You might want to read this to get an introduction to armel vs armhf.
If the below is too much, you can try Ubuntu-ARMv7-Qemu but note it contains non-free blobs.
First, cross-compile user programs with GCC-ARM toolchain. Then install qemu-arm-static so that you can run ARM executables directly on linux
If there's no qemu-arm-static in the package list, install qemu-user-static instead
| #!/usr/bin/python3 | |
| # | |
| # CVE-2018-10993 libSSH authentication bypass exploit | |
| # | |
| # The libSSH library has flawed authentication/connection state-machine. | |
| # Upon receiving from connecting client the MSG_USERAUTH_SUCCESS Message | |
| # (as described in RFC4252, sec. 5.1.) which is an authentication response message | |
| # that should be returned by the server itself (not accepted from client) | |
| # the libSSH switches to successful post-authentication state. In such state, |
| #Start postgres | |
| root@kali ~# systemctl start postgresql | |
| #Start metasploit database | |
| root@kali ~# msfdb init | |
| #Start metasploit framework | |
| root@kali ~# msfconsole | |
| #Iniciado o Metasploit |
| # See http://help.ubuntu.com/community/UpgradeNotes for how to upgrade to | |
| # newer versions of the distribution. | |
| deb http://us.archive.ubuntu.com/ubuntu/ bionic main restricted | |
| # deb-src http://us.archive.ubuntu.com/ubuntu/ bionic main restricted | |
| ## Major bug fix updates produced after the final release of the | |
| ## distribution. | |
| deb http://us.archive.ubuntu.com/ubuntu/ bionic-updates main restricted | |
| # deb-src http://us.archive.ubuntu.com/ubuntu/ bionic-updates main restricted |
| Target: | |
| { | |
| "alg": "HS256", | |
| "typ": "JWT" | |
| } | |
| { | |
| "sub": "1234567890", | |
| "name": "John Doe", | |
| "iat": 1516239022 |
| #!/bin/bash | |
| # Converter.sh by @xdavidhu | |
| # This is a script inspired by the Bug Hunter's Methodology 3 by @Jhaddix | |
| # With this script, you can convert domain lists to resolved IP lists without duplicates. | |
| # Usage: ./converter.sh [domain-list-file] [output-file] | |
| echo -e "[+] Converter.sh by @xdavidhu\n" | |
| if [ -z "$1" ] || [ -z "$2" ]; then | |
| echo "[!] Usage: ./converter.sh [domain-list-file] [output-file]" | |
| exit 1 |
I tested the setup on Debian Stretch (naive installation) and Jessie (LinuxGSM installation). The setup should work on Debian 8 (Jessie), Debian 9 (Stretch) and Ubuntu (16.04). However, If you're running on Windows or other non-debian based Linux OS (e.g. CentOS, openSUSE), this guide doesn't apply to you.
I'm hosting FFA warm-up and HvH(soon) servers in San Francisco, welcome to join by:
IPv4: 159.89.154.137
Ipv6: 2604:a880:2:d0::20ad:2001
| #!/bin/sh | |
| WEBHOOK_URL="put your url here" | |
| PING="<@put your user id here>" | |
| MESSAGE="$PING reminder" | |
| JSON="{\"content\": \"$MESSAGE\"}" | |
| curl -d "$JSON" -H "Content-Type: application/json" "$WEBHOOK_URL" |
| #Code for bruteforcing a UUID for pentesterlab's MongoDB injection exercise. | |
| import cookielib, urllib2, urllib | |
| from bs4 import BeautifulSoup | |
| found = "" | |
| potentialChar = ["0","1","2","3","4","5","6","7","8","9","a","b","c","d","e","f","-"] | |
| while True: |