7MS #590: Hacking Billy Madison – Part 2 – 7 Minute Security

Welcome! 7 Minute Security podcast episode show notes are here, our weekly YouTube livestream is here, and our Light Pentest eBook is here.

Published September 22, 2023

7MS #590: Hacking Billy Madison – Part 2

Today my Paul and I continued hacking Billy Madison (see part one here) and learned some interesting things:

You can fuzz a URL with a specific file type using a format like this:

wfuzz  -c -z file,/root/Desktop/wordlist.txt --hc 404 http://x.x.x.x/FUZZ.cap

To rip .cap files apart and make them "pretty" you can use tpick:

tcpick -C -yP -r tcp_dump.pcap

Or tcpflow:

apt install tcpflowtcpflow -r

To do port knocking, you can use the knock utility:

sudo git clone https://github.com/grongor/knock /opt/knockknock 1.2.3.4 21 23 25 69 444 7777777

Tags: pentesting

Written by: Brian Johnson

Share on socials:

Recent Posts: