7MS #590: Hacking Billy Madison - Part 2
1 min read Pentesting, Podcast

7MS #590: Hacking Billy Madison - Part 2

Today my Paul and I continued hacking Billy Madison (see part one here) and learned some interesting things:

  • You can fuzz a URL with a specific file type using a format like this:
wfuzz  -c -z file,/root/Desktop/wordlist.txt --hc 404 http://x.x.x.x/FUZZ.cap
  • To rip .cap files apart and make them "pretty" you can use tpick:
tcpick -C -yP -r tcp_dump.pcap

Or tcpflow:

apt install tcpflow
tcpflow -r
  • To do port knocking, you can use the knock utility:
sudo git clone https://github.com/grongor/knock /opt/knock
knock 21 23 25 69 444 7777777