Discover and read the best of Twitter Threads about #PWK

Most recents (1)

initinfosec's #PWK / #OSCP survival tips/thoughts. Thread of tips/tricks to hopefully help in PWK/OSCP:

caveat emptor:

* i'm a scrub, trust but verify?
* none are novel/new, YMMV
* can only speak to my own exp
* in no particular order
* added to/updated at random

GL;HF

1/x
RCE to shell:





In OSCP world, usually the time to dig in, if you truly have RCE, just need to be clever and creative.

For rev shells, see above. Try common ports or ones on target likely to be allowed by FW.

1/x
That doesn't work? Try URL-encoding and/or bash -c 'rev_shell_cmd' - redirection can get weird.

That doesn't work? Try alt methods - bind shell? look for creds or SSH keys for users? Upload a webshell (i like github.com/WhiteWinterWol…) for easier time working.

2/x
Read 31 tweets

Related hashtags

Did Thread Reader help you today?

Support us! We are indie developers!


This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3.00/month or $30.00/year) and get exclusive features!

Become Premium

Too expensive? Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal Become our Patreon

Thank you for your support!