cobalt strike simply use
cobalt is after a penetration testing tool based on java development for inter-teams work together, referred to as "cs"
cs divided into client and server, under normal circumstances we call server to server team, the tool has methods and means of social engineering attacks, the server team can help us gather information and save the log records, linux server team needs to turn to the root, windows open to the team administrator server
service is enabled with
Linux: ./ teamserver server_ip pwd
Windows: teamservers .exe
client open
linux: ./ cobaltstrike -jar -XX or the Java: + AggressiveHeap -XX: + UseParallelGC -jar cobaltstrike.jar
Windows: Double-click cobaltstrike.exe
after opening the password and set a good ip address
1, a listener:
Beacon is built listener performs shell payload available to cs in the target host, which types dns / http / https / smb other
foreign external binding listener, general and msf linkage, obtaining meterpreter (shell) to msf in
found cobalt strike found listeners click on the menu bar, then click add, edit good ip port, and click OK
2, to generate Trojan
html application, generate malicious HTA, html applications
ms office macro, generate office macro virus
payload generator, generate a variety of languages Pyload
the USB / cd autopaly, generated automatically play the Trojans run
windows dropper, tied up, can be tied to the type of document
windows executable, generates windows executable
windows executabls (s), generate hidden windows executable
found in the menu bar attacks, find the packages, select windows executable, select the type to be generated, click generate, will generate a Trojan program, copy the program to the target machine, run, customers will end seen in cs to control the machine
php condition judging
if (condition) {city code that executes when the conditions}
if () {} {} the else
if () {} ELSEIF () {} {} the else
switch statement is used to perform different actions according to a plurality of different conditions.
php loop
for (initial value conditions, delta)} {code execution cycle
foreach loop through the array for
foreach ($ array as $ value) { the code to be executed;}
while (condition) {code to be executed;}
do ... the while statement code is executed at least once, and then checks the condition, as long as the condition is satisfied, the cycle will be repeated.
do {code to be executed;} while (condition);
php array, the array is capable of storing a plurality of values in a single variable, conut () function of calculating the length of the array
of small array of superscript numbers starting from 0, with traverse the array for, foreach
numeric array, the array name $ = array ( "1", 123,1.3, true) ;
Subscript array is associated keys, k1, k2, traversing the same use for, foreach
associate array (key-value pairs), $ array name = array ( "k1" => value1, "k2" => value2)
Multidimensional array
$ array name = array (array ( "ss" , 111,222), array ( "qq", 11,22));
php array sort
Sort (), ascending
rsort (), descending
asort (), based on the value associated with the array, the array is sorted in ascending order
ksort (), based on the key associated with the array, the array is sorted in ascending order
arsort (), according to the associative array value, in descending order of the array
krsort (), based on the key of the associative array, the array is sorted in descending order
PHP super globals are arrays
in PHP predefined with several super-global variables (superglobals), which means that they all scopes in a script are available. You do not need special instructions, you can use the functions and classes.
$ GLOBALS, contains global combination of an array of global variable, the variable name is the key array
$ _SERVER, contains such as header information (header), path (path), as well as an array of information on the location of the script (script locations), etc., this array the project created by the web server and can not ensure that no servers are available all items
$ _REQUEST, contain all the data submitted by the user, POST, and data GET, including the cookie
$ _POST, it contains the user POST method data sent
$ _GET, contain GET way user data sent by the
$ _FILES, corresponding to the file that contains user data sent
$ _ENV, contains an array of server environment variables
$ _COOKIE, data contained in the cookie
$ _SESSION, contains the data session in
cookie and session comparison
cookie is stored in the user's browser is returned by the server set-cookie package set, cookie indicates that the session state between a user's browser and the server in order to receive after a successful landing cookie data, which is generally time-sensitive, require the user to re-login after a failure, with the cookie data, each request will bring the user's cookie, the server will verify the legitimacy and effectiveness of the cookie, the cookie is sent to follow Same Origin policy browser
session is stored on the server, and the server time that the user's session state, session and cookie is one to one, the server which user needs to remember the landing site, session in document form in general stored in tmp file, save the file to sess_xxx, xx is beginning nti6, now assigned to the browser cookie value that is the beginning of the nti6, as long as the value of the cookie is modified, then the server will require users to log in again
php predefined constants
__LINE__, the line number where the document
__FILE__, the full path and file name
__DIR__, file directory
__FUNCTION__, function name
__CLASS__, name of the class
php function, there is a reference function, parameter-free function
function needs to return a value, return
function function name ($ value = '') the first letter of the function name of the best capitalized
calling the function, the function name (), if required to the main parameter, requires input parameters in parentheses, the number of parameters to meet the requirements
php object-oriented
object-oriented programming, an object is a description of the information and information processing of the composition as a whole, is an abstraction of the real world
Three main features of the object
behavior of the object, which operation, as is the behavior of lights, lights and other objects can be applied to the
shape of the object, when the object in response to how the method is applied to those, color, size, shape
representing an object, the object It represents the equivalent of identity cards, on specific distinction between what is different in the same behavior and state
Object-oriented popular content
class defines the abstract characteristics of a thing, the operation of the class definition data comprises form data and
objects are instances of a class
member variable, the definition of class variables inside, is characteristic of an object that variables can be referred to as object attributes
certain behavior function member, the object can be used to access the data object
constructor is used to initialize the main object when creating an object, the object member variable that is assigned the initial value, the total new operator used together to create an object statement
destructor, contrary destructor and constructor when the object end of their life cycle, for example, has called the function where the object is completed, the system automatically performs destructor, the destructor to clean up rehabilitation work
Class definition,
class name of class X $ var {;} var $ XX
the this represents the current class, class variables and functions have