Methodology, Tricks & Common sense
Checklist for myself (mainly)
Assume that the easiest path is the best (Occam's razor)
Enumerate every new finding and connect to previously obtained information
If there is a POC code READ IT
Terminal tricks
Shell upgrade to tty
username@host:~# script /dev/null -c bash
# Press Ctrl+Z
username@host:~# ^Z
# Type: stty raw -echo; fg
localname@localmachine$ stty raw -echo; fg
# Type: reset
reset
reset: unknown terminal type unknown
# Type: screen
Terminal type? screen
username@host:~#
Common sense
Sub-folder or file exposed in non-accessible directory
If access is denied to a folder but there's a resource known to be beyond it / inside it, one can try to access the resource. Either by changing directories or outputting a file.
Restoring corrupted docx files
Copy docx into a zip:
cp 1.docx 1.zip
Extract non corrupt data to another zip:
zip -FF 1.zip 2.zip
Copy new zip to new docx:
cp 2.zip 2.docx
Sources
PE Binaries
x86 or x64
Use hexdump <binary> -C
to see the first few bytes of the binary.
ARHCITECTURE: x86
50 45 00 00 4c 01 04 00 |........PE..L...|
ARHCITECTURE: x64
50 45 00 00 64 86 03 00 |........PE..d...|
Last updated