Skip to content

Instantly share code, notes, and snippets.

View ByteReaper's full-sized avatar

ByteReaper

0 followers · 1 following
View GitHub Profile
@ByteReaper
ByteReaper / Stapler_FTP_Anon.txt
Created June 24, 2016 19:37
Stapler_FTP_Anon.txt
root@lulb0x:~# ftp 192.168.153.142
Connected to 192.168.153.142.
220-
220-|-----------------------------------------------------------------------------------------|
220-| Harry, make sure to update the banner when you get a chance to show who has access here |
220-|-----------------------------------------------------------------------------------------|
220-
220
Name (192.168.153.142:root): Anonymous
331 Please specify the password.
@ByteReaper
ByteReaper / Stapler_NMAP.txt
Created June 24, 2016 19:32
Stapler_NMAP.txt
Nmap scan report for Red.Initech (192.168.153.142)
Host is up (0.00023s latency).
Not shown: 65523 filtered ports
PORT STATE SERVICE
20/tcp closed ftp-data
21/tcp open ftp
22/tcp open ssh
53/tcp open domain
80/tcp open http
123/tcp closed ntp
@ByteReaper
ByteReaper / Stapler_NetDiscover.txt
Created June 24, 2016 19:25
Stapler_NetDiscover.txt
Currently scanning: 192.168.153.0/24 | Screen View: Unique Hosts
3 Captured ARP Req/Rep packets, from 3 hosts. Total size: 180
_____________________________________________________________________________
IP At MAC Address Count Len MAC Vendor / Hostname
-----------------------------------------------------------------------------
192.168.153.1 00:50:56:c0:00:01 1 60 VMware, Inc.
192.168.153.142 00:0c:29:8b:3c:14 1 60 VMware, Inc.
@ByteReaper
ByteReaper / gist:27a6852668dcbc8cb9fd295b917565fc
Created June 6, 2016 20:21
Sidney_Flag
``````````````````````````````````````
``````````````````````````````````
}CONGRATULATIONS! }
}
``````````````````````````````````
``````````````````````````````````````
TI
(60
0: G
TI
@ByteReaper
ByteReaper / gist:42fad98b872addb15a583e51b3b5f7aa
Created June 6, 2016 20:17
Sidney_cracked zip
root@kali:~/Downloads# fcrackzip -D -p /usr/share/wordlists/rockyou.txt -uv flag.zip
found file 'flag.d64', (size cp/uc 3923/174848, flags 9, chk 9be5)
checking pw budayday
PASSWORD FOUND!!!!: pw == 38911
@ByteReaper
ByteReaper / gist:0adef943968e10ba0bc9916dd7edc0f5
Created June 6, 2016 20:14
Sidney_rabbit_hole
root@sidney:~/.commodore64# ls -lah
ls -lah
total 12K
dr-------- 3 root root 4.0K May 24 21:02 .
drwx------ 3 root root 4.0K Jun 6 16:24 ..
dr-------- 3 root root 4.0K May 24 21:01 .miami
root@sidney:~/.commodore64# cd .miami
cd .miami
root@sidney:~/.commodore64/.miami# ls
ls
@ByteReaper
ByteReaper / gist:d94e80490d84827b84509ae3b5551391
Created June 6, 2016 20:09
Sidney_root_dir_ls-lah
root@sidney:~# ls -lah
ls -lah
total 88K
drwx------ 3 root root 4.0K Jun 6 16:24 .
drwxr-xr-x 23 root root 4.0K May 31 20:39 ..
-rw------- 1 root root 584 Jun 6 16:24 .bash_history
-rw-r--r-- 1 root root 3.1K Oct 22 2015 .bashrc
dr-------- 3 root root 4.0K May 24 21:02 .commodore64
-rw-rw-r-- 1 rhubbard rhubbard 61K May 24 21:27 hint.gif
-rw-r--r-- 1 root root 148 Aug 17 2015 .profile
@ByteReaper
ByteReaper / gist:6371b206e2a3a3ded0e1ed90710b0f0b
Created June 6, 2016 20:08
Sidney_R00t_Access
root@sidney:/# id;cat /etc/shadow
id;cat /etc/shadow
uid=0(root) gid=0(root) groups=0(root)
root:!:16944:0:99999:7:::
daemon:*:16911:0:99999:7:::
bin:*:16911:0:99999:7:::
sys:*:16911:0:99999:7:::
sync:*:16911:0:99999:7:::
games:*:16911:0:99999:7:::
man:*:16911:0:99999:7:::
@ByteReaper
ByteReaper / gist:ad45f0328d18aa98e7fd455b715270c5
Created June 6, 2016 20:06
Sidney_rhubbard_sudo_-l
rhubbard@sidney:/$ sudo -l
sudo -l
[sudo] password for rhubbard: mos6518
Matching Defaults entries for rhubbard on sidney.example.com:
env_reset, mail_badpass,
secure_path=/usr/local/sbin\:/usr/local/bin\:/usr/sbin\:/usr/bin\:/sbin\:/bin
User rhubbard may run the following commands on sidney.example.com:
(ALL : ALL) ALL
@ByteReaper
ByteReaper / gist:4e72aa24d362e345550702252b3b3df0
Created June 6, 2016 20:00
Sidney_fullshell
$ python3.5 -c "import pty;pty.spawn('/bin/bash');"
www-data@sidney:/$ _