- Software: https://roundcube.net/
- Versions: 1.1.0 - 1.1.9, 1.2.0 - 1.2.6, 1.3.0 - 1.3.2
- CVE: CVE-2017-16651
- Author: Thomas Bruederli
- Release date: 2017-11-09
Roundcube Webmail allows unauthorized access to arbitrary files on the
#Code for bruteforcing a UUID for pentesterlab's MongoDB injection exercise. | |
import cookielib, urllib2, urllib | |
from bs4 import BeautifulSoup | |
found = "" | |
potentialChar = ["0","1","2","3","4","5","6","7","8","9","a","b","c","d","e","f","-"] | |
while True: |
Roundcube Webmail allows unauthorized access to arbitrary files on the
#!/usr/env/sh | |
IP_FILE=${1:-ips.txt} | |
NUM_TARGETS=${2:-100} | |
IPS=$(sudo nmap -n -sS -iR ${NUM_TARGETS} -Pn -T5 -iL ${IP_FILE} -p23 -vvv | grep Discovered | awk '{print $6}') | |
if [[ $IPS ]]; then | |
echo $IPS | tee -a results.txt | |
for i in $IPS; do telnet $(echo $IPS | head -n1); done |
Software required:
After installation and putting the youtube-dl
in PATH
youtube-dl --username YOUR_USERNAME --password YOUR_PASSWORD --all-subs https://app.pluralsight.com/library/courses/javascript-development-environment -o "~/video/%(playlist)s/%(chapter_number)s. %(chapter)s/%(playlist_index)s. %(title)s.%(ext)s" --sleep-interval 10
# PowerView's last major overhaul is detailed here: http://www.harmj0y.net/blog/powershell/make-powerview-great-again/ | |
# tricks for the 'old' PowerView are at https://gist.github.com/HarmJ0y/3328d954607d71362e3c | |
# the most up-to-date version of PowerView will always be in the dev branch of PowerSploit: | |
# https://github.com/PowerShellMafia/PowerSploit/blob/dev/Recon/PowerView.ps1 | |
# New function naming schema: | |
# Verbs: | |
# Get : retrieve full raw data sets | |
# Find : ‘find’ specific data entries in a data set |
import requests | |
import sys | |
import json | |
def waybackurls(host, with_subs): | |
if with_subs: | |
url = 'http://web.archive.org/cdx/search/cdx?url=*.%s/*&output=json&fl=original&collapse=urlkey' % host | |
else: | |
url = 'http://web.archive.org/cdx/search/cdx?url=%s/*&output=json&fl=original&collapse=urlkey' % host |
First, learn JSON. It's not programming language, not even close. Just follow syntax rules and you will be fine.
#if u have the root password which default is "alpine" | |
1.login as root, using command "ssh root@ip address" | |
2.type ur password: alpine | |
3.type command "passwd" to change ur root password | |
4.when it is done, type command "passwd mobile" to change the mobile passwd | |
#if u forget ur root passwd | |
1.open the file named "master.password" at /private/etc on ur jailbreak ios device | |
2.find the string like this: | |
root:xxxxxxxxxxxxx:0:0::0:0:System Administrator:/var/root:/bin/sh |
function remove-docker-containers | |
echo "Stop running shit" | |
docker stop (docker ps -q) | |
echo "Remove the whale shit" | |
docker rm (docker ps -a -q) | |
end | |
function remove-docker-images | |
remove-docker-containers |
[SM] Listing 77 plugins: | |
01 "Fun Votes" (1.8.0.5928) by AlliedModders LLC | |
02 "Fun Commands" (1.8.0.5928) by AlliedModders LLC | |
03 "SM Jailed Reasons" (v1.0) by Franc1sco steam: franug | |
04 "Hook Grab Rope" (1.1.5) by Sheepdude, SumGuy14 | |
05 "Custom Player Skins (Core)" (1.3.4) by Mitchell, Root | |
06 "Pahan (PRIVATE)" (1.0) by R1KO | |
07 "Disable HUD money" (1.0) by Pheonix (‰7Феникс7‰) | |
08 "Disable Radar" (1.2) by Internet Bully | |
09 "Sound Commands" (1.8.0.5928) by AlliedModders LLC |