Excel Function and VBA
Excel Functions and VBA Cheat Sheet by Axcel Security:
https://drive.google.com/file/d/0B5wopjzDUlg-UGthSGNoWVZZOFE/view?usp=sharing
Excel Funtions
Join two or more text strings into one string
=CONCATENATE(B2," ",C2)
Separate Strings (1)
=RIGHT(A2,LEN(A2)-FIND(",",A2)-1)
Separate Strings (2)
=LEFT(C6,FIND(",",C6)-1)
Length of the string
=LEN(C5)
Replaces existing text with new text in a string
=LEN(SUBSTITUTE(C6,D6,""))
Number of Instances
=(LEN(C7)-LEN(SUBSTITUTE(C6,D6,"")))/LEN(D7)
Remove extra spaces, starting spaces and ending spaces
=TRIM(C8)
Replaces existing text with new text in a text string
=SUBSTITUTE(C9, "how", "who")
Replaces existing text with new text in a text string (indicate which occurrence you want to substitute)
=SUBSTITUTE(C10, "2010", "2013", 2)
Replaces existing text with new text in a text string (position of the text to be replaced)
=REPLACE(C11,3, 5, "")
Get the number of words
=LEN(TRIM(C10))-LEN(SUBSTITUTE(C9, " ", ""))+1
Convert all letters in a text string to lowercase
=LOWER(C12)
Convert all letters in a text string to uppercase
=UPPER(C13)
Convert all letters in a text string by capitalize each word
=PROPER(C14)
Removes nonprintable characters from a string
=CLEAN(C15)
Compare Text (case-sensitive)
=EXACT(C16, D16)
Compare Text (case-insensitive)
=C17=D17
Count Text Occurrences
=COUNTIF(C21:C25, "star")
=COUNTIF(C21:C25, "star?")
=COUNTIF(C21:C25, "star*")
=COUNTIF(C21:C25, "*star*")
=COUNTIF(C21:C25, "*")
Count Blank/Nonblank Cells
=COUNTBLANK(C21:C26)
=COUNTA(C21:C27)
Calculate the sum of the products
=SUMPRODUCT(C28:C29,D28:D29)
Nested If
=IF(C30>90,"GD!",IF(C30>=75,"Good!",IF(C30>=50,"Good!")))
3D-reference - Same cell or range on multiple worksheets
=Sheet1!B2+Sheet2!B2
Offset
=OFFSET([TargetCell], [Bottom], [Right], [From Cell], [To Cell])
Left Lookup
=INDEX(E3:E5, MATCH(A2, D3:D5))
Two-way Lookup
=INDEX(D3:F5, MATCH(A2, D3:D5,0), MATCH(B1, D2:F2, 0))
Find the maximum value
=MAX(A:A)
Negative Numbers to Zero
=MAX(0, (D36-C36))
Creating random numbers
=RAND()
Returns a random whole number between two boundaries
=RANDBETWEEN(50,75)
Create random decimal numbers between boundaries
=50+25*RAND()
Rank of a number in a list of numbers
=RANK([Target Cell], [Range of Cells])
Rounds a number down to the nearest integer
=INT(C41)
Chops off decimals
=TRUNC(C42)
=TRUNC(C42, 2)
Nearest Multiple
=MROUND(C44,5)
Excel VBA
To alert number of worksheetsMsgBox Worksheets.Count
To creates a new workbook
Workbooks.Add
Range Examples
Range("A1:A2,B3:C4").Value = [value]
Range Examples (with named range)
Range("NamedRange").Value = [value]
Cells
Cells(3, 2).Value = [value]
Declare a Range Object
Dim example As Range
Set example = Range("A1:C4")
example.Value = 8
Select
Dim example As Range
Set example = Range("A1:C4")
example.Select
Rows
Dim example As Range
Set example = Range("A1:C4")
example.Rows(3).Select
Columns
Dim example As Range
Set example = Range("A1:C4")
example.Columns(2).Select
Copy/Paste
Range("C3:C4").Value = Range("A1:A2").Value
Clear
Range("A1").Value = ""
Count
Dim example As Range
Set example = Range("A1:C4")
MsgBox example.Count
' return 12
MsgBox example.Rows.Count
' return 4
Variables - Integer
Dim x As Integer
x = 6
Range("A1").Value = x
Variables - String
Dim book As String
book = "bible"
Range("A1").Value = book
Variables - Double
Dim x As Integer
x = 5.5
MsgBox "value is " & x
Variables - Boolean
Dim continue As Boolean
continue = True
If continue = True Then MsgBox "TRUE!"
