Documentation Index
Fetch the complete documentation index at: https://rootea.es/llms.txt
Use this file to discover all available pages before exploring further.
Fulcrum
| · | · |
|---|---|
| Sistema operativo | Linux |
| Dificultad | Insano |
| IP | 10.10.10.62 |
| Fecha de retirada | — |
| Skills | API Enumeration - Endpoint Brute Force Advanced XXE Exploitation (XML External Entity Injection) XXE - Custom Entities XXE - External Entities XXE - XML Parameter Entities XXE - Blind SSRF (Exfiltrate data out-of-band) + Base64 Wrapper [Reading Internal Files] XXE + RFI (Remote File Inclusion) / SSRF to RCE Host Discovery - Bash Scripting Port Discovery - Bash Scripting Decrypting PSCredential Password with PowerShell PIVOTING 1 - Tunneling with Chisel + Evil-WinRM Gaining access to a Windows system PowerView.ps1 - Active Directory Users Enumeration (Playing with Get-DomainUser) Information Leakage - Domain User Password PIVOTING 2 - Using Invoke-Command to execute commands on another Windows server Firewall Bypassing (Playing with Test-NetConnection in PowerShell) - DNS Reverse Shell Authenticating to the DC shares - SYSVOL Enumeration Information Leakage - Domain Admin Password PIVOTING 3 - Using Invoke-Command to execute commands on the Domain Controller (DC) |