# General Check List

### General Checklist

* Check **default passwords.**
* Check **versions of services.**
* Try more than one file while **directory brute-forcing** (i.e. /usr/share/wordlists/dirb/big.txt, /usr/share/wordlists/dirbuster/apache-user-enum-2.0.txt, /usr/share/wordlists/dirbuster/directory-list-2.3-medium.txt)
* Once inside a CMS or site **check every single page**.
* **bash vs sh**. Try both when doing privesc. One does not mean the other.&#x20;
* **SEARCH EVERYTHING**.....even if it seems silly!!!! (i.e photos) Check even CSS files.
* **Check other exploits** too if there are available. Do not stuck on one. It may say version 2.4 and the exploit with version 2.5 will work too.&#x20;
* **Enumerate subdomains** if you are getting nothing.
* Check the **/opt** and **/var** directories.
* Intercept **traffic with BurpSuite** if you are stuck.
* If you believe there is no other way in (i.e. have found one), then just **stick with it** and search search search for it.
* Run more than one **privesc scripts** (LinEnum, lse.sh, peas etc)
* If you see <http://10.10.10.10/index.php/> **run gobuster/dirsearch against it**. It may reveal a URL as <http://10.10.10.10/index.php/admin/>
* Read the code. It is on the details what it needs to be done/change. **Just read the code!!!**
* Try all of them **shell\_exec, system, exec** to be sure.
* If credentials are not working and you are sure it should, then **revert the box**. Might have crashed the box somehow along the way.
* If you are 100% sure the exploit is the one you are looking and it is not working, **try 64 bit or 32 bit**. Depends the architecture of the box.
* If there is a redirection to the page....after installing **NoRedirect** plugin on Firefox....add the page to **NOT redirect it**. Also intercept the traffic with BurpSuite to see where this goes.
* **Execute commands manually**. Sometimes you miss it when running automate scripts.
* Search and spend some time with **LFI/URL parameters**
* Running out of ideas? **Brute-Force** may be the last option. (use different lists and not only rockyou.txt)

**As a general rule:**&#x20;

> One finding leads to the next. (e.g. found a file? this will lead you to the next step)