If-Else Statement
Dim score As Integer, result As String
score = Range("A1").Value
If score >= 60 Then
result = "pass"
Else
result = "fail"
End If
Range("B1").Value = result
Single Loop
Dim i As Integer
For i = 1 To 6
Cells(i, 1).Value = 100
Next i
Do While Loop
Dim i As Integer
i = 1
Do While i < 6
Cells(i, 1).Value = 20
i = i + 1
Loop
String Manipulation
Dim text As String
text = "example text"
MsgBox Left(text, 4) 'return exam
MsgBox Right("example text", 2) 'return xt
MsgBox Mid("example text", 9, 2) 'return te
MsgBox Len("example text") 'return 12
MsgBox Instr("example text", "am") 'return 3
One-dimensional Array
Dim Films(1 To 5) As String
Films(1) = "Lord of the Rings"
Films(2) = "Speed"
Films(3) = "Star Wars"
Films(4) = "The Godfather"
Films(5) = "Pulp Fiction"
MsgBox Films(4) 'return The Godfather
Function
Function Area(x As Double, y As Double) As Double
Area = x * y
End Function
---------------------------------------------------------------
Dim z As Double
z = Area(3, 5) + 2
MsgBox z
Sub Area(x As Double, y As Double)
MsgBox x * y
End Sub
---------------------------------------------------------------
Area 3, 5
Task 1
Before
After
Sub compute()
Dim i As Integer
Dim TEMP_ID As String
Dim COL_ID_NEW As Integer
Dim COL_VL_NEW As Integer
Dim COL_VL_NEW_DEFAULT As Integer
Dim ROW_ID_NEW As Integer
TEMP_ID = "dummy"
'To get number of last row
LAST_ROW = Cells(Rows.Count, 1).End(xlUp).Row
'Configuration
'To define column number to store new ID
COL_ID_NEW = 4
'To define row number to store new ID
ROW_ID_NEW = 1
'To define column number to store new value
COL_VL_NEW = 5
'To define default column number to store new value
COL_VL_NEW_DEFAULT = 5
'To define last column to delete
LAST_COL_DEL = 3
'To set title
Range("D1").Value = "ID"
Range("E1").Value = "Value 1"
Range("F1").Value = "Value 2"
Range("G1").Value = "Value 3"
'To read line by line until last cell that has value
For i = 2 To LAST_ROW
'To get current ID and Value
CURR_ID = Cells(i, 1).Value
CURR_VALUE = Cells(i, 2).Value
'If current ID is same with previous ID
If CURR_ID = TEMP_ID Then
'To increase column number to store new value
COL_VL_NEW = COL_VL_NEW + 1
'To copy the value to cell
Cells(ROW_ID_NEW, COL_VL_NEW).Value = CURR_VALUE
'If new ID found
Else
'To replace previous ID with current ID
TEMP_ID = CURR_ID
'To reset column number to store new value
COL_VL_NEW = COL_VL_NEW_DEFAULT
'To increase row number to store new ID
ROW_ID_NEW = ROW_ID_NEW + 1
'To set current ID and Value
Cells(ROW_ID_NEW, COL_ID_NEW).Value = CURR_ID
Cells(ROW_ID_NEW, COL_VL_NEW).Value = CURR_VALUE
End If
Next i
'To delete unnecessary columns
For i = 1 To LAST_COL_DEL
Columns(1).EntireColumn.Delete
Next i
End Sub
Popular posts from this blog
Remote Desktop Protocol (RDP) Security
Common Remote Desktop Protocol (RDP) Vulnerabilities Terminal Services Encryption Level is Medium or Low Microsoft Windows Remote Desktop Protocol Server Man-in-the-Middle Weakness Terminal Services Doesn't Use Network Level Authentication (NLA) Only Terminal Services Encryption Level is Medium or Low Vulnerability Assessment: Host Assessment: Remediation: Local Computer Policy/Computer Configuration/Administrative Templates/Windows Components/Remote Desktop Services/Remote Desktop Session Host/Security/Set client connection encryption level Set client connection encryption level to High Note: High: The High setting encrypts data sent from the client to the server and from the server to the client by using strong 128-bit encryption. Use this encryption level in environments that contain only 128-bit clients (for example, clients that run Remote Desktop Connection). Clients that do not support this encryption level cannot connect to RD S...
