$PATH
environment variable:bash_history
:grep
for something uniquely associated with URLs, then cut out extraneous information:href=
which identifies hyperlinks in HTML. We can filter more precisely by looking for recurring characters that help us divide the data into smaller chunks. The command cut -d "/"
chunks the data and separates it by /
. The -f 3
option tells us to filter out the 3rd chunk (field) of data.sort -u
:host
command on every domain in a text file:host
to find successful lookups:has address
, filtering out the URL by using spaces as the delimiter and then removing duplicates with sort
.>
:>>
:|
:cmd.exe
:home/user/.ssh/id_rsa
) you can paste the keyfile contents into a text file on your local machine, set the right permissions with chmod 600
and ssh in with it.127.0.0.1
or localhost
). To access this local-only service from your remote machine, you'll need to instruct SSH to forward connections from your machine's local port 5901
to the server's loopback interface + listening port for VNC: 127.0.0.1:5901
.5901
to 127.0.0.1:5901
on the remote host. Because of this tunnel, the second command lets you connect VNC service as if you were on the same server.localhost
on port 5432
.9000
to localhost:5432
on the remote server:authorized_keys
file. Using the string in that file, go into the corresponding folder of weak keys (DSA or RSA, choose the right one!) and grep for the public key:chmod 700
so that you can use it with ssh. It's very likely you'll need to update your local ssh config file /home/user/ssh/ssh_config
with some ancient stuff to connect successfully, like this:-vvv
debug parameter to your SSH command and google the error messages. There is also a good walkthrough of the whole process with a downloadable Vulnhub machine for practice.