `pip install ttpassgen`
```sh ```sh
ttpassgen --rule '[?d]{6:6:*}' 6digitpins.txt ttpassgen --rule '[?d]{6:6:*}' 6digitpins.txt
``` ```
@ -43,6 +44,11 @@ ttpassgen --rule '[?l]{1:5:*}' all_letter_combinations.txt
ttpassgen --dictlist "in.txt,in2.txt" --rule '$0[_]?$1' -s " " out.txt ttpassgen --dictlist "in.txt,in2.txt" --rule '$0[_]?$1' -s " " out.txt
``` ```
An example for the policy of the following parameters. A given passwordlist as a base + 1 or 2 numbers + 1 or 2 a special characters
```sh
ttpassgen --dictlist "password_base_list.txt" --rule '$0[?d]{1:2:*}[!@#$%^]{1:2:*}' tt_password.list
```
# exrex # exrex
* Generate all possible outcomes from regex string * Generate all possible outcomes from regex string

36
Enumeration/GRPC.md Normal file
View File

@ -0,0 +1,36 @@
# GRPC
## Gain intel on the available sources on a server
List the available sources on the grpc server
```sh
grpcurl -plaintext $TARGET_IP list
```
Pick one of the listed services and connect to it
```sh
grpcurl -plaintext $TARGET_IP list $FOUND_SERVICE
```
Get a description for the selected service and their functions
```sh
grpcurl -plaintext $TARGET_IP describe $FOUND_SERVICE
```
## User Services on the Server
Request the found functions of the service
```sh
grpcurl -plaintext $TARGET_IP describe $FOUND_SERVICE.FUNCTION
```
### Use the WebUI
Open a WebUI on localhost to do the requests on the selected `$TARGET_IP`
```sh
grpcui -plaintext $TARGET_IP
```

17
Reverse Engineering/Deobfuscation.md
View File

@ -101,3 +101,20 @@ nm <binary>
```sh ```sh
floss --no-static-strings $BINARY_FILE floss --no-static-strings $BINARY_FILE
``` ```
## Tools
### Packers
* UPX is a common packer, take a look at the binary if it is possibly packed via upx. Use the upx cli command to deobfuscate the binary
```sh
upx -d <binary>
```
### Demangler
The binary may be mangled and needs to be demangled again for better readability. In case of C++ demangling, use `c++filt` to demangle the data types
```sh
c++filt _ZNSt7__cxx1114collate_bynameIcEC2ERKNS_12basic_stringIcSt11char_traitsIcESaIcEEEm
std::__cxx11::collate_byname<char>::collate_byname(std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > const&, unsigned long)
```