Penetration Testing - Network
Manual Vulnerability Assessment TCP/21: FTP Anonymous FTP Enabled anonymous guest TCP/22: SSH nmap -p 22 --script ssh2-enum-algos <ip_address> SSH Weak Algorithms Supported SSH Server CBC Mode Ciphers Enabled ssh -oCiphers=<ciphers> <ip_address> SSH Weak MAC Algorithms Enabled ssh -oMACs=<algorithm> <ip_address> SSH Protocol v1 Supported ssh -1 <ip_address> -v Hardening on SSH Ciphers aes256-ctr,aes192-ctr,aes128-ctr MACs hmac-sha2-512-etm@openssh.com,hmac-sha2-256-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-512,hmac-sha2-256,umac-128@openssh.com TCP/23: Telnet Unencrypted Telnet Server telnet <ip_address> 23 TCP/25: SMTP SMTP Service Cleartext Login Permitted telnet <ip_address> 25 EHLO <ip_address> AUTH LOGIN Mailserver answer to VRFY and EXPN requests * nc <ip_address> 25 EXPN root VRFY root TCP/53: DNS DNS Server Cache Snooping Remote Information Disclosure ...
Damn Vulnerable Web Services (DVWS) - Walkthrough
Installation Damn Vulnerable Web Services (DVWS) is an insecure web application with multiple vulnerable web service components that can be used to learn real world web service vulnerabilities. https://github.com/snoopysecurity/dvws WSDL Enumeration Spider DVWS using Burp Suite and look for service.php Requests processed by SOAP service include check_user_information , owasp_apitop10 , population and return_price XPATH Injection User Login: 1' or '1'='1 User Password: 1' or '1'='1 Command Injection Original Request parameter value of name is " find " by default Edited Request change the parameter value of name from "find" to " dir " Cross Site Tracing (XST) Hint of " The NuSOAP Library service is vulnerable to a Cross-site scripting flaw " is given by DVWS. Exploit is published at exploit DB ( https://www.exploit-db.com/e...
Server Message Block (SMB) Security
Common SMB related vulnerabilities Microsoft Windows SMBv1 Multiple Vulnerabilities SMB Signing Disabled Microsoft Windows SMB NULL Session Authentication Microsoft Windows SMB Shares Unprivileged Access Network Discovery: TCP port 5357 - Web Services on Devices API (WSDAPI) File and Printer Sharing: TCP port 135 - Remote Procedure Call (RPC) TCP port 139 - NETBIOS Session Service TCP port 445 - Server Message Block (SMB) By disable NetBIOS over TCP/IP (TCP Port 139), NETBIOS name discovery will be prevented Microsoft Windows SMBv1 Multiple Vulnerabilities Vulnerability Assessment: NSE script smb-protocols can be used to check if the server supported NT LM 0.12 (SMBv1) . Host Assessment: Get-ItemProperty HKLM:\SYSTEM\CurrentControlSet\Services\LanmanServer\Parameters | ForEach-Object {Get-ItemProperty $_.pspath} Remediation: Set-ItemProperty -Path "HKLM:\SYSTEM\CurrentControlSet\Services\LanmanServer\Parameters...
Offensive Security Testing Guide
This cheat sheet compiles the commands we learned to exploit vulnerable machines. However, these commands alone may not be sufficient to obtain your Offensive Security Certified Professional (OSCP) certification. So... Try Harder! Information Gathering Operating System Windows Interesting Path "Documents and Settings"/Administrator/Desktop file:///C:/xampp/readme_en.txt file:///C:/xampp/passwords.txt file:///C:/xampp/webdav/webdav.txt file:///C:/xampp/apache/conf/extra/httpd-dav.conf file:///C:/xampp/apache/conf/extra/httpd-xampp.conf file:///C:/xampp/apache/logs/access.log file:///C:/xampp/apache/logs/error.log file:///C:/xampp/security/webdav.htpasswd file:///C:/xampp/htdocs/dashboard/phpinfo.php file:///C:/xampp/phpmyadmin/config.inc.php file:///C:/xampp/php/logs/php_error_log file:///C:/xampp/mysql/bin/my.ini C:\Users\<User>\AppData\Local\Temp #Email Address C:\Users\<User>\AppData\Local\Microsoft\Outlook Active Connection netstat -...
