Remember to log all activity for reporting purposes. Take screenshots of everything, even if your attempts fail. I like to number my screenshots 1 - blah.png to make it easer to review screenshots when creating the report storyboard. You should be including positive findings for the client in your report Executive Summary and Storyboard sections.
If you're logging commands, (and you should be) you should also include the date, time, and your IP address in your logs.
Put this in your .bashrc (Linux) or .bash_profile (Mac):
PS1='[`date +"%d-%b-%y %T"`]\[\033[01;31m\] `ifconfig eth0 2>/dev/null | sed -n 2,2p | cut -d" " -f 10`\[\033[00m\] \[\033[01;34m\]\w\[\033[00m\] \$ '
Replace 'eth0' with the correct network interface if different.
To log your Internet IP address for an External assessment:
PS1='[`date +"%d-%b-%y %T"`]\[\033[01;31m\] `curl -s ifconfig.co`\[\033[00m\] \[\033[01;34m\]\w\[\033[00m\] \$ '
FYI, the command prompt may lag for a second while curl makes the web request each time you press Enter.
Edit .zshrc, add these two lines to the end:
PROMPT="%{$fg_bold[grey]%}[%{$reset_color%}%{$fg_bold[${host_color}]%}%n@%m%{$reset_color%}%{$fg_bold[grey]%}]%{$reset_color%} %{$fg_bold[blue]%}%10c %W %t $(ifconfig | grep -A 1 wlp4s0 | grep inet | tr -s ' ' | cut -d ' ' -f 3) %{$reset_color%} $(git_prompt_info) $(git_remote_status)
%{$fg_bold[cyan]%}❯%{$reset_color%} "
To log your Internet IP address for External network pentests, include these two lines at the end of your .zshrc file:
PROMPT="%{$fg_bold[grey]%}[%{$reset_color%}%{$fg_bold[${host_color}]%}%n@%m%{$reset_color%}%{$fg_bold[grey]%}]%{$reset_color%} %{$fg_bold[blue]%}%10c %W %t $(curl -s http://ipecho.net/plain; echo) %{$reset_color%} $(git_prompt_info) $(git_remote_status)
#%{$fg_bold[cyan]%}❯%{$reset_color%} "
Shutter is arguably the best screenshot utility for Linux systems.
Installation: sudo apt update && sudo apt install -y shutter libgoo-canvas-perl
Greenshot: https://getgreenshot.org/
Greenshot is a light-weight screenshot software tool for Windows with the following key features:
- Quickly create screenshots of a selected region, window or fullscreen; you can even capture complete (scrolling) web pages from Internet Explorer.
- Easily annotate, highlight or obfuscate parts of the screenshot.
- Export the screenshot in various ways: save to file, send to printer, copy to clipboard, attach to e-mail, send Office programs or upload to photo sites like Flickr or Picasa, and others.
- ...and a lot more options simplyfying creation of and work with screenshots every day.
Log using tee:
command args | tee output.log
Append to a log:
command args | tee -a output.log
Log all commands run in a window using the script utility:
script output.log
Run a single command and log it using the script utility:
script -c 'command args' output.log
If your command requires single quotes in the args, wrap the command in double quotes or vice versa. You can also escape quotes.
Metasploit spool command:
msf> spool msfconsole.log
Get-ChildItem -Path D: -File -System -Recurse | Tee-Object -FilePath "c:\test\AllSystemFiles.txt" -Append | Out-File c:\test\NewSystemFiles.txt
This command saves a list of system files in two log files, a cumulative file and a current file.
The command uses the Get-ChildItem cmdlet to do a recursive search for system files on the D: drive. A pipeline operator (|) sends the list to Tee-Object, which appends the list to the AllSystemFiles.txt file and passes the list down the pipeline to the Out-File cmdlet, which saves the list in the NewSystemFiles.txt file.
Tee-Object works the same when running Dos commands in PowerShell.