Pentest Makinası Kurulumu
Last updated
Was this helpful?
Last updated
Was this helpful?
Her komutun başına sudo eklemekten sıkıldıysan kullanabilirsin.
sudo su
passwd
rebootScriptlerin yarıda kesilmesinden sıkıldıysan uyku modunu kapatabilirsin.
Brute-force denemelerinde sıkça kullanılan bu wordlisti aşağıdaki komut ile çıkartıyoruz.
gzip -d /usr/share/wordlists/rockyou.txt.gzBütün araçları ve işletim sistemini güncellemek için aşağıdaki komutu kullanabiliriz.
apt update && apt full-upgrade -y && apt autoremove -y && apt autoclean && apt clean
rebootBu blogdaki bütün anlatılan toolları aşağıdaki şekilde yükleyebilirsin.
apt install -y tesseract-ocr antiword xclip terminator code-oss jq keepass2 gospider python3-wsgidav snmp-mibs-downloader rlwrap thunderbird nuclei subfinder feroxbuster docker.io dnsx ghidra wafw00f gdb golang-go enum4linux-ng remmina beef-xss zenmap assetfinder bloodhound zaproxy dirsearch bloodhound.py pipx massdns dnscat2-server dnscat2-client mingw-w64 git-cola build-essential zlib1g-dev libffi-dev libssl-dev libbz2-dev libreoffice libreoffice-gtk4 libreadline-dev libsqlite3-dev libreoffice-gtk4 liblzma-dev libncurses-dev tk-dev sliver apktool
sliver > armory install all
pipx ensurepath
pipx install shcheck mitmproxy git-dumper updog uro apkleaks reflutter adidnsdump
pipx install git+https://github.com/blacklanternsecurity/MANSPIDER
pipx install git+https://github.com/Pennyw0rth/NetExec
subfinder --update
nuclei -ut
# "editor.selectionClipboard": false
go install github.com/projectdiscovery/httpx/cmd/httpx@latest
go install github.com/projectdiscovery/katana/cmd/katana@latest
go install github.com/projectdiscovery/shuffledns/cmd/shuffledns@latest
go install github.com/projectdiscovery/naabu/v2/cmd/naabu@latest
go install github.com/projectdiscovery/uncover/cmd/uncover@latest
go install github.com/tomnomnom/anew@latest
go install github.com/tomnomnom/gf@latest
go install github.com/tomnomnom/qsreplace@latest
go install github.com/tomnomnom/waybackurls@latest
go install github.com/bitquark/shortscan/cmd/shortscan@latest
go install github.com/lc/gau/v2/cmd/gau@latest
go install github.com/ropnop/kerbrute@latest
go install github.com/hakluke/hakrawler@latest
go install github.com/hahwul/dalfox/v2@latest
go install github.com/ndelphit/apkurlgrep@latest
echo 'source /root/go/pkg/mod/github.com/tomnomnom/gf@v0.0.0-20200618134122-dcd4c361f9f5/gf-completion.zsh' >> ~/.zshrc
echo 'export PATH="$HOME/go/bin:$PATH"' >> ~/.zshrc
mkdir ~/.gf
cp -r /root/go/pkg/mod/github.com/tomnomnom/gf@v0.0.0-20200618134122-dcd4c361f9f5/examples/*.json ~/.gf
git clone https://github.com/1ndianl33t/Gf-Patterns
mv /root/Desktop/Gf-Patterns/*.json ~/.gf
rm -r Gf-Patterns
source ~/.zshrc
wget "https://github.com/docker/compose/releases/download/v2.29.1/docker-compose-linux-x86_64" -O /usr/local/bin/docker-compose
chmod +x /usr/local/bin/docker-composeBurp Pro: https://portswigger.net/burp/releases#professional
Foxyproxy: https://addons.mozilla.org/en-US/firefox/addon/foxyproxy-standard/
Wapplyzer: https://addons.mozilla.org/tr/firefox/addon/wappalyzer/
Birden fazla python versiyonu kullanmak isterseniz pyenv aracını kullanabilirsiniz.
curl https://pyenv.run | bash
echo 'export PYENV_ROOT="$HOME/.pyenv"' >> ~/.zshrc
echo '[[ -d $PYENV_ROOT/bin ]] && export PATH="$PYENV_ROOT/bin:$PATH"' >> ~/.zshrc
echo 'eval "$(pyenv init -)"' >> ~/.zshrc
exec $SHELL
# Kullanım
pyenv versions
pyenv install 2.7.18
pyenv install 3.11.9
pyenv global 3.11.9
pyenv global systemmkdir tools
cd tools
git clone https://github.com/urbanadventurer/username-anarchy.git
git clone https://github.com/Ridter/noPac.git
git clone https://github.com/cube0x0/CVE-2021-1675.git
git clone https://github.com/topotam/PetitPotam.git
git clone https://github.com/dirkjanm/PKINITtools
git clone https://github.com/ticarpi/jwt_tool.git
git clone https://github.com/Greenwolf/ntlm_theft
cd ..