Host Configuration Assessment - Windows
OS Information Gathering systeminfo wmic computersystem get domainrole 0 - Standalone workstation 1 - Member workstation 2 - Standalone server 3 - Member server 4 - Domain controller secedit /export /cfg cfg.ini > nul net user administrator > netuseradmin.txt auditpol.exe /get /category:* > auditpol.txt netsh advfirewall show allprofiles > firewall.txt net accounts > netaccount.txt gpresult /f /h evid/gporesult.html > nul accesschk /accepteula -q -a * > accesschk.txt *Simplify the process with Scgary ! User Right Assignment type cfg.ini | grep "^SeAuditPrivilege\|^SeCreatePagefilePrivilege\|^SeRemoteShutdownPrivilege\|^SeRemoteInteractiveLogonRight\|^SeEnableDelegationPrivilege\|^SeLockMemoryPrivilege\|^SeDenyNetworkLogonRight\|^SeChangeNotifyPrivilege\|^SeDebugPrivilege\|^SeDenyBatchLogonRight\|^SeCreateGlobalPrivilege\|^SeShutdownPrivilege\|^SeIncreaseQuotaPrivilege\|^SeTrustedCredManAccessPrivilege\|^SeDenyIn...
Web Server Hardening - Apache Tomcat
Reference: https://tomcat.apache.org/tomcat-8.0-doc/security-howto.html 1. Remove Extraneous Resources Removing sample resources C:\xampp\Tomcat\webapps\docs C:\xampp\Tomcat\webapps\examples Removing Manager Application if not using C:\xampp2\Tomcat\webapps\host-manager C:\xampp2\Tomcat\webapps\manager C:\xampp2\Tomcat\conf\Catalina\localhost\manager.xml Disable unused Connector C:\xampp2\tomcat\conf\server.xml cat server.xml | grep "Connector" 2. Limit Server Platform Information Leaks Alter the Advertised server information Audit: cd $CATALINA_HOME/lib jar xf catalina.jar org/apache/catalina/util/ServerInfo.properties grep server.info org/apache/catalina/util/ServerInfo.properties Remediation: server.info=<SomeWebServer> server.number=<someversion> server.built= Disable X-Powered-By HTTP Header and Rename the Server Value for all Connectors Turn off TRACE Affected file: $CATALINA_HOME/conf/server.xml Remediation:...
Content Page
The Cheat Sheets offer a variety of information security cheat sheets on various security assessments and provides code to simplify testing and verification processes. Penetration Testing Network CMS - WordPress Mobile - Android Mobile - iOS Web Service (API) Security Damn Vulnerable Web Services - Walkthrough OWASP Series 2017 A1 Injection 2017 A3 Sensitive Data Exposure 2017 A4 XML External Entities (XXE) 2017 A6 Security Misconfiguration 2017 A7 Cross-Site Scripting (XSS) 2017 A8 Insecure Deserialization Configuration Assessment Windows Linux Network Device Web Server Hardening Apache PHP MySQL SSL Security Database Assessment Oracle PostgreSQL Database Assessment Tool Host Device Hardening Server Message Block (SMB) Security Remote Desktop Protocol (RDP) Security Social Engineering Social Engineering Testing - Phishing Email Security Malware Exploitation using Shell Post Exploitation Physical ...
Mobile Penetration Testing - Android
Testing Environment Android Emulator Geny Motion: https://www.genymotion.com/fun-zone/ Android Debug Bridge (ADB) C:\Users\<User>\AppData\Local\Android\Sdk\platform-tools adb -s <specific device> shell #Specific Device adb -d shell #Device adb -e shell #Emulator Basic ADB command adb install <apk file> adb pull <location> adb push <file> <location> Basic Linux command cat /proc/version #Kernel version cat /proc/cpuinfo #Processor Information ps #Processes cat /system/etc/permissions/platform.xml #Permission and GID Information Gathering Retrieve APK file from Device (Recommended) adb shell pm list packages pm path <package> adb pull <apk path> Retrieve APK file from Internet https://apkpure.com To check the certificate information keytool -printcert -file CERT.RSA #C:\Program Files\Java\jre1.8.0_131\bin\keytool.exe Android Manifest Analysis 1. Activity, Service, Content Provider, Broadcast ...
Penetration Testing with OWASP Top 10 - 2017 A7 Cross-Site Scripting (XSS)
XSS flaws occur whenever an application includes untrusted data in a new web page without proper validation or escaping, or updates an existing web page with user-supplied data using a browser API that can create HTML or JavaScript. XSS allows attackers to execute scripts in the victim's browser which can hijack user sessions, deface web sites, or redirect the user to malicious sites. DOM-Based XSS Proof of Concept <html> <head> <title>DOM-based Cross-site Scripting</title> </head> <body> Hi, <script> var pos = document.URL.indexOf("name=")+5; //finds the position of value var userInput = document.URL.substring(pos,document.URL.length); //copy the value into userInput variable document.write(unescape(userInput)); //writes content to the webpage </script> </body> </html> XSS Validation Bypass <Script>alert(1)</script> <script<script>>alert(1)</script> <svg onload=...