[email protected]
[email protected]
[email protected]
[email protected]
About Calvin Lai (fkclai)
My Work
Exploit/CVE PoC
ZeroLogon Exploit
Remote Retrieved Chrome saved Encrypted Password
Twitter Control an RCE attack
Hacking Report (HTB)
Hits & Summary
Windows Machine
Linux Machine
PenTest & Exploitation Guide
01 Reconnaissance
02 Port Enumeration
03 Web Enumeration
04 Windows Enum & Exploit
05 File Enumeration
06 Reverse Shell Cheat Sheet
07 SQL Injection
08 BruteForce
09 XSS Bypass Checklist
10 Spring Boot
11 WPA
12 Payload list
Vuln Hub (Writeup)
MrRobot
CYBERRY
MATRIX 1
Node-1
DPwwn-1
DC7
AiWeb-2
AiWeb-1
BrainPan
CTF (Writeup)
Hacker One
CTF Learn
P.W.N. University - CTF 2018
HITCON
Useful Command/Tools
Windows
Linux
Offensive Security Lab & Exam
Lab
Powered by GitBook

05 File Enumeration

General

# Check 1 real file type
file file.xxx
​
# Analyze strings
strings file.xxx
strings -a -n 15 file.xxx # Check the entire file and outputs strings long
​
# Check embedded files
binwalk file.xxx # Check
binwalk -e file.xxx # Extract
​
# Check as binary file in hex
ghex file.xxx
​
# Check metadata
exiftool file.xxx
​
# Compressed files
fcrackzip file.zip

Disk Mount

# guestmount can mount any kind of disk file
sudo apt-get install libguestfs-tools
guestmount --add yourVirtualDisk.vhdx --inspector --ro /mnt/anydirectory

Audio

# Check for Stego
hideme stego.mp3 -f && cat output.txt #AudioStego

Images

# Stego
wget http://www.caesum.com/handbook/Stegsolve.jar -O stegsolve.jar
chmod +x stegsolve.jar
java -jar stegsolve.jar
​
# Stegpy
stegpy -p file.png
​
# Check png corrupted
pngcheck -v image.jpeg
​
# Check what kind of image is
identify -verbose image.jpeg
Previous
RDP
Next - PenTest & Exploitation Guide
06 Reverse Shell Cheat Sheet
Last updated 12 months ago
Contents
General
Disk Mount
Audio
Images