mkdir server
cd server
wget https://github.com/tylerdotrar/SigmaPotato/releases/latest/download/SigmaPotato.exe
wget https://github.com/peass-ng/PEASS-ng/releases/latest/download/linpeas.sh
wget https://github.com/peass-ng/PEASS-ng/releases/latest/download/winPEASx64.exe
wget https://github.com/r3motecontrol/Ghostpack-CompiledBinaries/raw/refs/heads/master/Rubeus.exe
wget https://github.com/nicocha30/ligolo-ng/releases/download/v0.7.2-alpha/ligolo-ng_proxy_0.7.2-alpha_windows_amd64.zip
wget https://github.com/nicocha30/ligolo-ng/releases/download/v0.7.2-alpha/ligolo-ng_proxy_0.7.2-alpha_linux_amd64.tar.gz
wget https://github.com/nicocha30/ligolo-ng/releases/download/v0.7.2-alpha/ligolo-ng_agent_0.7.2-alpha_linux_amd64.tar.gz
wget https://github.com/nicocha30/ligolo-ng/releases/download/v0.7.2-alpha/ligolo-ng_agent_0.7.2-alpha_windows_amd64.zip
wget https://github.com/jpillora/chisel/releases/download/v1.10.0/chisel_1.10.0_windows_amd64.gz
wget https://github.com/jpillora/chisel/releases/download/v1.10.0/chisel_1.10.0_linux_amd64.gz
wget https://github.com/int0x33/nc.exe/raw/refs/heads/master/nc.exe
wget https://github.com/ParrotSec/mimikatz/raw/refs/heads/master/x64/mimikatz.exe
wget https://github.com/BloodHoundAD/SharpHound/releases/download/v2.5.7/SharpHound-v2.5.7-debug.zip
wget https://github.com/antonioCoco/RunasCs/releases/latest/download/RunasCs.zip
wget https://github.com/besimorhino/powercat/raw/refs/heads/master/powercat.ps1
wget https://github.com/AlessandroZ/LaZagne/releases/download/v2.4.6/LaZagne.exe
wget https://github.com/PowerShellMafia/PowerSploit/raw/refs/heads/master/Recon/PowerView.ps1
wget https://github.com/basharkey/CVE-2022-0847-dirty-pipe-checker/raw/refs/heads/main/dpipe.sh
wget https://github.com/AlexisAhmed/CVE-2022-0847-DirtyPipe-Exploits/raw/refs/heads/main/exploit-1.c -O dpipe1.c
wget https://github.com/AlexisAhmed/CVE-2022-0847-DirtyPipe-Exploits/raw/refs/heads/main/exploit-2.c -O dpipe2.c
wget https://github.com/worawit/CVE-2021-3156/raw/refs/heads/main/exploit_nss.py -O sudo_lpe.py
wget https://github.com/flozz/p0wny-shell/raw/refs/heads/master/shell.php -O powny.php
wget https://github.com/YasserREED/screen-v4.5.0-priv-escalate/raw/refs/heads/main/full-exploit.sh -O screen_remote.sh
wget https://github.com/YasserREED/screen-v4.5.0-priv-escalate/raw/refs/heads/main/exploit.sh -O screen_local.sh
wget https://github.com/ly4k/PwnKit/raw/refs/heads/main/PwnKit
wget https://github.com/DominicBreuker/pspy/releases/download/v1.2.1/pspy64neo4j start # neo4j:neo4j
bloodhound# Bloodhound CE icin bunla tariyoruz
git clone https://github.com/dirkjanm/BloodHound.py.git
cd BloodHound.py
git checkout bloodhound-ce
pip install .
# Bloodhound CE
curl -L https://ghst.ly/getbhce > docker-compose.yml
docker-compose pull && docker-compose up
neo4j:bloodhoundcommunityedition
#admin:random
http://localhost:8080/ui/logincd
git clone https://github.com/gpakosz/.tmux.git
ln -s -f .tmux/.tmux.conf
cp .tmux/.tmux.conf.local .
code .tmux.conf.local
set -g history-limit 9999999
set -g mouse on
set -g @plugin 'tmux-plugins/tmux-logging'
set -g @plugin 'tmux-plugins/tmux-copycat'
set -g @plugin 'tmux-plugins/tmux-yank'
tmux kill-server
tmux ls
tmux new -s session1
tmux a -t session1
mouse + y # Kopyalama
CTRL b + d # Ayrılma
CTRL b + w # Listeleme
CTRL b + c # Yeni Windows
ctrl b + m # Mouse mode
CTRL B + - # Yatay Bolme
CTRL B + _ # Dikey Bolme
CTRL B + z # Bolmeye Odaklan
CTRL B + ! # Bolmeyi Pencere Yap
ctrl B + / # Search
ctrl B + alt + shift + pRoot kullanıcısını ssh ile bağlanabilmemizi sağlar.
sed -i 's/^#PermitRootLogin prohibit-password/PermitRootLogin yes/' /etc/ssh/sshd_config
sed -i 's/^#PasswordAuthentication yes/PasswordAuthentication yes/' /etc/ssh/sshd_config
service ssh restart